[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: clipper pin-compatible chip
DrZaphod writes:
> Remember folx.. ya heard it here first.. Lesse.. was
> quite a while ago.. the day/or after that it was announced I believe.
> when ideas come full circle I can't help but think we missed one
> go-around and this is another reminder to do it. Let's
> plan ahead so we don't get trapped without an escape.
Yeah, a lot of folks suggested the same thing (I didn't, so I'm
neutral on the credit issue). It was debated in scy.crypt, as well as
here on Cypherpunks.
Reverse-engineering the Clipper/Capstone/Skipjack chips to the point
of allowing drop-in replacements would entail several things:
1. Access to the Clipper chips. I don't think the AT&T phones ("Reach
out and tap someone") are available yet...reports of yield problems,
delays, unhappiness at AT&T with the pace of deliveries, etc. I don't
know if Mykotronx, or their chip supplier (VLSI Technology Inc.) is
selling chips to end users....Arthur Abraham follows this and may
know.
So, getting enough chips is the first step.
2. "Peeling" the chip is the next step, that is, getting access to the
innards of the chip. Reports are that VTI is using various
tamper-resistant technologies to make peeling the chip harder. (My
guesses: etch-resistant epoxies, increased glass passivation/scratch
protection, and judicious use of 3-layer metal processess to make
probing difficult.)
3. Remember, testing the chip and attaching logic proves is generally
not sufficient to deduce the internal layout. Emulation cannot be done
this easily. The circuitry must match up to some extent (not exactly,
but more than just partial emulation).
4. I expect the Skipjace algorithm cannot be "faked" without knowing
the algorithm, and more. Several articles on this have alluded to the
difficulties in producing plausible-looking LEEFs (Law Enforcement
Exploitation Fields) without greater knowledge of the algorithms and
the keys assigned (I believe, but I could be wrong) to the specific
chip.
5. My guess is that a reverse engineering job on Clipper would cost
more than $200K for a commercial service to do, perhaps cheaper for
some motivated grad students at Berkeley or Stanford to do. (But then
they probably are thinking about other things.) And the job would
still have a fair chance of failing, not being a good enough
emulation, etc.
I suspect this is why such a project isn't going anywhere. The cost
and expertise needed, and the basic lack of a motivation.
The lack of motivation comes from the feeling of many of us that the
talk of Clipper, of weaknesses in it, etc., is misguided, that the
proper approach is reject key escrow on general principles. Convincing
businesses and individuals to steer clear of Clipper is an easier win.
(And if unapproved crypto is outlawed, all bets are off. Emulations
are not likely to pass muster, either.)
Finally, I've heard no repudiation of the other idea many folks have
suggested, some the day Clipper was announced (me, for example), and
some very recently: encrypt your data with your own algorithm prior to
using the government's system, should it be mandated. Unless they open
your packets, they'll never know. If they open your packets and
complain, claim it was something like bits for a test of randomness,
etc. (Too many variations on this to go into now. Suffice it to say
that outlawing the sending of bits that they can't "understand" is too
hard to enforce, even with foreseseable trends.)
But I don't want to discourage DrZaphod from launching such a project
to reverse-engineer the Clipper chip....I wish him luck on this
effort.
--Tim May
--
..........................................................................
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power:2**859433 | Public Key: PGP and MailSafe available.