I will follow tradition, which is, rather than lurk and be thought a
fool, post and remove all doubt (see redundant internet connections,
I first sent this to fwtk-users. Ooops.
Since someone from TIS replied to the previous message (below):
"You know nothing about this then. Be happy to educate you, but your
posting makes it clear that you didn't read our explanations or we
didn't write them well enough. NO keys are ever stored. "
I would like someone from TIS explain in plain language what CKE does, if
it doesn't store encryption key in escrow? Simply, you know, like
'CKE for idiots', 'CKE for congress members', 'CKE for CEOs', or
'CKE for harried sys admins'.
BTW - I did read http://www.tis.com/crypto/cke.html. Very lengthy.
Excerpt from http://www.tis.com/crypto/cke/info/drcds396.html#anchor172960
"The Data Recovery Center (DRC) is the "safe hiding place" for the
DRC private keys used to unlock DRFs for emergency access to
encrypted messages or files. It maintains a database of registered
users, including their authentication codes. It is also where the user,
his/her corporation, or his/her government can go to obtain the session
key needed to unlock a file in the event the original session key
Previous message follows (previously to fwtk-usres):
CKE gets the big raspberry!
CKE is automated compromise of encrypted data.
As an ex-crypto person, the only way a crypto key is secure is when only the
sender and receiver possess it, and they destroy that key after it has been
used. The fact that any other person has access to that key compromises that
key and any data transmitted with it.
If I understand TIS's CKE/DRC concept correctly, a corporation which chooses
to use encrypted links must give an internationally authorized Data Recovery
Center keys to all encrypted, transmitted corporate data. This means not only
the dark forces within our government can get the keys to corporate secrets,
but also dark forces within foreign governments can do the same!
Standard intelligence procedure is to record and store traffic for later
analysis/decryption. If a foreign key is compromised (usually by human error,
or HUMIT - human intelligence), the stored data can later be decrypted. For
security, keys need to be changed and destroyed often, like passwords, and
frequency of change is dependent on the level of secrecy required. Old keys
must then be destroyed, otherwise in the event a key is lost, all data sent
with the old key is assumed compromised. In the NSA, the loss of a used
crypto key is disastrous, however the compromise of unused keys is no big deal
(if you know it's been compromised, you'll never use it).
The ONLY secure way encrypted links will work is to give corporations the
ability to generate their own long encryption keys for symmetric encryption,
and change these keys on a daily basis. The issue for discussion then should
be is Key Distribution, do you send the new key via courier or other very
secure electronic mode? The highest form of encryption is to use one very
long key, for ONE-time use only, and to destroy it!
I am one (I hope of the majority) which is convinced that our corporate
messages and data are none of any governments' business. Requiring a
company with encrypted links to maintain keys in a DRC is horrifying.
None of what I do is the business of any country, ditto for what people
do in my company overseas. A misguided agent within the government can
cause more damage to a corporation or individual than a hacker or
criminal could ever dream.
/*Going off tangent*/
Having said that, I had a completely different viewpoint once. The tactical
name of the game for old associates who were in Special Ops/Psychological
Ops was to influence a populations' opinions (foreign AND domestic). The best
way to benchmark where you are, is to monitor (survail communications of) the
target population. You test a psychological operation plan by sending inputs
(news/stories/PR/etc) into the public, watch the reaction, go back and
your input until you get the desired output (votes, self-serving laws, etc).
Psychological operations exist by the way, to manipulate your and my opinions
and thoughts for a stated goal. Not being able to influence or monitor the
thoughts of a group of people was the problem to dwell on back then.
The strategic methods for this are not earth shattering. Standard
procedure for the Pentagon is to run computerized war simulations, and the
intelligence agencies likewise run foreign political/economic/social
simulations (why else do you think they buy such major quantities of
supercomputers for, science?). The Federal Reserve bank (not really a
government entity) also runs economic simulations constantly. Other agencies
also do the same for domestic economic/political/social simulations.
output is then manipulated, strategic plans are created, then made
'programizing' the plan. The last thing they want is to lose their ability to
monitor traffic content. In this manner systems which 'grep' content of
voice/data traffic streams for keyphrases are not 'really' tapping an
individual's line, but 'only' the flow of communication.
/*Going WAY off tangent - personal opinions follow*/
Centralization of power is one obvious strategic goal, notice the 'war' on
various vices over the last 20 years, creating confiscation laws, strong
anti-gun laws, desire to track all transactions, and the migration
of police/law/military combat power from states to feds and above
(NATO?). Our military is also used more and more as a police force
in conjunction with multinational forces. Eventually it gets hard
to coordinate enforcement when something is illegal in one country
and legal in another (i.e.; obscenity laws). Eventually I think there
will be a desire to 'globalize' or standardize laws and individual
rights for ease of enforcement. Various National Constitutions would
then get in the way and would have to be compromised. Including ours.
But I'm sure this will be made palatable by the efforts of our Psychological
operations. As Hume once said (as I've also seen on another persons 'sig'
line), "It is seldom that liberty of any kind is lost all at once."
/*End of tangents */
William B. Stout
Senior Systems Administrator
Hitachi Data Systems
Open Systems Center
Santa Clara, California