Communications of the ACM
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Using encryption for authentication in large networks of computers
Communications of the ACM
On the Risk of Opening Distributed Keys
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Escrow Encryption Systems Visited: Attacks, Analysis and Designs
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
A Proposed Architecture for Trusted Third Party Services
Proceedings of the International Conference on Cryptography: Policy and Algorithms
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Kerberos: an authentication service for computer networks
IEEE Communications Magazine
Towards Signature-Only Signature Schemes
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
On the Difficulty of Key Recovery Systems
ISW '99 Proceedings of the Second International Workshop on Information Security
Hi-index | 0.00 |
The UK government is fielding an architecture for secure electronic mail based on the NSA's Message Security Protocol, with a key escrow scheme inspired by Diffie-Hellman. Attempts have been made to have this protocol adopted by other governments and in various domestic applications. The declared policy goal is to entrench commercial key escrow while simultaneously creating a large enough market that software houses will support the protocol as a standard feature rather than charging extra for it. We describe this protocol and show that, like the 'Clipper' proposal of a few years ago, it has a number of problems. It provides the worst of both secret and public key systems, without delivering the advantages of either; it does not support nonrepudiation; and there are serious problems with the replacement of compromised keys, the protection of security labels, and the support of complex or dynamic administrative structures.