View this PageEdit this PageAttachments to this PageHistory of this PageHomeRecent ChangesSearch the SwikiHelp Guide
Hotspots: Admin Pages | Turn-in Site |
Current Links: Cases Final Project Summer 2007

CS 4000 debate project

"A Taxonomy for Key Escrow Encryption Systems" (1996)

http://www.cs.georgetown.edu/~denning/crypto/Taxonomy.html

This is a good description of the stuff involved in a key escrow
system. If you don't know what it is already (I didn't), you
should probably read this for an introduction and some details.




"EPIC Key Escrow Page"

http://www.epic.org/crypto/key_escrow/

This is a big page of links to papers written by important and
knowledgable people about federal key escrow schemes. I haven't
looked at all of it, but it seems like a good deal of it is
critical of such schemes. Tt's all from 1996 or earlier,
when apparently this was a hot topic.




"The Risks of 'Key Recovery,' 'Key Escrow,' And 'Trusted Third-Part'
Encryption" (1998)

http://www.cdt.org/crypto/risks98/
http://www.counterpane.com/key-escrow.html (PDF and PS formats)

Abstract from the website:
A variety of "key recovery," "key escrow," and "trusted third-party"
encryption requirements have been suggested in recent years by
government agencies seeking to conduct covert surveillance within
the changing environments brought about by new technologies. This
report examines the fundamental properties of these requirements
and attempts to outline the technical risks, costs, and implications
of deploying systems that provide government access to encryption
keys.




"The Future of Cryptography" (1996)

http://www.cs.georgetown.edu/~denning/crypto/Future.html

Part of abstract from website:
This is the claim that I want to address here. I do not accept
crypto anarchy as the inevitable outcome. A new paradigm of
cryptography, key escrow, is emerging and gaining acceptance in
industry. Key escrow is a technology that offers tools that would
assure no individual absolute privacy or untraceable anonymity in all
transactions. I argue that this feature of the technology is what
will allow individuals to choose a civil society over an anarchistic
one. I will review this technology as well as what it will take to
avoid crypto anarchy. First, however, I will review the benefits,
limitations, and drawbacks of cryptography and current trends leading
toward crypto anarchy.

This paper makes reference to, and seems to depend on, an article by
Tim May about Crypto-Anarchy which can be found here:
http://www.shipwright.com/anarchy.html
The first paragraph of the full abstract of the previous paper is
more or less a good abstract for this paper.




"Commercial Encryption Policy" (1996)

http://www.epic.org/crypto/key_escrow/wh_cke_796.html

I think this is about a "market-driven approach" to key escrow
schemes, and deals with policies examined (I think?) by the
Clinton administration. It also makes the assertion that
France has key escrow schemes in place, which might be something
we should look into.




"International Views of Key Recovery" (1997)

http://www.bxa.doc.gov/Encryption/aaron.htm

This website has a speech given by a US ambassador for the
Special Envoy for Cryptography concerning key escrow schemes as they
related to international concerns. It provides some interesting
examples where key recovery schemes were important to catching some
criminals and, uh, some other stuff about what other countries think.




http://csrc.nist.gov/keyrecovery/

This is a website with a bunch of links to government people talking
about key recovery policies. The previous link came from this page,
and I'm sure there's other useful stuff on it.




"Encryption key would lock up criminals" (1999)

http://news.bbc.co.uk/1/hi/sci/tech/289139.stm

This is an article in BBC news about key escrow schemes. It isn't
authorative and doesn't offer any hardcore views, but it could be
useful.




"Department of Justice Key Escrow Procedures" (1994)

http://www.cpsr.org/program/clipper/doj-key-escrow-procedures.html

This should provide some ideas for, if we were to be affirmative, how
our plan should be implemented. There're no arguments about it, though,
which makes it less interesting.




"Encryption Key Policy in the 21st Century" (2001)

http://www.cpsr.org/essays/2001/CPSRRSA17.htm

This is definately an article that would be used if we were on the
negative side of the debate.




"Strong Encryption: Key to the Internet Economy" (1997)

http://wp.netscape.com/columns/mainthing/wsj2.html

This is from back in the day when Netscape was a force to be reckoned
with. It's about the importance of un-regulated encryption to the
economy. Probably best as a source of negative evidence.




