DTI Policy Response

Tue, 28 Apr 98 13:07:17 -0500

-----BEGIN PGP SIGNED MESSAGE-----

In <3.0.3.32.19980428095917.00ab5500@cybercash.com>, on 04/28/98 
   at 08:59 AM, Carl Ellison <cme@cybercash.com> said:

>At 07:21 AM 4/28/98 -0500, Brown, R Ken wrote:
>>compulsory infrastructure-based key-recovery GAK. In fact it rules it out
>>for private users and unlicensed providers. To my non-lawyerly mind it says:
>>"if you have an encrypted message that we think is evidence, and  you don't
>>tell us what it says when we ask you, then we will put you in prison". 

>So what happens when I send you a block of random numbers, base64
>encoded?

>Do I get put on the rack until I reveal the key?

A while back I had made a proposal on the coderpunks mailing list for the
development of a crypto dongle. This would be a self-contained piece of
hardware that contained enough memory to store several encryption keys.
The user would attach this device to his computer so he can do whatever
encryption/decryption was needed and then remove it when he was done (I
originally envisioned attaching through the parallel port similar to copy
protection dongles).

The key to this device is it would have a "panic button" on it that would
wipe it's memory at a moments notice. It was key that the device be able
to destroy the contents of it's memory without any external power or
equipment.

So when your LEA's are knocking on your door with a battering ram at 3am
security is only a push button away. :)

- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://users.invweb.net/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://users.invweb.net/~whgiii/pgp.html
- ---------------------------------------------------------------

Tag-O-Matic: Why look thru Windows? Open the door to the future: OS/2