|
This file is available on a Cryptome DVD offered by Cryptome. Donate $25 for a DVD of the Cryptome 10-year archives of 35,000 files from June 1996 to June 2006 (~3.5 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. Archives include all files of cryptome.org, cryptome2.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org. Cryptome offers with the Cryptome DVD an INSCOM DVD of about 18,000 pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985. No additional contribution required -- $25 for both. The DVDs will be sent anywhere worldwide without extra cost. | |||
26 March 1998
Date: Thu, 26 Mar 1998 05:28:24 -0500 From: John R T Brazier <Prunesquallor@compuserve.com> Subject: Computing Article: Banks & Keys Recovery To: <ukcrypto@maillist.ox.ac.uk> Dear All, 26th March Issue of Computing (computingnet.co.uk), lead article below. Also on the front page the Post Office is starting up as a digital signature certifier. Cheers, John B ----------------------------------------- Banks slam snoops Major users split over government's attempt to regulate cyberspace Europe's banks have rejected a controversial key recovery encryption scheme on the eve of an expected government announcement imposing the policy on the UK, writes Dan Sabbagh. Computing has learned that the European Committee on Banking Standards (ECBS) - a powerful consortium of financial institutions - has filed a submission with the European Commission arguing against key recovery. The committee's stance is backed by the UK's banks, which are represented by industry body APACS. It is understood that the submission, which will not be made public, says that many European banks are 'fundamentally opposed' to the introduction of statutory regulations for key recovery in Europe. Financiers, it maintains, 'cannot see any benefit for European banks and their customers'. Key recovery schemes require individuals and companies that use encryption to deposit a copy of their encryption keys with a 'trusted third party'. These keys are then made avail- able to law enforcement agencies, on production of a warrant, allowing them access to encrypted private transmissions. The Department of Trade and Industry is thought to be close to unveiling a key recovery scheme for UK encryption users in the face of opposition from civil liberties campaigners and a growing number of corporates, including Microsoft. The ECBS' argument has been broadly endorsed by NatWest. Tim Jones, managing director of retail banking services at NatWest, said: 'Key recovery is a brutal and expensive way to achieve law enforcement.' Jones said that he believed there were simpler ways to allow access to encrypted data. He added that, in his opinion, medium-strength encryption - 64-bit DES - should not necessitate key recovery because codes could be cracked 'with a couple of Crays and a following wind'. Steve Thomas, head of security at APACS, outlined the objections of Europe's banks. 'If key recovery is so good for business, as its supporters argue, then we don't need a statutory framework to introduce it. Giving up any keys to a third party must reduce the security of any system,' he said.