I agree with Scott Morham, esp where he says:
A ploy used successfully by many groups is to put forth an outrageous proposal, such as clipper etc. Then they soften the demands so that the opponent becomes disarmed, allowing that which the Gov't had intended to pass all along to go through as a compromise.
My fear for a while has been that key escrow is this "outrageous proposal" -- that is, the gov't doesn't really think it can make key escrow acceptable, so it'll propose a "compromise" of using Clipper without the key escrow. The logic behind this is that the LEAF field is not encrypted very strongly; this would allow the NSA/FBI to decrypt a conversation without having to bother with the keys (at least as I understand it; I'd be happy to be told I was wrong). According to notes published on this list, the NSA has already admitted that the LEAF is not itself encrypted with Clipper; we don't know what it is encrypted with, but I wonder: Assume that the LEAF is weakly encrypted. Assume that third parties (such as cypherpunks) try to show this by decrypting the LEAF. Would we be able to *recognize* a decrypted LEAF? Not knowing the SKIPJACK algorithm, it's unclear to me that we could recognize a session key even if we had one! This sort of "security through obscurity" seems to be useful, as it renders the LEAF immune to "known plaintext" forms of attack. Again, I repeat that my knowledge of crypto is rudimentary at best, so it's possible I'm wrong about some or all of this... --Alan Wexelblat, Reality Hacker, Author, and Cyberspace Bard Media Lab - Advanced Human Interface Group wex@media.mit.edu Voice: 617-258-9168 Page: 617-945-1842 na53607@anon.penet.fi We are Chaos Boys. We are coming to a paradigm near you.