[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Silly Shrinkwrapped Encryption





Jim Gillogly <[email protected]> writes:
> Eric Cordian says:
> > Could someone poke through Lotus Notes with a debugger and see exactly how
> > this "giving 24 bits to the government" is implemented? 
> 
> Lotus produced a "backgrounder" called "Differential Workfactor Cryptography"
> when they first promulgated the 64/40 stuff.  It says (in part):
> 
> 	We do that by encrypting 24 of the 64 bits under a public RSA key
> 	provided by the U.S. government and binding the encrypted partial
> 	key to the encrypted data.
> 
> I haven't seen the USG RSA key -- if it's 512 bits, that would be a humorous
> next factoring target.

It would be humorous to even have the modulus and exponent -- if
someone can obtain them, I'll package it up as a working PGP key, and
give it user id of Spook GAK key <[email protected]>, and submit to the
keyservers.  Then we have solved the key escrow implementation
problems for the US government -- anyone who wants to send them a
message can simply add DIRNSA to the list of recipeints.

I don't have a copy of Notes, otherwise I thought this a most fun
exploit to attempt.

The above "solution" to key escrow infra-structure calls from Freeh
etc., should be credited to Carl Ellison; probably others have
proposed it also.  Carl offered to sign some cheif spooks key, if he
would generate one for the purpose, cheif spook declined the offer.

I observed a few times before that now that Lotus have organised with
the NSA to produce such a key, we can do the job of implementing the
voluntary key escrow infrastructure for them.  (It is voluntary
right?)

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`