The National Academies Press

Currently Skimming:

4 Session 2. Use Cases and the Feasibility of Segmenting Encryption Policies
Pages 13-16

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 13... ... Drawing from his past experience working in the finance industry and with Google Health, Donner used the finance and health care sectors to illustrate how industries handle highly sensitive information, including their use of encryption. In the context of finance, Donner described the complex networks of data holders, data flows, and transit points involved in carrying out daily transactions in both consumer banking and institutional finance. Read the entire page →
From page 14... ... Andrew Sherman reiterated this point with regard to these industries, saying government wouldn't need exceptional access to his laptop because the source data for it came from a system to which "the legal department would gladly give you access with the right paperwork." In addition, Donner likened most institutional databases to a "maze of twisty passages," suggesting that anyone seeking access, exceptional or otherwise, to most corporate data would likely need someone from the institution to help navigate the database to find the desired information anyway. Given this context, he posited that it likely is not reasonable to expect the government to expend the resources necessary to use a backdoor to tap into such databases when the institution could simply be directly asked to provide the information. Read the entire page →
From page 15... ... During the period when export controls were in effect, Microsoft added a "server-gated cryptography" feature to its Web browser Internet Explorer to allow selection of strong cryptography when connecting to servers outfitted with special certificates for their server keys, even if the underlying Windows operating system only supported weak encryption, LaMacchia said. Netscape implemented a similar feature for its browser that it called "International Step-Up." The result, according to LaMacchia, was a mix of confusion and unintended consequences; while Microsoft forged a workable solution, it was difficult to test and deploy and also difficult to remove once export controls changed a few years later and server-gated cryptography was no longer needed. Read the entire page →
From page 16... ... Any requirement that ensures access at lower layers necessarily is very difficult and involves breaking boundaries between different pieces of the system. LaMacchia expanded on this point, explaining that segmenting horizontally would require engineers to break "abstraction boundaries" that are crucial to the integrity of computer programs. Read the entire page →

From page 13...

... Drawing from his past experience working in the finance industry and with Google Health, Donner used the finance and health care sectors to illustrate how industries handle highly sensitive information, including their use of encryption. In the context of finance, Donner described the complex networks of data holders, data flows, and transit points involved in carrying out daily transactions in both consumer banking and institutional finance.

Read the entire page →

From page 14...

... Andrew Sherman reiterated this point with regard to these industries, saying government wouldn't need exceptional access to his laptop because the source data for it came from a system to which "the legal department would gladly give you access with the right paperwork." In addition, Donner likened most institutional databases to a "maze of twisty passages," suggesting that anyone seeking access, exceptional or otherwise, to most corporate data would likely need someone from the institution to help navigate the database to find the desired information anyway. Given this context, he posited that it likely is not reasonable to expect the government to expend the resources necessary to use a backdoor to tap into such databases when the institution could simply be directly asked to provide the information.

Read the entire page →

From page 15...

... During the period when export controls were in effect, Microsoft added a "server-gated cryptography" feature to its Web browser Internet Explorer to allow selection of strong cryptography when connecting to servers outfitted with special certificates for their server keys, even if the underlying Windows operating system only supported weak encryption, LaMacchia said. Netscape implemented a similar feature for its browser that it called "International Step-Up." The result, according to LaMacchia, was a mix of confusion and unintended consequences; while Microsoft forged a workable solution, it was difficult to test and deploy and also difficult to remove once export controls changed a few years later and server-gated cryptography was no longer needed.

Read the entire page →

From page 16...

... Any requirement that ensures access at lower layers necessarily is very difficult and involves breaking boundaries between different pieces of the system. LaMacchia expanded on this point, explaining that segmenting horizontally would require engineers to break "abstraction boundaries" that are crucial to the integrity of computer programs.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

4 Session 2. Use Cases and the Feasibility of Segmenting Encryption Policies Pages 13-16

4 Session 2. Use Cases and the Feasibility of Segmenting Encryption Policies
Pages 13-16