[7198] in cryptography@c2.net mail archive
RE: NSA back doors in encryption products
daemon@ATHENA.MIT.EDU (Eugene Leitl)
Fri May 26 00:30:19 2000
From: Eugene Leitl <eugene.leitl@lrz.uni-muenchen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14637.60860.27000.141512@lrz.uni-muenchen.de>
Date: Thu, 25 May 2000 20:21:32 -0700 (PDT)
To: <cryptography@c2.net>, <transhumantech@excelsior.org>,
<transhumantech@onelist.com>
From: "Minow, Martin" <martin.minow@thinklinkinc.com>
Jim Choate writes:
> Bull, the hardware companies aren't any more trustworthy.
I've been recommending the Dallas Semiconductor "iButton"
<http://www.ibutton.com> for secure storage. The Java version
also lets you implement your own on-chip algorithms so you
can implement time- and usage-limited encryption. The chip
has an on-board 1024 bit RSA engine and other useful features.
Also, the Dallas folk put a lot of effort into making the
iButton secure against a variety of physical attacks, including
power analysis, probing, and physical dissassembly (all code
is on battery backed-up SRAM). The iButton is FIPS-140 certified.
On the other hand, there is no way for a customer without
access to "national resources" to determine whether there is an
undocumented way around their protection mechanisms (such as
a hard-wired master password). About all you can say is that,
if a back-door was discovered, the company would lose all
credibilty.
Is this good enough for all but the most paranoid?
Martin Minow
minow@pobox.com
