Interesting People mailing list archives
IP: UK to Introduce Key Escrow
From: Dave Farber <farber () central cis upenn edu>
Date: Tue, 30 Apr 1996 07:55:36 -0400
Date: Sat, 20 Apr 1996 22:35:37 +1000 From: Julian Assange <proff () suburbia net> Organization: Isaac Newton Institute, University of Cambridge Despite assurances from John Major to David Shaw MP that the British government had no intention to limit the domestic use of cryptography, there is now a UK policy to introduce key escrow. The debate was conducted in secret in Whitehall; we the people were not consulted at all. Details can be found in a booklet called `The use of encryption and related services with the NHSnet', published by the NHS Executive (copies from the Department of Health, Fax 01937 845381). The points of most interest to the privacy community are probably the following. 1. `HMG has, for a number of years, been developing its ideas for a national Public Key Management Infrastructure having what is known as Key Recovery (KR) facilities. HMG's interest in Key Recovery is driven by its Law Enforcement needs. Papers describing schemes with this capability are now in the public domain for review and comment. It is expected that eventual national policy in this areas, supported by legislation, will involve the use of KR capabilities shaped closely along the lines indicated by current papers' (p 58). 2. The choice facing the NHS is `whether it wishes to implement the KR capability within it or not' (p 58). 3. Long term keys will be certified using a `Trusted Third Party' and there is budgetary provision for eight full time NHS staff to run this. 4. The critical question of `the legal conditions under which TTPs will be able to release information under their control or care' is dodged; it `will have to be investigated'. 5. The encryption algorithm used will be an unpublished block cipher called `Red Pike' that has been developed by GCHQ. I have obtained through other channels a copy of a GHCQ certificate evaluating this algorithm to `Restricted'. Key establishment will be Diffie Hellman based, and DSA will be used for signatures. 6. The proposal to make the NHS adopt the TTP/Red Pike strategy is part of a wider initiative that will include the electronic submission of proposals to government departments by suppliers and of tax returns by small businesses. A goal is to `encourage a wide range of commercial off-the-shelf (COTS) products to be developed'. (Note: this mirrors the NSA policy under which the US Department of Defense is trying to get software suppliers to develop products with weak or escrowed crypto that can be replaced with plug-compatible but stronger military crypto. See Microsoft crypto API, the Fortezza card, and so on.) 7. There is extensive - and grossly inaccurate - criticism of alternatives (products such as PGP, and algorithms such as RSA and triple DES). Some of the statements may reflect GCHQ's legislative or regulatory intentions. For example, on page 61 it is stated that DES `is not normally available to users in other commercial sectors unless it is used by them only in relation to the protection of financial data'. The author seems ignorant of the Unix password mechanism, Sky-TV key management, prepayment gas meters, and the infrared gate openers used by season ticket holders at municipal parking garages in Glasgow. I mentioned this report yesterday evening to an employee of a defence software firm and he informed me that there was a presentation at GCHQ two weeks ago for those `inside the tent pissing out' at which all the above (and presumably more) was revealed. The implications are many and varied. For example, the establishment of a government facility to certify who is, and who is not, a medical doctor would usurp the General Medical Council's traditional function. One wonders whether there is a plan to nationalise the Law Society, the Institute of Chartered Accountants, and other professional bodies? At the most basic level, it appears unlikely that this report will contribute to establishing the level of trust in the privacy and safety of clinical telematics that will be needed if we are to realise its many potential benefits for patient care. Ross
Current thread:
- IP: UK to Introduce Key Escrow Dave Farber (Apr 30)