[hannofcart]

Am a near know-nothing when it comes to encryption.

While asymmetric key encryption like PGP can indeed be used to encrypt for multiple agencies, is something similar possible for symmetric key encryption algorithms? Presumably when people are storing their own data in encrypted format, it's some symmetric key encryption that is used?

Of course one could get around that by using PGP to encrypt a randomly generated password which then is used as the passkey for symmetric key encryption like aes-256? Like the SSL handshake?

But then the original problem stays. If for some reason, the government's private key were to leak, they'd render all data vulnerable.

But perhaps even THAT can be worked around by issuing the govt. a new private key per user?

[natch]

>If for some reason, the government's private key were to leak, they'd render all data vulnerable.

Yes and keep in mind that if private keys leak, this fact may be kept hidden from the government, so the vulnerability of the data could also be unknown to the government. And master keys can leak too. Of course the government would work very hard to protect these keys. Just like they protected the NSA's hacking toolkit that leaked.

[Nullabillity]

Or, for that matter, the TSA's quite literal master keys.

[ryanlol]

>Just like they protected the NSA's hacking toolkit that leaked.

There's simply no comparison to be made between keys stored and generated offline in a high-end HSM and warez.rar being passed around by a bunch of analysts.

[brokenmachine]

In both instances they are things meant to be kept secret.