1994-03-14 - Clipper Cracks Appear
Header Data
From: “Alan (Miburi-san) Wexelblat” <wex@media.mit.edu>
To: VACCINIA@UNCVX1.OIT.UNC.EDU
Message Hash: 01f576242c315834e35dde25b1a239f773d55abc1c8c9676a08b1dcb3da83821
Message ID: <9403142038.AA02428@media.mit.edu>
Reply To: <01H9WCYCG136001758@UNCVX1.OIT.UNC.EDU>
UTC Datetime: 1994-03-14 20:39:03 UTC
Raw Date: Mon, 14 Mar 94 12:39:03 PST
Raw message
From: "Alan (Miburi-san) Wexelblat" <wex@media.mit.edu>
Date: Mon, 14 Mar 94 12:39:03 PST
To: VACCINIA@UNCVX1.OIT.UNC.EDU
Subject: Clipper Cracks Appear
In-Reply-To: <01H9WCYCG136001758@UNCVX1.OIT.UNC.EDU>
Message-ID: <9403142038.AA02428@media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain
I agree with Scott Morham, esp where he says:
> A ploy used successfully by many groups is to put forth an outrageous
> proposal, such as clipper etc. Then they soften the demands so that the
> opponent becomes disarmed, allowing that which the Gov't had intended to
> pass all along to go through as a compromise.
My fear for a while has been that key escrow is this "outrageous proposal"
-- that is, the gov't doesn't really think it can make key escrow
acceptable, so it'll propose a "compromise" of using Clipper without the key
escrow.
The logic behind this is that the LEAF field is not encrypted very strongly;
this would allow the NSA/FBI to decrypt a conversation without having to
bother with the keys (at least as I understand it; I'd be happy to be told I
was wrong).
According to notes published on this list, the NSA has already admitted that
the LEAF is not itself encrypted with Clipper; we don't know what it is
encrypted with, but I wonder:
Assume that the LEAF is weakly encrypted. Assume that third parties (such
as cypherpunks) try to show this by decrypting the LEAF. Would we be able
to *recognize* a decrypted LEAF? Not knowing the SKIPJACK algorithm, it's
unclear to me that we could recognize a session key even if we had one!
This sort of "security through obscurity" seems to be useful, as it renders
the LEAF immune to "known plaintext" forms of attack.
Again, I repeat that my knowledge of crypto is rudimentary at best, so it's
possible I'm wrong about some or all of this...
--Alan Wexelblat, Reality Hacker, Author, and Cyberspace Bard
Media Lab - Advanced Human Interface Group wex@media.mit.edu
Voice: 617-258-9168 Page: 617-945-1842 na53607@anon.penet.fi
We are Chaos Boys. We are coming to a paradigm near you.
Thread
Return to March 1994
- Return to ““Alan (Miburi-san) Wexelblat” <wex@media.mit.edu>”
Return to “VACCINIA@UNCVX1.OIT.UNC.EDU”
- 1994-03-13 (Sat, 12 Mar 94 18:00:55 PST) - Clipper Cracks Appear - VACCINIA@UNCVX1.OIT.UNC.EDU
- 1994-03-14 (Mon, 14 Mar 94 12:39:03 PST) - Clipper Cracks Appear - “Alan (Miburi-san) Wexelblat” <wex@media.mit.edu>