From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 27 Sep 95 15:24:06 PDT
To: jay.hyden@alpha.c2.org
Subject: Re: Time Keys, Some Secure Ideas (by Alias: Jay Hyden)
Message-ID: <199509272223.PAA13696@ix7.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Jay - you wrote:
>             >> Time Keys, Some Secure Ideas <<
> The weakest attack on a time key based system is to spoof the
>computer that keeps track of time into releasing encryption
>keys i.e. change the clock.

No, the weakest link is that you have to trust the person _running_
the time key system.  Spoofing the clock only matters to a system 
you trust.  Even a system running on a satellite isn't trustable
unless you're running it yourself; your good friend and business partner
who launched it may have put in a backdoor because the KGB threatened
to kill his grandmother if he didn't.
#---
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---