1993-04-17 - White House Encryption idea

Header Data

From: Peter Meyer <meyer@mcc.com>
To: cypherpunks@toad.com
Message Hash: 2f2a7e0b5c6e8ae6b97fdb9aa0555eb7e3f6ab22567362f2e254eab736e20559
Message ID: <19930417024202.6.MEYER@OGHMA.MCC.COM>
Reply To: <9304162014.AA05785@spiff.gnu.ai.mit.edu>
UTC Datetime: 1993-04-17 02:42:56 UTC
Raw Date: Fri, 16 Apr 93 19:42:56 PDT

Raw message

From: Peter Meyer <meyer@mcc.com>
Date: Fri, 16 Apr 93 19:42:56 PDT
To: cypherpunks@toad.com
Subject: White House Encryption idea
In-Reply-To: <9304162014.AA05785@spiff.gnu.ai.mit.edu>
Message-ID: <19930417024202.6.MEYER@OGHMA.MCC.COM>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Fri, 16 Apr 1993 15:13 CDT
    From: treason@gnu.ai.mit.edu

    Well, this all sounds fine and dandy, but...

    1)  They are not passing out the algorithym, and I dont trust ANYONE to tell
    me its secure.  ...

    4) No explanation of what the 'key' contents are composed of (numbers, letters,
    alphanum, characters, some odd cyphercode???) is even implied.

    5)  No explanation of how the key is propegated or if it will even be needed
    for the remote site is mentioned.  How are the remote sites going to
    decypher your cyphersounds(text)?

    There was no mention of further releases in information...is this all we get?

    treason@gnu 

Question (5) is particularly acute.  Offhand I can think of two ways the
remote site might decrypt the message:

1.  If the two phones can talk to each other then the originator phone
might ask the receiver phone for its public key (as in public key
cryptography) and then use this to encrypt the message.  (The receiver
phone then decrypts with its private key.)  But since the encryption is
occurring in real time, this is probably not feasible unless short keys
are used.

2.  The originator phone might simply send the encryption key down the
line, perhaps itself encrypted or disguised in some way.  If so then it
might not be too hard to discover the key.  In this case all security
lies in ignorance of the encryption algorithm used (violating crypto-
logical principles).  It probably wouldn't be too long (at most a year
or so) before someone figures out what the algorithm is, in which case
all security is compromised.  However, security in particular cases is
relative to the expertise of the attacker, so it might still be the case
that one's neighbors and business competitors could not decrypt the
message, even if XYZ Security Consultants could.

-- Peter Meyer






Thread