[14617] in Cypherpunks


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Faster way to deescrow Clipper

daemon@ATHENA.MIT.EDU (Mike Ingle)
Thu Jun 2 19:44:13 1994

Date: Thu, 02 Jun 1994 19:39:05 -0400 (EDT)
From: Mike Ingle <MIKEINGLE@delphi.com>
To: cypherpunks@toad.com
X-Vms-To: INTERNET"cypherpunks@toad.com"

The attack posted here uses a brute-force search to find a phony LEAF
which has a valid checksum. Instead, why not just initialize the chip
with a session key and get the LEAF. Reset the chip and initialize it
with a different session key, but send the first LEAF instead of the
second one. The LEAF would look good unless you tried to decrypt the
session key. The wrong-IV problem would remain. The NSA should have
designed the Clipper so that, if the IV was wrong, the chips would not
accept the LEAF. They also should have used a much larger (32-bit or
even 64-bit) checksum.

--- Mike


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[14617] in Cypherpunks

Faster way to deescrow Clipper

daemon@ATHENA.MIT.EDU (Mike Ingle)Thu Jun 2 19:44:13 1994

daemon@ATHENA.MIT.EDU (Mike Ingle)
Thu Jun 2 19:44:13 1994