1994-02-08 - Re: Crypto Regulation Reform

Header Data

From: “Perry E. Metzger” <pmetzger@lehman.com>
To: rcain@netcom.com (Robert Cain)
Message Hash: 69439c89e3f488daac23b2e67617e19491fccfb9b391b7aa0293802ca085b303
Message ID: <199402082349.SAA09698@snark>
Reply To: <199402082221.OAA10284@mail.netcom.com>
UTC Datetime: 1994-02-08 23:50:58 UTC
Raw Date: Tue, 8 Feb 94 15:50:58 PST

Raw message

From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Tue, 8 Feb 94 15:50:58 PST
To: rcain@netcom.com (Robert Cain)
Subject: Re: Crypto Regulation Reform
In-Reply-To: <199402082221.OAA10284@mail.netcom.com>
Message-ID: <199402082349.SAA09698@snark>
MIME-Version: 1.0
Content-Type: text/plain

Robert Cain says:
> >  > A device can be made right now at lower cost
> >  > than a computer modem, much lower, that could be inserted between any
> >  > phone and the wall that would make it impossible, no matter what laws
> >  > are in place, to tap either passively or acitively, communication that
> >  > passes between two of these devices.  I know how to do it, could do it
> >  > and probably will just for the fun of it at least.  
> > 
> > Uhh, could you tell us?
> 'Fraid not.  I want to patent it and profit from it.  As a
> hardware/software development engineer I stand diametrically opposed to
> the FSF gang.

There are exactly two ways to transmit a signal.  Either you are in
the digital or the analog domain. If you are in the digital domain,
you need a modem, so your device can't be cheaper than a modem. If you
are in the analog domain, you can't get good encryption short of
extremely iffy techniques. (You could, for instance, have a DES chip
putting out data that was used to control analog scramblers, but
synching up the two sides would be hard and waveform information might
be used to reconstruct the signal even without breaking the sequence.)

Given that V.32 class modems are only a couple hundred bucks, and will
soon be only a hundred bucks or so, its hard to imagine how anything
analog that was decent could be cheaper anyway.

> Well, making it credit card sized and cheaper than a modem is not all
> that difficult.  An AT&T VSELP chip based on their DSP1616 with some
> firmware added for primative modem capability, some firmware for the
> encryption and a couple of codec chips fits the bill nicely.

You still need a modem. You therefore cannot be cheaper than a modem.

> I do have
> a breakthrough though and that is in the area of a key exchange
> protocol that can detect an active spoof, a problem unsolvable in theory
> (at least in the opinion of Whit Diffie, Marty Hellman and Ron Rivest)
> but solvable to any desired degree of confidence in practice.

This would not make your machine cheaper., and anyone wanting real
security will sign their Diffie-Hellman exchanges anyway.

> In fact
> in the most common situation that I would expect it to be used, it is
> provably secure against a spoof.

Can't be done without shared data, because without shared data you
have no way of even knowing who you are talking to.

> I can't say any more about how that
> works but some fine mathematicians and some crypto names most of you
> know have witnessed and validated it.