1994-06-03 - Re: Black Eye for NSA, NIST, and Denning

Header Data

From: “Perry E. Metzger” <perry@imsi.com>
To: cypherpunks@toad.com
Message Hash: f54d61af52a71bae3bef8bd74ea53633072d66c0cb829d91fe3b726472bc944b
Message ID: <9406031201.AA03789@snark.imsi.com>
Reply To: <9406022314.AA00217@squeamish-ossifrage.mit.edu>
UTC Datetime: 1994-06-03 12:02:27 UTC
Raw Date: Fri, 3 Jun 94 05:02:27 PDT

Raw message

From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 3 Jun 94 05:02:27 PDT
To: cypherpunks@toad.com
Subject: Re: Black Eye for NSA, NIST, and Denning
In-Reply-To: <9406022314.AA00217@squeamish-ossifrage.mit.edu>
Message-ID: <9406031201.AA03789@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Derek Atkins says:
> > brute force search for one quite practical -- especially since it only
> > need be done once.
> 
> actually, it needs to be done once per session key (i.e., when you
> change the session key, you need to re-issue a LEAF)

However, it can be done in advance, and you can conceivably reuse
forged LEAFs.

I've come up with what I believe to be a pretty good algorithm to
prevent this problem. I would like to patent it so that I can then
charge exhorbitant sums of manufacturers should the technique be
incorporated in a future EES design. Anyone know where I can find a
cheap patent attorney?

Perry





Thread