Mitch on the Clipper Mailing list

18 Apr 1993

      I had asked Mitch to repost any communications that
have gone over this list. He has.

I appreciate his willing to clear up this issue.

As I have stated before, I believe him, that NIST simply
created this list of people they wanted to be in direct
contact with.

/harry

a conscious being, Mitchell Kapor wrote:
...
From mkapor@eff.org Sun Apr 18 00:58:00 1993
Message-Id: <199304181257.AA06031@eff.org>
Date: Sun, 18 Apr 1993 08:58:00 -0800
To: habs@Panix.Com
From: Mitchell Kapor 
Subject: Re: The mysterious mailing list
I received the statement of the Press Secretary and the public fact sheet
from Ed Roback.  I have not repoduced the full text as it is readily
available elsewhere.
Following this is a thread between Gerano Cannoni and Martin Hellman.  I
have deleted the text of Marty's longest response, as it is being
circulated elsewhere.
...
Last, there is a single message from A. Pagett Patterson.
...
And that's it (assuming I haven't missed something in reviewing my
mail stream).
...
Feel free to re-post this, put in on an FTP, whatever.  I don't have any
more time to deal with this issue.
Date: Fri, 16 Apr 93 11:02:59 EDT
From: Ed Roback 
Organization: FIRST, The Forum of Incident Response & Security Teams
Posted-Date: Fri, 16 Apr 93 11:02:59 EDT
To: clipper@csrc.ncsl.nist.gov
Subject: text of White House announcement and Q&As on clipper chip encryption
Note:  This file will also be available via anonymous file
transfer from csrc.ncsl.nist.gov in directory /pub/nistnews and
via the NIST Computer Security BBS at 301-948-5717.
     ---------------------------------------------------
THE WHITE HOUSE
Office of the Press Secretary
_________________________________________________________________
For Immediate Release                           April 16, 1993
STATEMENT BY THE PRESS SECRETARY
The President today announced a new initiative that will bring
the Federal Government together with industry in a voluntary
program to improve the security and privacy of telephone
communications while meeting the legitimate needs of law
enforcement.
...
Date: Fri, 16 Apr 93 16:44:10 EDT
From: Ed Roback 
Organization: FIRST, The Forum of Incident Response & Security Teams
Posted-Date: Fri, 16 Apr 93 16:44:10 EDT
To: clipper@csrc.ncsl.nist.gov
Subject: White House Public Encryption Management Fact Sheet
Note:     The following was released by the White House today in
          conjunction with the announcement of the Clipper Chip
          encryption technology.
FACT SHEET
PUBLIC ENCRYPTION MANAGEMENT
The President has approved a directive on "Public Encryption
Management."  The directive provides for the following:
...
Posted-Date: Sat, 17 Apr 93 01:26:06 +0200
From: caronni@nessie.cs.id.ethz.ch (Germano Caronni)
Date: Sat, 17 Apr 93 01:26:06 +0200
To: clipper@csrc.ncsl.nist.gov
Subject: Clipper-Chip Escrow-System Flaws
Newsgroups:
alt.privacy,sci.crypt,alt.security,comp.security.misc,comp.org.eff.talk
Organization: Swiss Federal Institute of Technology (ETH), Zurich, CH
Cc:
Good day,
as a non-citizien of USA I have read your announcment of the
'Clipper-Chip' with great interest, and am happy to see a increase
in lawful privacy in the USA. I hope this policy will extend to
other countries too.
In the meantime I suspect two flaws in the 'Clipper-Chip' as it was
announced today via NIST/electronic media.
1) Keeping secret the algorithm which performs encryption is in my
   humble opinion a bad idea. It hinders 'Clipper' to get publicly
   accepted, and hinders the minute examination of the Clipper-
   Algorithm by other then a few experts.
   But I am sure this was well considered.
Now the important suggestion :=)
2) By splitting the 80-Bit-Key of clipper in two parts, and give
   them to different organizations, you add an uneeded WEAKNESS
