How are spoof decryptions prevented?
David Parkinson
dparkins at alien.bt.co.uk
Tue, 03 Aug 1999 10:23:31 +0100
At 05:35 PM 02-08-99 +0100, Tom.A.Parker@icl.com wrote:
>This may seem unduly simple minded, but in a situation where enforcement to
>provide clear text is imposed upon me, how would the LEA know that I did the
>decryption truly, rather than substitute some censored alternative?
>Presumably they would wish to see me going through the decryption process
>itself, or have some other contextual evidence that would assure them - not
>always either practical or foolproof.
I have been wondering about the definition of "key".
The attitude in UK-Crypto has been an "all-or-nothing" (preferably
nothing!) approach. I may have missed it, but nobody has
really mentioned the alternative of delivering session keys.
Using a simple tool I can deliver the symmetric session keys for
all my communications from 'x'. Doing things this way:
(a) The Warrant holder can recover the plain text for himself
(and be sure I haven't altered it).
(b) I don't compromise my communications with the rest of
the alphabet (a-w,y and z).
The only (legitimate?) reason I can think of for the warrant holder
requesting my private encryption key is speed of access to
subsequent emails.
David