Hacker News new | past | comments | ask | show | jobs | submit login

Wouldn't just having a second key which the government keeps in escrow in case they need to decrypt a message achieve exactly what you are saying is impossible?

Others have already pointed out the problems of who has access to that key, I'll simply point out that the system would potentially collapse under its own weight. If there is a single master key then it's a huge risk. If that risk is recognized and there's a way to invalidate and replace that master key then suddenly you have an entire additional infrastructure of communications for key replacement that has to be in place. If you have multiple separate keys generated at the initiation of each encrypted communication, then there has to be a separate secure infrastructure for transmission of the additional key to some government entity. As a side note that potentially secure infrastructure by law probably has to have the same key sharing requirements. You also run into problems with things like embedded systems, and if you don't think that's a problem look back at the problems in the networking stack used in vxworks and other embedded systems that are in the field and effectively unpatchable.

Edit: ipnet, URGENT/11, https://www.bleepingcomputer.com/news/security/urgent-11-vxw...

Edit2: I forgot to mention, this is an all or nothing decision. If you're mandating this it has to apply to ALL communications or you end up with things shifting channels. Banking transactions? Master key. Medical patient portals? Master key. VPN to the office? Master key. Any secure website connection? Master key. You likely have to make using any non keyed encryption illegal with severe penalties, and you have to devise a system in which it's possible to identify encrypted communications not encrypted with that key without that key being available.






Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: