[14668] in Cypherpunks
Re: Faster way to deescrow Clipper
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Jun 3 09:01:37 1994
To: Mike Ingle <MIKEINGLE@delphi.com>, cypherpunks@toad.com
In-Reply-To: Your message of "Fri, 03 Jun 1994 07:57:06 EDT."
<9406031157.AA03771@snark.imsi.com>
Reply-To: perry@imsi.com
Date: Fri, 03 Jun 1994 08:55:43 -0400
From: "Perry E. Metzger" <perry@imsi.com>
"Perry E. Metzger" says:
>
> Mike Ingle says:
> > The attack posted here uses a brute-force search to find a phony LEAF
> > which has a valid checksum. Instead, why not just initialize the chip
> > with a session key and get the LEAF. Reset the chip and initialize it
> > with a different session key, but send the first LEAF instead of the
> > second one.
>
> An interesting idea.
As I've now found out (I forwarded the message to Matt -- his paper
wasn't clear on this point) this won't work. As I've said in other
messages, session keys are an element of the method used to generate
the checksum buried in the LEAF.
Perry
