[14595] in Cypherpunks
Re: News Flash: Clipper Bug?
daemon@ATHENA.MIT.EDU (bill.stewart@pleasantonca.ncr.com )
Thu Jun 2 14:29:32 1994
Date: Thu, 2 Jun 94 14:22:23 EDT
From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
To: cypherpunks@toad.com
> Here is what the article on the upper right hand side of this morning's
> New York Times says:
>
> "To defeat the system, Dr. Blaze programmed a 'rouge' unit to test
> thousands of LEAF's. Once he found a valid key, he inserted it in place
I assume 'rouge' is a typo - Matt's paper was talking about
rogue units, rather than Commies or makeup-artists :-)
One weakness in the weakness is that most Clippersystems
appear to be designed to use the same session key in each direction,
so both ends have to be privacy-protected versions to prevent
wiretapping, since a non-rogue LEAF from either end will give away the key.
But it's a good start, and ought to be exploited for all the
political mileage we can get out of it.... and it's not surprising
that security in a conversation is everybody's job...
Bill