"Key Escrow Encryption Testimony by Raymond G. Kammer" (1993)

http://www.fas.org/irp/congress/1993_hr/computer.htm

Old school discussion of key escrow technology. The most important
stuff seems to be in the "Goals" section and the part about the
"Presidental Directive."




"Key Recovery and Key Escrow"

http://www.regnoc.com/keyrecovery.htm

Brief overview of what the technology is. Makes the point that
business will be less likely to use encryption (which, it could be
argued, hurts the economy) without key recovery since, if they
somehow lose access to the key, the data is gone forever. This is
a point made in some of the previous papers.




"Keys to the Cyber Kingdom: Support for Key Escrow Encryption"
(2000)

http://www.ksg.harvard.edu/iip/stp305/Screeton.PDF

This paper would be great for the affirmative. Not only does it
argue for key escrow schemes, but it also outlines arguments against
it and why they are wrong.




"Oblivious Key Escrow" (2001)

http://www.crypto.com/papers/netescrow.ps

I didn't read all the way through this, but it seems to be a plan
for key escrow stuff, and might make a few points about its necessity.




"The Metaphor is the Key: Cryptography, The Clipper Chip, and the
Constitution"


http://www.swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html

This is an absolutely huge document on the negative side of key escrow.
The stuff is part III would be golden, since it argues that key escrow
is uncontitutional according to a number of admendments. I didn't bother
with the first part of the essay, since I don't know what EES is.

Also, this thing seems to be missing part I. Nonethess, part III should
be extremely useful.




http://www.webcom.com/software/issues/1encrypt.html

Near the bottom of this website is a link to a series of discussions
lead by the NIST concerning key escrow stuff. It's all from 1995.




"Goodlatte and Boucher Criticize British Key Escrow Proposals" (1999)

http://www.techlawjournal.com/encrypt/19990218.htm

Short article about some representatives that don't like key escrow
technology. Probably good for some short blurbs. The one I like best
is "Government key escrow proposals, which force computer users to
give the government access to their encryption keys without their
knowledge or consent, and before they have ever been suspected of any
criminal activity, undermine the very purpose of encryption, which is
to provide privacy and security."




"Encryption Research Paper –> Key Escrow"

http://www.public.iastate.edu/~redevans/PolS/escrow.htm

If you view this website, make sure Java is disabled on your brower.
It nearly brought my computer to its knees. Anyway, I haven't read
what's in it, but there's probably something of interest.




"Why the Clipper Chip is Good for You" (1994)

http://www.eff.org//Privacy/Clipper/clipper_good_nsa.article

This is written by some important dude in the NSA about the Clipper
Chip (early key escrow thing) and the benefits of it. It seems to
focus on debunking myths and would be good for the affirmative.




"Key Escrow: Its Impact and and Alternatives" (1994)

http://hotwired.lycos.com/clipper/diffie.html

Title says it all. Mostly outlines problems with key escrow.




http://www.eff.org//Privacy/Clipper/barlow_v_denning.transcript

This is the transcript of a debate about a specific key escrow
technology.




http://legacy.eos.ncsu.edu/eos/info/computer_ethics/privacy/encryption/

Most of the links I made above came from this website. So I should just
link it. Unfortunately, it has a number of links that look like
good stuff, but don't go anywhere.




"Weak Arguments Against Strong Encryption"

http://www.seattlepress.com/article-9276.html

Short article that touches on bad stuff concerning key escrow.




http://www.infoserversecurity.org/keyescrow.php

This is a german language page with a bunch of links to discussions
of key escrow technology (mostly in english)




"Key Escrow Encryption: Technology, Policy, and Pitfalls" (1998)

http://www.twinlights.org/~dtr2/papers/Clipper/KeyEscrowEncryptionUpdate.html

Abstract from website:
Encryption technology in its current incarnation is able to provide the
average person the most private communications ever conceived. The ability
to use strong encryption to protect valuable documents or communications
will allow users of encryption the confidence that their private information
is truly private. However, there are risks involved with strong encryption,
mostly raised by people in the law enforcement area. Their response to these
risks is embodied in the concept of Key Escrow Encryption, and encryption
system that allows authorized individuals or organizations the ability to
decrypt any communication or document they find necessary. This paper will
present an overview of encryption technology, a basic description of the
methods and policies behind Key Escrow Encryption, and an attempt at showing
how escrowed encryption is not justified and, in fact, is damaging to the
privacy of individuals without providing any significant benefit to law
enforcement.




Link to this Page