1994-06-18 - Re: Let us attack Clipper

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: Ben.Goren@asu.edu
Message Hash: 54d52db1d914b19528420ddd158ae6e7e089f324c0b559ef93c290123e996776
Message ID: <199406180359.UAA25733@netcom8.netcom.com>
Reply To: <9406180159.AA08164@Tux.Music.ASU.Edu>
UTC Datetime: 1994-06-18 03:59:38 UTC
Raw Date: Fri, 17 Jun 94 20:59:38 PDT

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Fri, 17 Jun 94 20:59:38 PDT
To: Ben.Goren@asu.edu
Subject: Re: Let us attack Clipper
In-Reply-To: <9406180159.AA08164@Tux.Music.ASU.Edu>
Message-ID: <199406180359.UAA25733@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Ben Goren writes:

> No, not with words, as we're all so fond of doing. Instead, I suggest that
> the NSA or others provide free access to an EES system on the 'net, for any
> and all to attempt attacks.
...
> This is an inexpensive way that EES advocates can permit access to the
> system for analysis. It would be only for research purposes--there'd be no
> way to encrypt a phone conversation, and anybody would have to be stupid to
> encrypt sensitive data with an NSA-owned machine, even assuming you could
> get the data to the computer securely in the first place.
> 
> To the NSA agent who is surely subscribed: if Clipper is so great, prove
> it. If you won't disclose the Skipjack algorithm (but why not if it's
> secure?), at least provide access to test its implementation.

And what if they *do* prove Clipper is secure (or "great")? How would
that change the objection many of us have to the _concept_ of key
escrow? (By this I mean the likelihood of mandatory key escrow, and a
government-subsidized Clipper product family.)

In my view, any focus on the details of Clipper instead of the overall
concept of key escrow plays into their hands.

This is not to say that the work of Blaze and others is
misguided....in fact, it's very fine work. But a general focus on the
details of Skipjack does nothing to allay my concerns about
government-mandated crypto.

If it were "house key escrow" and there were missing details about the
number of teeth allowed on the keys, would be then all breathe a sigh
of relief if the details of the teeth were clarified? Of course not.

Me, I will never use a key escrow system, even if a blue ribbon panel
of hackers and Cypherpunks studies the design and declares it to be
cryptographically sound.

I say let's not lose sight of the really basic objections.


--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."




Thread