If they're nasty, they'll check on the receiving side as well, to ensure that the LEAF and/or the espionage-enabling key have not been patched in the sending 'International' version.
Nearly impossible. Why? Because they can only include the public key, and not the private key, of the GAK authority in the code. You can encrypt the three bytes of key, but it is very hard for a receiver other than the govvies to read them. There is no shared secret information or private information available, ergo, they can't check their LEAF equivalent.
If the 3 GAK bytes are derived from the key & the secret key, couldn't it be done this way: * sender creates 64-bit session key K * sender encrypts K with recepient's public key (say P_r(K)) * sender encrypts top 3 GAK bytes w/GAK key The recipent can verify the GAK bytes by using it's copy of the GAK key on the top bytes of the session key. If the encrypted GAK bytes match what was sent, then they're valid. No need to have the secret key. --- Fletch __`'/| fletch@ain.bls.com "Lisa, in this house we obey the \ o.O' ______ 404 713-0414(w) Laws of Thermodynamics!" H. Simpson =(___)= -| Ack. | 404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43 U ------