There is a significant
risk that widespread insertion of government-access key recovery systems into
the information infrastructure will exacerbate, not alleviate, the potential for
crime and information terrorism. Increasing
the number of people with authorized access to the critical infrastructure and
to business data will increase the likelihood of attack, whether through technical
means, by exploitation of mistakes or through corruption. Furthermore,
key recovery requirements, to the extent that they make encryption cumbersome
or expensive, can have the effect of discouraging or delaying the deployment
cryptography in increasingly vulnerable computing and communications networks.
costs and risks of key recovery, particularly when deployed on the scale desired
by law enforcement, are very substantial. The onus is on the advocates of key
recovery to make the case that the benefits outweigh these substantial risks and
eminent cryptographers and scientists; The
Risks of Key Recovery, Key Escrow, & Trusted Third Party Encryption, 1998.
Key recovery systems are designed to enable encrypted communications
to be read by an authorized third party.
As described in the previous sections, governments
are powerfully motivated to be able to intercept communications in order to
help control crime and protect their national security. The uncontrolled, widespread
deployment of strong encryption significantly prevents them from achieving
this goal. Since the release of PGP,
the US, UK, and other governments invested a lot of effort in trying to
put the encryption cat back in the bag through implementation
of key recovery systems, but the effort petered out as the rate of technology
change outstripped the policy effort.
Key recovery systems require vendors of encryption software to add a "key
recovery" mechanism that maintains normal security in usual use, but can
be turned on by the government to decrypt your communications through a back
door (sometimes called "trap door") when authorized.
Key recovery systems use a "third key", in addition to the public
and private keys usually employed by Public Key
Cryptography. This third key is typically kept in escrow with a third-party
government or arms-length organization, and can be used to decrypt your communications
when released to the authorities. The requirements for release of these keys
varies from country to country, from almost no oversite at all, to the requirement
to obtain a court order from a judge.
Naturally, key recovery is a controversial issue, pitting the needs of the
national community against the rights of the individual. So the balance will
always be a matter of debate. A summary of the arguments on each side can be
- For. We can't give criminal and terrorist organizations world-wide,
completely secure communications to conduct their destructive work. Police
don't have the time or interest to read your email admission that you stole
a pen from work, but need every edge they can get against the really bad
- Against. Public key cryptography is a mathematical idea,
like the equation that says that the area of a circle is equal to pi times the radius
squared. The idea is part of the universe, and shouldn't be monopolized by
any one group, especially the disproportionately powerful state. This is
an issue of freedom of speech, and a presumably
innocent individual should have the right to engage in any type of speech,
including unbreakably encrypted speech.
The Key Recovery Alliance (originally at KRA.org) was an industry organization
of 30 international companies that supported key recovery, including the leading
Security, but it disbanded in 1999 under pressure from civil rights groups.
Individual countries such as the US and UK have since moved to try and implement
key recovery systems on their own.
In 1998, an eminent group of Cryptographers and Computer Scientists published
the influential report The
Risks of Key Recovery, Key Escrow, & Trusted Third Party Encryption,
which helped slow the government push.