1994-07-29 - Re: Microsoft, Master-Keys, and DMS

Header Data

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
To: cypherpunks@toad.com
Message Hash: cc9ced162ec1758a921d16dc7e9837d3f8c90e0680d58f9af424b08019406362
Message ID: <9407290751.AA29544@anchor.ho.att.com>
Reply To: N/A
UTC Datetime: 1994-07-29 07:53:36 UTC
Raw Date: Fri, 29 Jul 94 00:53:36 PDT

Raw message

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Fri, 29 Jul 94 00:53:36 PDT
To: cypherpunks@toad.com
Subject: Re: Microsoft, Master-Keys, and DMS
Message-ID: <9407290751.AA29544@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry writes:
> As I've noted, according to a reliable source, Microsoft is a vendor
> of software for DMS, so although its not part of the products Merriman
> is mentioning, there are key escrow features in some software being
> delivered by Microsoft.

I've heard on the net that the Defense Messaging System (DMS) will be using Tessera cards,
but I really don't understand how they could use a key-escrow* system for classified data,
which is what the DMS is designed to carry.  After all, that would mean that the
classified data would be  accessible to people without a direct need to know,
which is non-kosher.  

At minimum, the master key for each card would have to be classified at the 
maximum level the card is authorized for (non-surprising), and the Key Generating Bureau's
Family keys would have to be classified at the maximum level *any* cards using it 
are authorized for (or different family keys for each level, I suppose, which has the
added benefit of making different-level cards non-interoperable.)  But making that
data classified means that classified data needs to be stored on the card,
which either means handling it as classified material (awkward), or putting *lots* of trust in 
the chip's tamperproofnesss (doubtful).

Alternatively, there may be some way to get Tessera cards to do Skipjack encryption
without sending the wiretap block at the beginning of the conversation,
either by simply not doing it, or by superencrypting that block for transmission
(which is the classic Clipperphone hack known since the beginning.)

		Bill





Thread