From: Clark Reynard <clark@metal.psu.edu>
Date: Thu, 1 Jul 93 01:29:14 PDT
To: cypherpunks@toad.com
Subject: LEB corruption in Clipper phones--the backdoor?
Message-ID: <9307010903.AA03572@metal.psu.edu>
MIME-Version: 1.0
Content-Type: text/plain


""L. Detweiler"" <ld231782@longs.lance.colostate.edu> quotes:

>farber@central.cis.upenn.edu (David Farber) writes:

>>2.  Re chip health.  I heard the same story plus yield was very low.
>>I also understand that there is substantial redesign going on because
>>the story about defaulting to an all-0 key if the LEB were corrupted
>>was apparently true.

I had heard this story, but discounted it as a 'cyberspace legend.'
If this is true, there's the damn backdoor, obvious as the ass on
a baboon.  

As others have noted, simply using the old crummy alligator clip
method of wiretapping, sending a spike down the line at the moment
of connection, and perhaps even a simple non-IC device like a 
cable descrambler could tap it, as easily as a normal phone.
At the very least, you could record for later decryption,
and it would require no more field work than currently necessary.

Even with the corruption of analog media such as audio tapes,
wouldn't an all-0 key make error-correction for line noise
trivial?

Corrupt the LEB, and any idiot could decrypt.  Even _I_ could do
that, with patience and at most a few thousand plaintext/ciphertext
pairs (available to any fool with a Clipper chip).  

Am I wrong here, or is this, in fact, an idiotically simple flaw,
so elementary that even the NSA could not have committed such a 
whopping, cretinous blunder in "good faith"?
----
Robert W. F. Clark              
rclark@nyx.cs.du.edu            
clark@metal.psu.edu