From: cme@ellisun.sw.stratus.com (Carl Ellison)
To: cypherpunks@toad.com
Message Hash: 27aa28c45ee175c5487aa40bbd7b159bf2d44aa95cb085abcdc220289b05d188
Message ID: <9308131359.AA16791@ellisun.sw.stratus.com>
Reply To: N/A
UTC Datetime: 1993-08-13 14:02:58 UTC
Raw Date: Fri, 13 Aug 93 07:02:58 PDT
From: cme@ellisun.sw.stratus.com (Carl Ellison)
Date: Fri, 13 Aug 93 07:02:58 PDT
To: cypherpunks@toad.com
Subject: Re: >Clipper trapdoor?
Message-ID: <9308131359.AA16791@ellisun.sw.stratus.com>
MIME-Version: 1.0
Content-Type: text/plain
>Message-Id: <00541.2828009147.4718@washofc.cpsr.org>
>From: David Sobel <dsobel@washofc.cpsr.org>
>Date: Thu, 12 Aug 1993 14:01:54 EST
>Subject: Re: >Clipper trapdoor?
David,
You wrote:
>[...] I think the question you raise is a critical one -- under what
>guidelines will the escrow agents determine the validity of an NSA
>request for the key without a FISA warrant?
If I were the NSA, I would *never* permit a key request to leave the
building at Ft. Meade. The fact that it wanted a given key is, itself,
intelligence.
I am one person who believes that the gov't would never be able to
establish a key escrow agency secure enough even for my customers (Stratus
customers: already extra-careful purchasers of high priced fault tolerant
equipment: banks, large funds transfer people, stock brokers, hospitals,
...). It's too cheap for organized crime to bribe or break in at the
escrow agencies. Therefore, I'm on record as a commercial crypto
consultant recommending against any customer of ours using any escrowed-key
mechanism, no matter how strong the algorithm or how trustworthy the
key generation process.
If the agency is too flaky for me, they're bound to be too flaky to be
trusted with a paper trail of NSA's eavesdropping targets. The traffic
analysis of that trail would be worth an absolute fortune. I'd give it a
week before it was compromised.
So: I wouldn't go to the escrow agencies in any way at all.
----------
Now, there was an interesting thing from DERD the other day -- that the
original key generation mechanism is out, replaced by one which is
classified (for nat'l security reasons, I assume).
----------
As I mentioned in alt.privacy.clipper the other day, if I were the NSA
I would:
1. pick a *very* secure block cryptosystem (secure enough for them to
use to send top secret crypto keys around the world, where the enemy
is sure to intercept the message)
2. encrypt the chip's serial number in that algorithm, using a single
key which only the agency knows
3. use the output of that encryption as the chip's key [that output
will look totally random to the outside observer, because the
encryption algorithm is so good]
4. make the two escrow copies, as before, and deliver them to
the escrow agencies
5. keep the key generation process secret, for fear of inciting
rebellion among civil liberties groups
-----------
- Carl
P.S. One of my questions for CSSPAB was why the key generation procedure
didn't just use a hardware random number generator. That's the accepted
practice and there's no reason to classify it.
P.P.S. Is there any way to get NIST to answer my list of 22 questions?
Return to August 1993
Return to “cme@ellisun.sw.stratus.com (Carl Ellison)”
1993-08-13 (Fri, 13 Aug 93 07:02:58 PDT) - Re: >Clipper trapdoor? - cme@ellisun.sw.stratus.com (Carl Ellison)