[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question: Key Distr. in realtimeo applications?



>How does clipper solve this problem? 

It does not.  The Clipper initative (FIPS-185) deals solely with the
specification of a symmetric cipher with escrowed keys.  Key exchange
and authentication is outside the scope of the protocol, but most
implementations would probably use something like a D-H key exchange
to do it (remember that a Clipperphone guarantees privacy between yourself
and the person on the other end, but does NOT authenticate them to you
or you to them.  Man in the middle attacks are obviously possible,
depending on the key exchange protocol that your Clipperphones employ.)

						Ian.