[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
White House Encryption idea
Date: Fri, 16 Apr 1993 15:13 CDT
From: [email protected]
Well, this all sounds fine and dandy, but...
1) They are not passing out the algorithym, and I dont trust ANYONE to tell
me its secure. ...
4) No explanation of what the 'key' contents are composed of (numbers, letters,
alphanum, characters, some odd cyphercode???) is even implied.
5) No explanation of how the key is propegated or if it will even be needed
for the remote site is mentioned. How are the remote sites going to
decypher your cyphersounds(text)?
There was no mention of further releases in information...is this all we get?
treason@gnu
Question (5) is particularly acute. Offhand I can think of two ways the
remote site might decrypt the message:
1. If the two phones can talk to each other then the originator phone
might ask the receiver phone for its public key (as in public key
cryptography) and then use this to encrypt the message. (The receiver
phone then decrypts with its private key.) But since the encryption is
occurring in real time, this is probably not feasible unless short keys
are used.
2. The originator phone might simply send the encryption key down the
line, perhaps itself encrypted or disguised in some way. If so then it
might not be too hard to discover the key. In this case all security
lies in ignorance of the encryption algorithm used (violating crypto-
logical principles). It probably wouldn't be too long (at most a year
or so) before someone figures out what the algorithm is, in which case
all security is compromised. However, security in particular cases is
relative to the expertise of the attacker, so it might still be the case
that one's neighbors and business competitors could not decrypt the
message, even if XYZ Security Consultants could.
-- Peter Meyer