From: “Pat Farrell” <pfarrell@netcom.com>
To: cme@tis.com
Message Hash: e82329dc330b62b88f55aec05a4a8a652eecbb82744199b839ecdcce53073ef2
Message ID: <80481.pfarrell@netcom.com>
Reply To: N/A
UTC Datetime: 1995-09-14 02:22:33 UTC
Raw Date: Wed, 13 Sep 95 19:22:33 PDT
From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 13 Sep 95 19:22:33 PDT
To: cme@tis.com
Subject: Re: Can GAK be made "not interoperable" with PGP?
Message-ID: <80481.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
Duncan Frissell <frissell@panix.com> writes:
> Timothy C. May wrote:
>>But is this even possible, to make a GAK system "not interoperable" with,
>> say, PGP?
>> Unless the GAK system has some sort of entropy analyzer, and can
>> recognize high-entropy sources which it presumes to be encrypted data
>> (*), one can of course PGP-encrypt a text file and then GAK the
>> resulting file.
>
> I took it to mean that they were saying that an approved program on one
> end of a communication exchange could not exchange encrypted messages or
> established an encrypted session of some kind with an un approved program
> on the other end. Not trying to outlaw superencryption (PGP on both ends
> using a GAKed channel) but GAK on one end working with an unapproved
> system on the other end. A ringer GAK-work-alike that would defeat the
> intent of GAK.
> I don't know if the government can prevent that with a software-only
> system or indeed if half a secure system can be made completely secure.
The breakout session that I was in was directly charged with this issue.
We talked at length about it. There were NIS&T and NSA folks at the session.
The consensus was that the Government wanted to prevent a version of PGP
that was export enabled (GAK and short keys) that would be backward
compatible.
The group stated strongly that this was a "non starter." That is,
it was unacceptable. Vendors wanted "sales appeal." That means
compatibility with existing software. And compatibility with existing
export-approved systems. [DES has been exported to "friendly" countries
with strict controls.]
And criteria #2 specifically outlawed superencryption.
No DES | TRAN | DES | TRAN | DES.
They were serious. talk to CME, he was in that session.
I believe that this criteria is stupid, or at least ill-advised.
But the govies insisted.
All the more justification to ignore the US rules and develop
off-shore.
Pat
Pat Farrell Grad Student http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage #include <standard.disclaimer>
Return to September 1995
Return to ““Pat Farrell” <pfarrell@netcom.com>”
1995-09-14 (Wed, 13 Sep 95 19:22:33 PDT) - Re: Can GAK be made “not interoperable” with PGP? - “Pat Farrell” <pfarrell@netcom.com>