How could a law enforcement agency access data protected by the NGSCB architecture?
Just as with other commercial-grade cryptographic hardware, law enforcement agencies could conceivably “break” the SSC in the hardware of a seized machine to obtain machine secrets. It is important to note, however, that there is no mandatory key escrow planned that would give law enforcement or other entities the ability to obtain keys readily. Keys could be escrowed on the user’s behalf with the user’s permission, and these could be obtained in the usual manner by law enforcement agencies.
Related Questions
- If the communication between the cabinet and the SIM occurs via HTTP, how is the data protected since it is transmitted in plain text?
- What does a law enforcement agency need to do to be able to submit their OIBRS data?
- How could a law enforcement agency access data protected by the NGSCB architecture?
