[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TIS--Building in Big Brother for a Better Tommorrow



At 12:02 AM 2/23/96 -0800, Bill Frantz wrote:
>At 11:16 PM 2/22/96 -0800, Timothy C. May wrote:
>>And we should all remember, again, that basic observation: even if "key
>>escrow" is needed to recover *stored* files, it sure ain't needed for
>>*communications*!!
>
>If a key is being generated for two way communications, then it should be
>generated via a protocol like Diffie-Hellman which leaves no recoverable
>knowlege of the key outside the participants, and discarded when the
>session is over of frequently, whichever occurs more often.  This procedure
>will reduce the incentive for rubber hose attacks to recover these keys.

I noted long ago that one disadvantage with having a single, standardized 
encryption chip (like Clipper, even with the key-escrow un-enabled) is that 
the NSA has plenty of money in its budget to build a fake chip that can be 
installed during a black-bag job.  True, if they could fake one chip they 
could fake 10, but it's harder to do and the demand for any single kind of 
chip might drop to one per year.   Unfortunately, a sufficiently-complex 
FPLD would probably sub for anything if it were in the right package...