From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Mon, 19 Apr 93 06:37:27 PDT
To: norm@netcom.com
Subject: Hellman's Hints
In-Reply-To: <9304190831.AA17466@netcom4.netcom.com>
Message-ID: <9304191241.AA00129@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


It occurred to me that the "clipper chip" makes it easier for the
government to tap voice telephone trunks & do traffic analysis.
Current long-haul phone technology uses out-of-band signalling on
different, reportedly encrypted, trunks, so to make any sense out of
the data trunks you also have to listen in on the signalling trunks
and correllate what you record there with what you record off the data
trunks.

With the wiretap chip in place, all they need to do is to "surf" the
data trunks looking for the encrypted serial number of the devices
they're interested in.

Depending on what the encryption tag blocks *really* look like, you
might not even need SK in order to do traffic analysis.  Even if the
tag blocks are built with confounders and similar randomness included
to discourage ciphertext matching, the SK can be found in *every
single chip* and it's only a matter of time before someone gets it,
either by electron microscope or by bribing some of the hundreds of
people likely to have access to the key.

				- Bill