1994-02-09 - Re: Crypto Regulation Reform

Header Data

From: rcain@netcom.com (Robert Cain)
To: cypherpunks@toad.com (cypherpunks)
Message Hash: a9515efa4cf68f74028b3e1d624df05f85a217b1c2dcbd3cfc07177989f820ad
Message ID: <199402090056.QAA28858@mail.netcom.com>
Reply To: <199402082349.SAA09698@snark>
UTC Datetime: 1994-02-09 01:07:14 UTC
Raw Date: Tue, 8 Feb 94 17:07:14 PST

Raw message

From: rcain@netcom.com (Robert Cain)
Date: Tue, 8 Feb 94 17:07:14 PST
To: cypherpunks@toad.com (cypherpunks)
Subject: Re: Crypto Regulation Reform
In-Reply-To: <199402082349.SAA09698@snark>
Message-ID: <199402090056.QAA28858@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain

Perry E. Metzger sez:
> Robert Cain says:
> > Well, making it credit card sized and cheaper than a modem is not all
> > that difficult.  An AT&T VSELP chip based on their DSP1616 with some
> > firmware added for primative modem capability, some firmware for the
> > encryption and a couple of codec chips fits the bill nicely.
> You still need a modem. You therefore cannot be cheaper than a modem.

Once again, what we call a modem today has gobs of bells and whistles
in firmware and hardware that a simple voice->bits->wierd-bits->anlog
and it's inverse is a whole lot simpler at many levels than today's
modems.  In fact it doesn't even require 9600 baud with CELP or VSELP
which is wonderful since overseas sessions at that speed are iffy at
best I have found.  Compare the price of a 4800 baud modem today with
what we now call "modems."

> > I do have
> > a breakthrough though and that is in the area of a key exchange
> > protocol that can detect an active spoof, a problem unsolvable in theory
> > (at least in the opinion of Whit Diffie, Marty Hellman and Ron Rivest)
> > but solvable to any desired degree of confidence in practice.
> This would not make your machine cheaper., and anyone wanting real
> security will sign their Diffie-Hellman exchanges anyway.

No, not cheaper, just viable.  :-)

> > In fact
> > in the most common situation that I would expect it to be used, it is
> > provably secure against a spoof.
> Can't be done without shared data, because without shared data you
> have no way of even knowing who you are talking to.

We shall see.  I contend that with this I can establish a spoof-proof
point to point with a total stranger to any desired probability that
a spoof could not be there without disclosing him/her.  It is not hard
for me to envision, especially in business situations, how such a
thing would be more than useful.

There really is no point in arguing this until I can present it.
There are two reasons I mentioned it.  The first is that I wanted
to see if there have been any other breakthroughs in the time I 
have had this on the shelf and the second reason is private.  :-)

> > I can't say any more about how that
> > works but some fine mathematicians and some crypto names most of you
> > know have witnessed and validated it.
> Oh?




Bob Cain    rcain@netcom.com   408-354-8021

           "I used to be different.  But now I'm the same."

--------------PGP 1.0 or 2.0 public key available on request.------------------