Eli Brandt says:
Its not pre-encryption. He's actually getting around the key escrow features and using Skipjack in a secure manner. Its very slick.
I've been saying it can be done for more than a year. I wrote a C model of some operating code for the chip. The clipper chip has save and restore commands that are used to dump and restore the LR register (crypto state). You keep your own LEAF and feed it back to the chip. You take the initial value of the LR register after IV generation and reload, it contains the IV. You exchange IVs with the distant end, who has also feed his own LEAF back to his chip. You have achieved crypto sync. The save and restore commands are to allow a single cryptographic algorithm embodiment to be used for two or more contexts - in the case of a duplex communications channel - send and receive. The question should really be how easy it is to subborn a clipper phone unit. The TSD 3600 is the only one available at this time. You need to be able to capture its programming, either by modifying ROM, exception handling and additional ROM, etc. I've been hesitant to buy a couple and try it for several reasons: 1) I'm not sure the key exchange is satisfactory, any TSD 3600 will talk to any other. 2) There might be anti-tamper features (re: FIPS Pub 140-1), causing loss of crypto variables (say for key exchange). It might be possible the TSD won't operate it all if security features are tripped. (unlikely, when you consider mechanical switches might bounce when one of these is thrown is a briefcase). 3) Its potentially a lot of work to capture the instruction stream. If internal ROM is used in something, its probably security locked. I could think of a couple of ways to make it harder to break into the code that operates a clipper chip.