Abstract

In August 1993, NIST announced [NIST] a cooperative program with industry to explore the possibilities of performing key escrow cryptog-raphy using software-only techniques. The purpose of that program was to determine if there were alternatives to the requirements for hardware implementation of the US government's Clipper initiative. ¹ The major deficiency ascribed to key escrow techniques when they are implemented solely in software is that they can be bypassed or subverted relatively easily and thus cannot be relied upon to meet the objectives of law enforcement that motivate the Clipper Initiative. Further, no technique has been proposed that addresses the issues associated with the implementation of a classified encyption algorithm, such as the Skipjack algorithm embodied in the Clipper chip, in a widely used software product.
Key escrow cryptography has been a controversial topic since it was proposed in 1993. We believe that it is most likely to be accepted for use outside of government if it is authorized by legislation that sets forth the circumstances under which keys may be released and the sanctions for abuse of the escrow process. Even if the policy issues associated with key escrow are resolved, however, we believe that the close coupling of key escrow with encryption hardware will remain a significant deterrent to its use. For that reason, we have explored the need for hardware support to key escrow and the possibilities of soft-ware implementation.

Date

2012

Authors

David M Balenson, Carl M Ellison, Steven B Lipner, Stephen T Walker

Journal

Building in Big Brother: The Cryptographic Policy Debate

Pages

180

Publisher

Springer Science & Business Media