Thank you for a wonderfully thought out post.  I have been trying to 
formulate some of the concerns you mention in 3 and you've done it with 
far more authority.

I have another question which might be naive, but, in addition to

loss of access to content because of loss of proprietary encryption

would it also not be a possible threat that the entire PKI infrastructure could change over a long enough period of time?  That, for example, current mechanisms for obtaining keys and revocation lists etc. could become unused and unavailable?


(I have a conflict with this afternoon's call and I really hate to miss this discussion.  Thanks Andrea for raising it.)

On 2/28/2012 12:03 PM, Dr. Micah Altman wrote:
> A few thoughts, in preparation for our call today...
> 1. Theoretically, maintenance of keys is straightforward although complex:
> e.g.
>      (a) use a distributed PKI -- either (i) hierarchical or (ii) PGP-style
>      (b)  maintain physically protected copies off-line
>      (c) escrow keys (possibly divided) with multiple (partially) trusted
> third parties
> 2. In practice, few organizations have good enterprise key management, and
> its been unexpectedly difficult to maintain even over the course of normal
> business timescales. Some commonly encountered challenges include:
>     - managing key revocation and possible re-encryption of content using a
> revoked key
>     - enterprise scaling of key management (esp. a(ii) (b) and (c) )
>     - enterprise scaling of performance over encrypted content (e.g.
> barriers to deduplication of virtualized storage; overhead for computing on
> encrypted content; performance issues with encrypted filesystems; barriers
> to standard storage maintenance/recovery/integrity auditing )
>     - enabling collaboration with encrypted content (managing appropriate
> group access to content, while maintaining desired security properties)
>     - potential catastrophic single point security failures for PKI ( esp.
> certificate issuing, checking, revocation architecture)
>     - proprietary encryption algorithms (esp. hardware embedded)
> 3. A key issue for preservation is managing risks to long term access, use
> of encryption creates additional risks for catastrophic / correlated/
> single-point long-term access failure, such as:
> - undetected corruption of content due to defects in encryption
> hardware/software
> - " " due to increased barriers to auditing
> -  increased risk of content corruption due to barriers to
> filesystem maintenance/recovery of  encrypted content
> - loss of access to content because of loss of proprietary encryption
> technology/knowledge (try reading a hardware encrypted tape from 10 years
> ago  :-(
> - " "  because of unintentional loss of key
> - " "  because of unintentional/incorrect revocation/key destruction (e.g.
> "self destruct" mechanisms on encrypted hardware, such as IronKeys)
> - Financial risks to access because of increased costs of maintaining
> encryption
> None of these are necessarily show stoppers -- in a particular environment
> one could  of possible ways to mitigate these risks, project costs, compare
> to the benefits of encryption, and make a decision either way... Unless
> security experts are involved, risks from misimplementation or defects in
> the security software/hardware/protocols (etc.) are usually not on the
> radar; and additional risks for long term access are generally not on the
> radar even where a trained security expert is engaged.  So its important to
> make sure that we, as preservation experts,  communicate these additional
> long-term access risks and costs ...
> best,
> Micah
> However, a key point is that most decisions to use encryption are driven by
> non-access-related business needs (such as HIPAA compliance) , and analyzed
> by mid-level IT for risks occurring during the standard business
> time-horizon.
> On Thu, Feb 23, 2012 at 4:51 PM, Cory Snavely<[log in to unmask]>  wrote:
>> Sure.
>> What I had said in my email was "Long-term secure preservation of the
>> decryption keys themselves is typically raised as a concern, although
>> personally I feel that solutions to this problem are straightforward,
>> albeit complex."
>> I view this as a compound problem that requires a combination of
>> preservation storage principles and security principles to solve.
>> First, the preservation storage part. There have to be multiple copies of
>> the keys. Organizations doing digital preservation should be operating at
>> multiple sites, and so it should be straightforward to take advantage of
>> this to place copies at the multiple sites - the more the better.
>> Second, the security part. The keys themselves obviously have to be
>> secured in some way. This can be done with either additional encryption or
>> physical security, ie a locking safe, or both. The key point is that this
>> chain ultimately ends in human knowledge, i.e., people have to know
>> secrets. The trick is ensuring that enough people know enough secrets to
>> eventually lead to the encryption keys. Providing office staff at multiple
>> sites with combinations to safes that contain the encrypted encryption keys
>> that a more privileged group of repository administrators know the secret
>> for is an example of adding multiple layers into the scheme.
>> It is tempting, of course, to think of disaster scenarios where all
>> secrets are lost. It's my assertion that this can in turn be addressed with
>> multiple sites.
>> It's impossible to reduce the risk of data loss due to lost keys to zero
>> without undermining the encryption itself, but my point is that the risk
>> can be brought into an acceptable range with a scheme that is
>> well-thought-out by using technology and policy frameworks that we, as
>> organizations doing digital preservation, ostensibly already possess.
>> On 02/15/2012 10:01 PM, Andrew Woods wrote:
>>> I am interested, Cory (and others), in your ideas around the issue of
>>> long-term, secure management of the keys themselves. Would you be kind
>>> enough to elaborate.
>>> Andrew
>> ############################
>> To unsubscribe from the NDSA-INFRASTRUCTURE list:
>> write to: mailto:NDSA-INFRASTRUCTURE-**[log in to unmask]**
>> DIGITALPRESERVATION.GOV<[log in to unmask]>
>> or click the following link:
>> http://list.****SCRIPTS/WA-DIGITAL.EXE?SUBED1=**


To unsubscribe from the NDSA-INFRASTRUCTURE list:
write to: mailto:[log in to unmask]
or click the following link: