1993-08-02 - LEEF->LEAF etc.

Header Data

From: technopagan priest <tedwards@wam.umd.edu>
To: cypherpunks@toad.com
Message Hash: 965df3dc154cc949ba72aac447eff75592193264f573268c0e84d4387cb84dc9
Message ID: <199308021746.AA17259@rac2.wam.umd.edu>
Reply To: N/A
UTC Datetime: 1993-08-02 17:47:34 UTC
Raw Date: Mon, 2 Aug 93 10:47:34 PDT

Raw message

From: technopagan priest <tedwards@wam.umd.edu>
Date: Mon, 2 Aug 93 10:47:34 PDT
To: cypherpunks@toad.com
Subject: LEEF->LEAF etc.
Message-ID: <199308021746.AA17259@rac2.wam.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain



I think it is interesting how the Law Enforcement Exploitation Field
has been renamed LEAF.  Good P.R. move NIST!

I'm personally not motivated to believe that Skipjack is a flawed
algorithm, but at the same time I do not consider it tested until
it has stood up to peer-reviewed public analysis.

I am very concerned about the key-exchange system.  As far as I can
see, we still don't know exactly what it is, and whether that is safe.
Public key systems are much more difficult to design securely than
private key systems.  The key exchange has to be secure from 
eavesdroppers and also proof against "man-in-the-middle" attacks.

Furthermore, there is the traffic-analysis problem.  Everything I have
read so far has indicated there will be a single system key which will
encrypt Clipper serial numbers.  A trivial phone tap with someone
armed with the system key could result in massive traffic-analysis, 
and the government could do this simply because they have the
system key, the Mafia will follow soon.

I think a good avenue of attack right now is to politically attack
the key-escrow parts of Clipper, and get Skipjack as a published 
private-key standard.  Write your congresscritters.

-Thomas





Thread