[6616] in cryptography@c2.net mail archive
Re: Interesting point about the declassified Capstone spec
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Fri Feb 11 16:59:45 2000
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@c2.net
Reply-To: pgut001@cs.auckland.ac.nz
X-Charge-To: pgut001
Date: Sat, 12 Feb 2000 10:51:01 (NZDT)
Message-ID: <95030586115289@kahu.cs.auckland.ac.nz>
reinhold@world.std.com (Arnold G. Reinhold) writes:
>I've always thought that the unique id built into each device and available
>to Law Enforcement (LE) without court order would give LE huge leap forward
>in traffic analyses.
That's not unique to Clipper though, I bet there are systems out there right
now which are grepping for certain PGP key ID's, S/MIME cert serial
numbers[0], etc etc etc as part of Echelon (even if you don't publish the key,
it's not going to be that hard to correlate a J.Random unpublished key ID
with an end entity).
Peter.
[0] Since many CA's use MD5 or SHA-1 hashes as the "serial number", you can
generally uniquely identify a cert by its "serial number" rather than
having to bother with the DN mess. It's pretty easy to automate, just
do a match for the 16- or 20-byte value which begins 15 bytes from the
start of the cert.
