Clipper Cracks Appear

["Alan (Miburi-san) Wexelblat" <wex@media.mit.edu>]

I agree with Scott Morham, esp where he says:

> A ploy used successfully by many groups is to put forth an outrageous
> proposal, such as clipper etc. Then they soften the demands so that the
> opponent becomes disarmed, allowing that which the Gov't had intended to
> pass all along to go through as a compromise.

My fear for a while has been that key escrow is this "outrageous proposal"
-- that is, the gov't doesn't really think it can make key escrow
acceptable, so it'll propose a "compromise" of using Clipper without the key
escrow.

The logic behind this is that the LEAF field is not encrypted very strongly;
this would allow the NSA/FBI to decrypt a conversation without having to
bother with the keys (at least as I understand it; I'd be happy to be told I
was wrong).

According to notes published on this list, the NSA has already admitted that
the LEAF is not itself encrypted with Clipper; we don't know what it is
encrypted with, but I wonder:

Assume that the LEAF is weakly encrypted.  Assume that third parties (such
as cypherpunks) try to show this by decrypting the LEAF.  Would we be able
to *recognize* a decrypted LEAF?  Not knowing the SKIPJACK algorithm, it's
unclear to me that we could recognize a session key even if we had one!

This sort of "security through obscurity" seems to be useful, as it renders
the LEAF immune to "known plaintext" forms of attack.

Again, I repeat that my knowledge of crypto is rudimentary at best, so it's
possible I'm wrong about some or all of this...

--Alan Wexelblat, Reality Hacker, Author, and Cyberspace Bard
Media Lab - Advanced Human Interface Group	wex@media.mit.edu
Voice: 617-258-9168 Page: 617-945-1842		na53607@anon.penet.fi
We are Chaos Boys.  We are coming to a paradigm near you.