LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Blaze: Key escrow from a safe distance

[Posted November 1, 2011 by corbet]

Mat Blaze has published a look back at the clipper chip controversy [PDF] for an upcoming conference. It is a good retrospective of a crucial moment in the crypto wars. "And so even before the Web became synonymous with the Internet, before a single bit of encrypted SSL traffic was generated, lines were being drawn for what would become an epic battle that would preoccupy a generation of cryptographers. (And it was a bad time for that community to be preoccupied; this was the same time that the basic foundations of the of web and other critical communications technologies were designed and put into place. We've been living with the security, or lack of security, built in to that infrastructure ever since)."
(Log in to post comments)

Blaze: Key escrow from a safe distance

Posted Nov 2, 2011 19:33 UTC (Wed) by jmah (subscriber, #80103) [Link]

Just wanted to say that this was a great, easy read.

Blaze: Key escrow from a safe distance

Posted Nov 3, 2011 4:16 UTC (Thu) by PO8 (guest, #41661) [Link]

This is a great paper. However, my inner conspiracy theorist fears Blaze may be missing one of the goals of the Clipper program in his conclusion.

Blaze notes that key escrow was ultimately unworkable, but that the fight over key escrow diverted a generation of crypto and security specialists from properly securing the fundamental protocols of the modern Internet (at least to some degree). I can't help but wonder if that was Plan B all along...

Blaze: Key escrow from a safe distance

Posted Nov 3, 2011 6:17 UTC (Thu) by pr1268 (subscriber, #24648) [Link]

You raise an interesting point with that. Of course, it seems outlandish, even grossly wasteful, to have AT&T spend lots of R&D money on a flawed wiretapping protocol and its hardware and (presumably) lots of marketing money convincing the U.S. government to actually buy the TSD. But I don't disagree with you. (I've been known to entertain conspiracy theories every now and then.)

After reading §2.3 of Blaze's paper, my respect for AT&T's Bell Labs just went up a few notches. Talk about integrity.

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds