[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Fowarded messages from RISKS
- To: [email protected]
- Subject: Fowarded messages from RISKS
- From: [email protected] (Paul Ferguson)
- Date: Thu, 22 Apr 93 11:03:45 EDT
- Organization: Sytex Communications, Inc
Greets.
These two forwarded message are from the RISKS Forum (14.51). I
thought some of you folks might be interested. (Padgett Peterson is
a fellow assembler buff who is better known on comp.virus.)
---- Forwded Messages --------------------------
Date: Mon, 19 Apr 93 9:21:53 EDT [RISKS-14.51]
From: Clipper Chip Announcement <[email protected]>
Organization: FIRST, The Forum of Incident Response & Security Teams
Subject: Slide presented at White House briefing on Clipper Chip
Note: The following material was handed out a press briefing on the
Clipper Chip on 4/16.
Chip Operation
Microchip
User's Message +----------------------+
------------------> | | 1. Message encrypted
| Encryption Algorithm | with user's key
| |
| Serial # | 2. User's key
encrypted
| |--> with chip unique
key
| Chip Unique Key |
User's Encryption | | 3. Serial # encrypted
Key | Chip Family Key | with chip family
key
------------------> | |
| |
+----------------------+
For Law Enforcement to Read a Suspect's Message
1. Need to obtain court authorized warrant to tap the suspect's
telephone.
2. Record encrypted message
3. Use chip family key to decrypt chip serial number
4. Take this serial number *and* court order to custodians
of disks A and B
5. Add the A and B components for that serial number = the chip
unique key for the suspect user
6. Use this key to decrypt the user's message key for
this recorded message
7. Finally, use this message key to decrypt the recorded message.
- ------------------------------
Date: Sat, 17 Apr 93 09:12:57 -0400 [RISKS-14.51]
From: [email protected] (A. Padgett Peterson)
Subject: "Clipper Chip"
I suppose we should have expected something after all of the sound and
fury of the last few years. The announcement does not really give
enough information though.
My first thought involves conventional compromise: what happens if the
keys are captured through theft *and you know about it* - how
difficult is it to change the keys ? What do you do between the time
the loss is detected and the time a new key set is approved. How
difficult is it to program the chip or do you need a new one ? (and
if the chip can be reprogrammed, how do you prevent covert changes
that will not be discovered until authorization to tap is received and
the agency finds out that it cannot ?). Potentially this must occur
every time a trusted employee leaves.
For some time, I have been playing with dynamic access cards ("tokens")
as seeds for full session encryption rather than just for password
devices. Since the encryption requires three parts (PIN, challenge, and
token) which are only physically together at the secure system, and since
only the challenge passes on the net, and since once encryption starts
you have not only provided protection to the session, you have also
authenticated both ends simultaneously (by the fact that you can
communicate), it seems ideal. *And everything necessary already exists*.
From several US companies. It just has not been put together as a
commercial product (FUD at work 8*(.
Since key generation is on-the-fly at the onset of the session, obviously
what the gov needs is not the key but the "key to the key" (of course
computers, even a PC, are really good at this.
The real question is "Why a new chip ?" The technology to do this has
been around for years and several DES chips are available commercially
today. The BCC laptop (I like Beaver better 8*) 007 provides this
internally today with (I believe) the LSI-Logic chip and
Enigma-Logic's PC-SAFE (plugs) does the same with software alone. As
indicated in the announcement, financial institutions have been using
encrypted transmissions for years without any great outcry.
IMHO the real hold-up has been $$$ - cheap error-correcting modem
technology to prevent synch losses rather than a lack of good crypto
algorithms. Today this is a done deal (actually we have known how to
keep in synch since the sixties but you couldn't buy 56kb for under
$300.00 at BizMart - now part of K-Mart ! - then).
True, there are a lot of questions yet to be answered, but again IMHO
most center on the exception cases and not the encryption technology
itself.
Padgett
---- End Forwarded Messages --------------------------
Cheers.
Paul Ferguson | Uncle Sam wants to read
Network Integration Consultant | your e-mail...
Centreville, Virginia USA | Just say "NO" to the Clipper
[email protected] | Chip...