Nonprofit group says NSA report shows weaknesses of key recovery

The Center for Democracy and Technology (CDT) is expected to issue its response tomorrow to a National Security Agency (NSA) report that documents the potential risks posed by the encryption technology that has been at the center of a raging debate between the Clinton administration and industry.

The Feb. 18 NSA report [FCW, April 6] details the potential threats of deploying key-recovery technology, which is an encryption system that allows users to retrieve the key needed to unscramble encrypted data should they lose the key. Under the administration's key-recovery proposal, law enforcement agents could decode encrypted data after obtaining a court order or other authorization.Alan Davidson, staff counsel of CDT, said today that the report marks the first time the NSA has noted there are risks and vulnerabilities associated with key-recovery technology.

"The report lays out this whole series of attacks on key-recovery systems," he said. "You have literally at least 20 potential attacks listed on key-recovery systems. This is a very powerful admission. What they're basically saying is that there are no guarantees a key-recovery system will let them catch the bad guys."

The report, "Threat and Vulnerability Model for Key Recovery," pointed out that certain law enforcement agents and officials operating key-recovery centers could pose the greatest threat to a key-recovery system—- and to the users' data, which is encrypted by the system—- if proper security mechanisms were not in place.

Key-recovery centers would also become attractive to criminals because of the potential for a huge return on investment that an attack on a center—- and access to the data protected within—- would bring, according to the report. The report also notes that if a sender of an encrypted message conspires to circumvent the key-recovery system with the receiver, the technology's security mechanisms could be bypassed.

According to a written response NSA provided FCW earlier this month, the threat that anyone poses to key-recovery systems is a function of how well the application has been designed and operated to address potential security concerns. If due consideration is given to the threats and vulnerabilities noted in the report, there would be "minimal risk" posed to the key recovery system, the statement said.However, Davidson noted, "Ultimately, it's another piece of evidence that shows that the kind of key-recovery systems being debated on Capitol Hill have serious flaws."