[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the rest of the key



>
>I understand the Skipjack review committee will be looking into the key
>generation process at Mykotronx also.  The procedures originally proposed
>for burning in the keys has some annoying flaws that have been pointed out
>frequently, like the existence of both halves in the same room at the same
>time, which would be a tempting target for somebody siphoning them off to
>a private single-site escrow. :)  Various people have suggested that the
>two halves of the key could be burned in at separate locations, so that the
>only place they're put together is in the key itself; this was not part of
>the proposal as we've seen it so far out here.
>

..but what of at least the original description which had the key generated
by a function within the sacrificial laptop (a PRNG driven by the two
key pieces supplied by the escrow agents)?

K_i = PRNG( E_1, E_2, i ) ;

If PRNG is secret (a high power NSA algorithm), it might be a *truly* high
quality one-way-function -- which happens to be independent of E_1 and E_2.

No one would be the wiser -- and the NSA's job would be a lot easier, in
the event that some chips get stolen or someone bombs the escrow center
and its backup sites.

 - Carl