1994-03-28 - Re: cfp ‘94 transcript

Header Data

From: jim@bilbo.suite.com (Jim Miller)
To: cypherpunks@toad.com
Message Hash: 2339fa85d5199e1d8c2b50351e132c54958663c2489aaccc9673ff6e73f73257
Message ID: <9403282300.AA25661@bilbo.suite.com>
Reply To: N/A
UTC Datetime: 1994-03-28 23:07:01 UTC
Raw Date: Mon, 28 Mar 94 15:07:01 PST

Raw message

From: jim@bilbo.suite.com (Jim Miller)
Date: Mon, 28 Mar 94 15:07:01 PST
To: cypherpunks@toad.com
Subject: Re: cfp '94 transcript
Message-ID: <9403282300.AA25661@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain




-----------
[...]

(Unknown)                     My name is Barbolin (?) from GRC (?). 

I have a question concerning the algorithm that is used in the
Clipper Chip, Skipjack..[]..There is a certain amount of conjecture
that in fact the algorithm contains a deliberately encoded weakness
that will allow the NSA, without access to the escrow keys, to be
able to intercept communication in their mission to monitor on-
shore and off-shore communications..[]..

BAKER                         I'll answer it yes or no if you'll
tell me exactly the question.

UNKNOWN                       Does it or does it not contain a
weakness that allows you to intercept the communications without
access to the escrow keys.  


BAKER                         No.       

-----------

ObNit:  As has been said before by others, there's more to  
Clipper/EES than just the Skipjack algorithm.  I think simply asking  
if "the [Skipjack] algorithm contains a deliberately encoded  
weakness" leaves too much room for a "truthful" No answer.

People have posted descriptions of mechanisms that could be used to  
leak key information which do not rely on a deliberately weakened  
encryption algorithm.  (depends on how broadly you define  
"algorithm").

A better question to ask would be...

Are there any software or hardware mechanisms, or combinations of  
software and hardware mechanisms, present in the Clipper/EES system  
that supports or enables decryption of intercepted Clipper/EES  
communications without access to escrowed unit keys?

Does that cover it well enough?

Jim_Miller@suite.com





Thread