Time for old magic in the debate on CCDP
Dateline: the late 1990s; in the USA and UK there is fear and debate over development of new technology which renders moot the “existing capability” of Government agencies to intercept internet communication – thereby risking intelligence (even that which cannot be described in court for security reasons) being lost to the crime-fighting forces of good.
This was not CCDP though, this was Mandatory Key Escrow and constituted an early salvo in the Crypto Wars.
To analogise in modern parlance: the FBI (in the USA) wanted all HTTPS / SSL connections to be wiretappable, and to that end wanted to mandate that all cryptography use a particular algorithm which provided “trustworthy agencies” with cheap and easy decryption backdoors – ones that would only ever be used in pursuit of fighting crime – honest.
Such analogy can only ever be imprecise because technology has so massively morphed – SSL barely existed in 1995 but we now use encryption almost everywhere rather than just Voice-over-IP (VOIP) which the US Government initially targeted. Also: the great increase in CPU-power available to an average device has rendered the concept of a hardware crypto-chip defunct except for certain exotic keystore purposes.
So what happened in the many years after the Key Escrow debate?
…read more, or comment at Unscrewing Security
Leave a Reply