From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Thu, 31 Mar 94 20:20:23 PST
To: gtoal@an-teallach.com
Subject: Re: the rest of the key
Message-ID: <9404010412.AA15384@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


> Oh yes, and the guy who is asking the spooks about the technical stuff -
> be sure to find out where this 80-bit random number comes from and
> where it goes when it's been used...  Anyone who knows the split-pattern
> only needs to subvert *one* of the escrow agencies.

The Key Generation Bureau plans which Dorothy Denning originally broadcast
(the NSA has since said they've changed, but not said what to)
worked somewhere along the lines of:

- the two keymaster agencies each bring some keying material to the vault.
- the NSA guy puts them into his laptop, and runs a bunch of calculations like
	serialno += 1
	string = SkipjackE(K1, SkipjackD(K2, SkipjackE(K1, serialno)))
	E1 = scroungebits1(string)
	E2 = scroungebits2(string)
	Key = E1 XOR E2
	Burn Key into chip, store En on Keymastern's floppy
	repeat for entire batch
	nuke the laptop
	pay no attention to the man behind the curtain.