[14615] in Cypherpunks
Re: Black Eye for NSA, NIST, and Denning
daemon@ATHENA.MIT.EDU (Derek Atkins)
Thu Jun 2 19:18:35 1994
To: koontzd@lrcs.loral.com (David Koontz )
Cc: adam@bwh.harvard.edu, tcmay@netcom.com, cypherpunks@toad.com
In-Reply-To: Your message of "Thu, 02 Jun 1994 15:44:05 PDT."
<9406022244.AA18607@io.lrcs.loral.com>
Date: Thu, 02 Jun 1994 19:13:02 -0400
From: Derek Atkins <warlord@MIT.EDU>
The format of the LEAF block is public knowledge. Here is how it
is formed:
[80-bit Session key Ks] [16-bit # ] [32-bit chip ID]
[80-bit Unit Key Ku]
[80-bit. {Ks}Ku ] [16b {#}Ks] [32-bit chip ID]
[128-bit LEAF: {{Ks}Ku {#}Ks ID}Kf (Kf == family key)]
Whether or not known plaintext will work is unclear, since you cannot
get {#}Ks (you really don't know what it is outside the chip) and you
also don't know what # is (it is, according to the NSA, a fixed number
in all the chips).
Hope this helps.
-derek
Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
Home page: http://www.mit.edu:8001/people/warlord/home_page.html
warlord@MIT.EDU PP-ASEL N1NWH PGP key available
