1994-02-24 - Re: Clipper

Header Data

From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
To: cypherpunks@toad.com
Message Hash: d3986c4ce28a6a7aedf25d9650c48e31d595c4cc532ce282fcd2c77f0436f567
Message ID: <8hP0YcW00awN47dmsf@andrew.cmu.edu>
Reply To: <9402240058.AA18284@toad.com>
UTC Datetime: 1994-02-24 01:57:12 UTC
Raw Date: Wed, 23 Feb 94 17:57:12 PST

Raw message

From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Wed, 23 Feb 94 17:57:12 PST
To: cypherpunks@toad.com
Subject: Re: Clipper
In-Reply-To: <9402240058.AA18284@toad.com>
Message-ID: <8hP0YcW00awN47dmsf@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Eli Brandt <ebrandt@jarthur.claremont.edu> wrote:
> Of course they aren't using Clipper, at least not for anything
> sensitive.  They know better than that.  Clipper is not a secure
> system.  Skipjack may be wonderful, but the whole setup
> totally lacks key security.  Given their institutional paranoia,
> they wouldn't touch Clipper with a 1024-bit prime.

Skipjack might have a decent design, but considering that it uses 10
byte keys, it will probably be feasible to mount a brute-force attack on
it within a decade or so.  (As is currently possible with DES 7-byte
keys.)





Thread