   to the escrow-system. This way, corruption of one escrow will
   allow an easier attack on the Key than might be possible.
   (e.g. if I obtain 40 bits of possible 80 bits keys, exhaustive
    keysearch is definitively no problem.)
   You might instead generate 2 (or even more, if this ist not
   politically indesired) 80-Bit-Sequences which, when XOR-ed
   together will provide the original, needed key, but alone they
   are worthless. I am sure persons with knowledge in this area, which
   surely can be found at NIST (or wherever) will agree.
I hope that this remark is of interest for you.
Friendly greetings,
Germano Caronni
P.S.
I am sure you have remarked, that the current policy is interpretable
to tend toward an abolition of 'unbreakable' secure communication
via electronic Media, and hope that this will _not_ come true.
Disclaimer: This mail is in now way whatsoever connected to the Swiss 
Federal Inst. of Technology, but expresses my personal thoughts.
Organization: FIRST, The Forum of Incident Response & Security Teams
Posted-Date: Fri, 16 Apr 93 22:32:14 PDT
Date: Fri, 16 Apr 93 22:32:14 PDT
From: "Martin Hellman" 
To: caronni@nessie.cs.id.ethz.ch, clipper@csrc.ncsl.nist.gov
Subject: Re:  Clipper-Chip Escrow-System Flaws
I received your message suggesting:
2) By splitting the 80-Bit-Key of clipper in two parts, and give
   them to different organizations, you add an uneeded WEAKNESS
   to the escrow-system. This way, corruption of one escrow will
   allow an easier attack on the Key than might be possible.
   (e.g. if I obtain 40 bits of possible 80 bits keys, exhaustive
    keysearch is definitively no problem.)
   You might instead generate 2 (or even more, if this ist not
   politically indesired) 80-Bit-Sequences which, when XOR-ed
   together will provide the original, needed key, but alone they
   are worthless.
In a conversation with NSA today, I was told
that two random 80-bit numbers will be XORed to produce
the 80-bit key and the two individual numbers kept by
two separate escrow authorities  -- who they are is
to be decided. So your suggestion is, in fact, how it
will be handled.
martin hellman
Disclaimer: this in no way should be interpreted to mean
that I approve of the Clipper Chip. While I am still in the
process of learning more about it, my immediate reaction
was not positive. More later.
Organization: FIRST, The Forum of Incident Response & Security Teams
Posted-Date: Sat, 17 Apr 93 23:05:23 PDT
Date: Sat, 17 Apr 93 23:05:23 PDT
From: "Martin Hellman" 
To: ...clipper@csrc.ncsl.nist.gov...
Subject: Clipper Chip
Most of you have seen the announcement in Friday's NY Times,
etc. about NIST (National Institute of Standards & Technology)
announcing the "Clipper Chip" crypto device. Several messges
on the net have asked for more technical details, and some have
been laboring under understandable misunderstandings given
the lack of details in the news  articles. So here to help out
is your friendly NSA link: me. I was somewhat surprised Friday
to get a call from the Agency which supplied many of the missing
details. I was told the info was public, so here it is (the cc of this
to Dennis Branstad at NIST is mostly as a double check on my
facts since I assume he is aware of all this; please let me know
if I have anything wrong):
...
Organization: FIRST, The Forum of Incident Response & Security Teams
Posted-Date: Sat, 17 Apr 93 08:55:31 -0400
Date: Sat, 17 Apr 93 08:55:31 -0400
From: padgett@tccslr.dnet.mmc.com (A. Padgett Peterson)
To: "clipper@csrc.ncsl.nist.gov"@uvs1.dnet.mmc.com
Subject: Panel
I would like to be considered for the "outside panel" assessing the 
Clipper Technology.
      				A. Padgett Peterson, P.E.
-- 
Harry Shapiro  				      habs@panix.com
List Administrator of the Extropy Institute Mailing List
Private Communication for the Extropian Community since 1991