486 research outputs found
The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption
A variety of "key recovery," "key escrow," and "trusted third-party" encryption requirements have been suggested in recent years by government agencies seeking to conduct covert surveillance within the changing environments brought about by new technologies. This report examines the fundamental properties of these requirements and attempts to outline the technical risks, costs, and implications of deploying systems that provide government access to encryption keys
The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption
A variety of "key recovery," "key escrow," and "trusted third-party" encryption requirements have been suggested in recent years by government agencies seeking to conduct covert surveillance within the changing environments brought about by new technologies. This report examines the fundamental properties of these requirements and attempts to outline the technical risks, costs, and implications of deploying systems that provide government access to encryption keys
Regulating the technological actor: how governments tried to transform the technology and the market for cryptography and cryptographic services and the implications for the regulation of information and communications technologies
The formulation, adoption, and transformation of policy
involves the interaction of actors as they negotiate, accept, and
reject proposals. Traditional studies of policy discourse focus
on social actors. By studying cryptography policy discourses, I
argue that considering both social and technological actors in
detail enriches our understanding of policy discourse.
The case-based research looks at the various cryptography
policy strategies employed by the governments of the United
States of America and the United Kingdom. The research
method is qualitative, using hermeneutics to elucidate the
various actors’ interpretations. The research aims to
understand policy discourse as a contest of principles involving
various government actors advocating multiple regulatory
mechanisms to maintain their surveillance capabilities, and the
reactions of industry actors, non-governmental organisations,
parliamentarians, and epistemic communities.
I argue that studying socio-technological discourse helps us to
understand the complex dynamics involved in regulation and
regulatory change. Interests and alignments may be contingent
and unstable. As a result, technologies can not be regarded as
mere representations of social interests and relationships.
By capturing the interpretations and articulations of social and
technological actors we may attain a better understanding of
the regulatory landscape for information and communications
technologies
The Myth of Superiority of American Encryption Products
Encryption software and hardware use sophisticated mathematical algorithms to encipher a message so that only the intended recipient may read it. Fearing that criminals and terrorists will use encryption to evade authorities, the United States now restricts the export of encryption products with key lengths of more than 56 bits. The controls are futile, because strong encryption products are readily available overseas. Foreign-made encryption products are as good as, or better than, U.S.-made products. U.S. cryptographers have no monopoly on the mathematical knowledge and methods used to create strong encryption. Powerful encryption symmetric-key technologies developed in other countries include IDEA and GOST. Researchers in New Zealand have developed very strong public-key encryption systems. As patents on strong algorithms of U.S. origin expire, researchers in other countries will gain additional opportunities to develop strong encryption technology based on those algorithms
- …