Thursday, April 26, 2018

Can This System of Unlocking Phones Crack the Crypto War? | WIRED

"Ray Ozzie thinks he has an approach for accessing encrypted devices that attains the impossible: It satisfies both law enforcement and privacy purists" -- see the full article for an extensive profile

"THE STRENGTH OF Ozzie’s system lies in its simplicity. Unlike Clinton Brooks, who relied on the government to safeguard the Clipper Chip’s encrypted keys, Ozzie is putting his trust in corporations, a decision that came from his experience in working for big companies like Lotus, IBM, and Microsoft. He was intimately familiar with the way that tech giants managed their keys. (You could even argue that he helped invent that structure, since Lotus Notes was the first software product to get a license to export strong encryption overseas and thus was able to build it into its products.) He argues that the security of the entire mobile universe already relies on the protection of keys—those vital keys used to verify operating system updates, whose compromise could put billions of users at risk. (Every time you do an OS update, Apple certifies it by adding a unique ID and “signing” it to let your device know it’s really Apple that is rewriting your iPhone’s code.) Using that same system to provide exceptional access, he says, introduces no new security weaknesses that vendors don’t already deal with."
Can This System of Unlocking Phones Crack the Crypto War? | WIRED

No comments: