Key Recovery Systems As stated before the sense of cryptography is a properly designed cryptosystem making it essentially impossible to recover encrypted data without any knowledge of the used key. The issue of lost keys and the being-locked-out from one's own data as a consequence favors key recovery systems. On the other hand the counter argument is confidentiality: as soon as a possibility to recover a key is provided, the chances for abuses grow. Finally it is the state that does not want to provide too much secrecy. On the contrary. During the last 20 years endless discussions about the state's necessity and right to restrict private cryptography have taken place, as the governments rarely care for the benefit of private users if they believe in catching essential informations about any kind of enemy, hence looking for unrestricted access to all keys. The list of "key recovery," "key escrow," and "trusted third-party" as encryption requirements, suggested by governmental agencies, covers all the latest developments and inventions in digital technology. At the same time the NSA, one of the world's most advanced and most secret enterprises for cryptography, worked hard in getting laws through to forbid the private use of strong encryption in one way or the other. Still, it is also organizations like this one that have to admit that key recovery systems are not without any weaknesses, as the U.S. Escrowed Encryption Standard, the basis for the famous and controversially discussed Clipper Chip, showed. The reason for those weaknesses is the high complexity of those systems. Another aspect is that key recovery systems are more expensive and certainly much less secure than other systems. So, why should anyone use them? In that context, one has to understand the legal framework for the use of cryptography, a strict framework in fact, being in high contradiction to the globalised flow of communication. |
|
Timeline 00 - 1600 AD 3rd cent. Leiden papyrus: medical information gets enciphered to stop abuses 8th cent. - Abu 'Abd al-Rahman al-Khalil ibn Ahmad ibn 'Amr ibn Tammam al Farahidi al-Zadi al Yahmadi finds the solution for a Greek cryptogram by first of all finding out the plaintext behind the encryption, a method which never got out of date. Afterwards he writes a book on cryptography. - cipher alphabets for magicians are published 1250 the English monk Roger Bacon writes cipher-descriptions. At that time the art of enciphering was a popular game in monasteries 1379 Gabrieli di Lavinde develops the nomenclature-code for Clement VII (114); a code-system made out of ciphers and codes, which kept being irreplaceable until the 19th century 1392 (probably) the English poet Geoffrey Chaucer writes the book The Equatorie of the Planetis, which contains several passages in ciphers made out of letters, digits and symbols 1412 for the first time ciphers including different substitutions for each letter are developed (in Arabic) ~1467 invention of the "Captain Midnight Decoder Badge", the first polyalphabetic cipher (disk); the inventor, Leon Battista Alberti, also called the father of Western cryptography, uses his disk for enciphering and deciphering at the same time 15th/16th century nearly every state, especially England and France, has people working on en- and deciphering for them 1518 the first printed book on cryptology is written by the German monk Johannes Trithemius. He also changes the form of polyalphabetic cipher from disks into rectangulars 1533 the idea to take a pass-phrase as the key for polyalphabetic cipher is realized by Giovan Batista Belaso 1563 Giovanni Battista Porta suggests to use synonyms and misspellings to irritate cryptoanalysts 1585 Blaise de Vigenère has the idea to use former plaintexts or ciphertexts as new keys; he invents the 1587 Mary, Queen of Scots, is beheaded for the attempt to organize the murder of Queen Elisabeth I., whose agents find out about Mary's plans with the help of decryption 1588 the first book in shorthand is published |
|