Re: Fighting the Wiretap Chip Plan

[hkhenson@cup.portal.com]

When this "Clipper chip" story broke, I was off on an extropian (if 
not cypherpunk) activity--helping freeze Alcor's 27 patient (another 
HIV+ case.)  

I doubt I am the strongest hardware person on these groups, but nobody 
else has commented on this aspect.  You just *can't* make chips 
entirely resistant to reverse engineering.  I know, I have spent close 
to 10% of my engineering career reverse engineering things.  Given 
time and a few samples, *any* chip can be reverse engineered.  This is 
especially true with tools such as SEM stimulator/state readers and 
Focused Ion Beam chip slicers and dicers widely available.  *Somebody* 
will dig out every gate in their spare time.  Thus the following 
statement looks very odd: 

>Q:   How strong is the security in the device?  How can I be sure
>     how strong the security is?
>
>A:   This system is more secure than many other voice encryption
>     systems readily available today.  While the algorithm will
>     remain classified to protect the security of the key escrow
>     system,

Say what?  Does this mean that if somebody slices up a chip and 
publishes the algorithm the "security of the key escrow system" is 
broken?  Can a representative of the government say why, or if, this 
is the case?  If it is not the case, why not publish the algorithm and 
be done with it?  Because, soon as the chip can be bought over the 
counter or stolen, the algorithm will be deduced.

>             we are willing to invite an independent panel of
>     cryptography experts to evaluate the algorithm to assure all
>     potential users that there are no unrecognized
>     vulnerabilities.

Well, unless the "independent panel" includes people who can follow 
the algorithm all the way through to silicon, I would not trust their 
report even if I trusted the experts, and that goes double for the 
next set of masks. 

Keith Henson