1994-06-03 - Re: Faster way to deescrow Clipper

Header Data

From: sidney@taurus.apple.com (Sidney Markowitz)
To: cypherpunks@toad.com
Message Hash: 439ad450e351c2a070817b5dad7ffaaffd4988930e76d4e9bcf40354de7a3061
Message ID: <9406030758.AA04800@federal-excess.apple.com>
Reply To: N/A
UTC Datetime: 1994-06-03 07:59:58 UTC
Raw Date: Fri, 3 Jun 94 00:59:58 PDT

Raw message

From: sidney@taurus.apple.com (Sidney Markowitz)
Date: Fri, 3 Jun 94 00:59:58 PDT
To: cypherpunks@toad.com
Subject: Re: Faster way to deescrow Clipper
Message-ID: <9406030758.AA04800@federal-excess.apple.com>
MIME-Version: 1.0
Content-Type: text/plain


Could someone please enlighten me on this: It seems from the descriptions
of the hack to fake a LEAF that 1) When two Clipper chips are going to
communicate, one of them generates the session key and sends a LEAF to the
other chip, 2) The second chip recognizes the LEAF as being valid based on
the validity of the checksum, but does not determine the session key from
the LEAF.

If that's the case, then 1) How does the second chip find out what the
session key is? 2) Doesn't the second chip also have to generate and send a
LEAF, if for no other reason than to identify itself to the wiretappers,
and if so won't that give away the session key if that chip's device is not
also hacked? 3) If all that is needed for this hack is a LEAF with a proper
checksum, why go through the brute force method of generating random LEAFs?
Why not just buy (or steal or whatever) another Clippered device that you
never use for real communication so the wiretappers have no record of who
has that serial number, and get LEAFs from it? For that matter, why can't
you obtain one LEAF from listening to anybody's Clippered transmission and
use it over and over again?

It can't be *that* simple, can it?

 -- sidney <sidney@taurus.apple.com>








Thread