1997-02-07 - Re: 40-bit RC5 crack meaningless??

Header Data

From: Vin McLellan <vin@shore.net>
To: “Michael Froomkin - U.Miami School of Law” <froomkin@law.miami.edu>
Message Hash: 999a52093c1d41710375ed8fcc801a9ec5bbe74b57d4812832ffcd94febbfab7
Message ID: <199702071513.HAA24904@toad.com>
Reply To: N/A
UTC Datetime: 1997-02-07 15:13:36 UTC
Raw Date: Fri, 7 Feb 1997 07:13:36 -0800 (PST)

Raw message

From: Vin McLellan <vin@shore.net>
Date: Fri, 7 Feb 1997 07:13:36 -0800 (PST)
To: "Michael Froomkin - U.Miami School of Law" <froomkin@law.miami.edu>
Subject: Re: 40-bit RC5 crack meaningless??
Message-ID: <199702071513.HAA24904@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


	The alway-informed Prof. Froomkin <froomkin@law.miami.edu> asked:

>This would be the same Strassmann who stated in public at Harvard early in
>1995 that most remailers were run by intelligence agencies such as the
>KGB, then denied saying it when asked for substantiation?   And cut it
>from his paper?

	Don't know that one, but it seems feasible.  Strassmann had the
status to speak at Harvard; probably the K school.  (He's also an
interesting author, really worth a read; despite this recent balderdash.)
I kept a clip from an interview with him for years: after the bomb attack
on the World Trade Tower he proclaimed that a "Electronic Pearl Harbor"
attack on the US was inevitable.  The only question, he said, was when. Not
if.

	(It was a usefully overheated hook for some article on compsec, but
I don't think I ever used it.  Reminded me too much of warnings that
someone was bound to someday taint the city water reservoir with LSD;-)

	As I recall, that piece also quoted him as saying that he knew of
an incident where some group had held a major banking institution ransom
with a threat to destroy their data files somehow.  He refused to identify
the institution or otherwise give any further details about the incident.
Came to mind a few months back, when Winn Schwartau was firing off (also
overheated) missives from Europe reporting, with scant detail, that several
UK or European banking institutions had paid off millions when subjected to
similar blackmail.

> {...} there is some debate about the extent to which in
>*intelligence gathering* as opposed to, say, trying to crack a banking
>protocol, one can reasonably count on a known plaintext.  And much debate
>about the processing costs of not having one, especially when one doesn't
>know what kind of document is being encrypted (e.g. is it ASCII plaintext?
>a spreadsheet? a jpeg? etc.).  I think that's his (misdirected) point.

	The latter is a interesting debate -- but, as you note, not really
relevant in this case, where Strassmann proclaims:

>>In summary: The claim of exportable cryptography being totally
>>insecure, because it can be cracked in 3.5 hours is not
>>realistic. The three clues announced in the contest
>>would not apply  under infowar conditions.

	Now, an international institution which buys and bets the bank upon
US-exportable (40-bit) cryptography probably deserves what it has bought:
espionage-enabled software designed for fast and cheap decryption by spooks
and sundry college kids with access to a handful of machines.  The original
annoucement of the RSA Secret Key Challenge declared forthrightly that even
56-bit keys -- whatever the algorithm! -- offer only "minimal" security.
(What Goldberg did in hours, many could do in a days or weeks with much
less equipment.  A 40-bit key length offers a universe of about, what? a
trillion possible keys.)

	And while there might be debate as to how hard it is to attack
cyphertext when the attacker doesn't know _anything_ about the message (not
its data format; not the language being used; nothing!) there is really
none about the fact that -- with virtually any piece of that puzzle -- the
attack becomes relatively straightforward.  A big job for a little machine,
but conceivable: grab a key, decrypt, and then match for the right stats.

	Rare indeed is the commercial message, or even the typical
government transmission, where its original digital format is not easily
guessed -- if not known for certain. That is the contemporary, real-world,
infowar/infocrime environment.

	To a machine -- which is, after all, looking for a statistical
pattern in the results, not "meaning" -- knowing that the message is in
English (and/or coded in ASCII) is functionally equivalent to an
old-fashioned human codebreaker being given a matched plaintext/cyphertext
sample.  Given that much, the computer doesn't need the plaintext!  It's
counterintuitive to the layman, but one would expect a savvy systems guy
like Strassmann to know this cold.  Even my son, at 4, understands that a
computer manipulates the fodder fed it only in terms of ones and zeros.

	Statistics, not the "plaintext" clue, reveal who dun it... to the
machine.

	Clue #3 -- "the giveaway."  Lord help us!  Paul Strassmann has
probably taught a generation of the DC InfoWar accolytes how to think about
this stuff!!!

	Hopefully their kids can re-educate them.

	Suerte,
		_Vin


         Vin McLellan + The Privacy Guild + <vin@shore.net>
      53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548








Thread