I had asked Mitch to repost any communications that have gone over this list. He has. I appreciate his willing to clear up this issue. As I have stated before, I believe him, that NIST simply created this list of people they wanted to be in direct contact with. /harry a conscious being, Mitchell Kapor wrote:
From mkapor@eff.org Sun Apr 18 00:58:00 1993 Message-Id: <199304181257.AA06031@eff.org> Date: Sun, 18 Apr 1993 08:58:00 -0800 To: habs@Panix.Com From: Mitchell Kapor <mkapor@eff.org> Subject: Re: The mysterious mailing list
I received the statement of the Press Secretary and the public fact sheet from Ed Roback. I have not repoduced the full text as it is readily available elsewhere.
Following this is a thread between Gerano Cannoni and Martin Hellman. I have deleted the text of Marty's longest response, as it is being circulated elsewhere.
Last, there is a single message from A. Pagett Patterson.
And that's it (assuming I haven't missed something in reviewing my mail stream).
Feel free to re-post this, put in on an FTP, whatever. I don't have any more time to deal with this issue.
Date: Fri, 16 Apr 93 11:02:59 EDT From: Ed Roback <roback@first.org> Organization: FIRST, The Forum of Incident Response & Security Teams Posted-Date: Fri, 16 Apr 93 11:02:59 EDT To: clipper@csrc.ncsl.nist.gov Subject: text of White House announcement and Q&As on clipper chip encryption
Note: This file will also be available via anonymous file transfer from csrc.ncsl.nist.gov in directory /pub/nistnews and via the NIST Computer Security BBS at 301-948-5717. ---------------------------------------------------
THE WHITE HOUSE
Office of the Press Secretary
_________________________________________________________________
For Immediate Release April 16, 1993
STATEMENT BY THE PRESS SECRETARY
The President today announced a new initiative that will bring the Federal Government together with industry in a voluntary program to improve the security and privacy of telephone communications while meeting the legitimate needs of law enforcement. ...
Date: Fri, 16 Apr 93 16:44:10 EDT From: Ed Roback <roback@first.org> Organization: FIRST, The Forum of Incident Response & Security Teams Posted-Date: Fri, 16 Apr 93 16:44:10 EDT To: clipper@csrc.ncsl.nist.gov Subject: White House Public Encryption Management Fact Sheet
Note: The following was released by the White House today in conjunction with the announcement of the Clipper Chip encryption technology.
FACT SHEET
PUBLIC ENCRYPTION MANAGEMENT
The President has approved a directive on "Public Encryption Management." The directive provides for the following: ...
Posted-Date: Sat, 17 Apr 93 01:26:06 +0200 From: caronni@nessie.cs.id.ethz.ch (Germano Caronni) Date: Sat, 17 Apr 93 01:26:06 +0200 To: clipper@csrc.ncsl.nist.gov Subject: Clipper-Chip Escrow-System Flaws Newsgroups: alt.privacy,sci.crypt,alt.security,comp.security.misc,comp.org.eff.talk Organization: Swiss Federal Institute of Technology (ETH), Zurich, CH Cc:
Good day, as a non-citizien of USA I have read your announcment of the 'Clipper-Chip' with great interest, and am happy to see a increase in lawful privacy in the USA. I hope this policy will extend to other countries too. In the meantime I suspect two flaws in the 'Clipper-Chip' as it was announced today via NIST/electronic media.
1) Keeping secret the algorithm which performs encryption is in my humble opinion a bad idea. It hinders 'Clipper' to get publicly accepted, and hinders the minute examination of the Clipper- Algorithm by other then a few experts. But I am sure this was well considered.
Now the important suggestion :=)
2) By splitting the 80-Bit-Key of clipper in two parts, and give them to different organizations, you add an uneeded WEAKNESS to the escrow-system. This way, corruption of one escrow will allow an easier attack on the Key than might be possible. (e.g. if I obtain 40 bits of possible 80 bits keys, exhaustive keysearch is definitively no problem.) You might instead generate 2 (or even more, if this ist not politically indesired) 80-Bit-Sequences which, when XOR-ed together will provide the original, needed key, but alone they are worthless. I am sure persons with knowledge in this area, which surely can be found at NIST (or wherever) will agree.
I hope that this remark is of interest for you.
Friendly greetings,
Germano Caronni
P.S. I am sure you have remarked, that the current policy is interpretable to tend toward an abolition of 'unbreakable' secure communication via electronic Media, and hope that this will _not_ come true.
Disclaimer: This mail is in now way whatsoever connected to the Swiss Federal Inst. of Technology, but expresses my personal thoughts.
Organization: FIRST, The Forum of Incident Response & Security Teams Posted-Date: Fri, 16 Apr 93 22:32:14 PDT Date: Fri, 16 Apr 93 22:32:14 PDT From: "Martin Hellman" <hellman@isl.stanford.edu> To: caronni@nessie.cs.id.ethz.ch, clipper@csrc.ncsl.nist.gov Subject: Re: Clipper-Chip Escrow-System Flaws
I received your message suggesting:
2) By splitting the 80-Bit-Key of clipper in two parts, and give them to different organizations, you add an uneeded WEAKNESS to the escrow-system. This way, corruption of one escrow will allow an easier attack on the Key than might be possible. (e.g. if I obtain 40 bits of possible 80 bits keys, exhaustive keysearch is definitively no problem.) You might instead generate 2 (or even more, if this ist not politically indesired) 80-Bit-Sequences which, when XOR-ed together will provide the original, needed key, but alone they are worthless.
In a conversation with NSA today, I was told that two random 80-bit numbers will be XORed to produce the 80-bit key and the two individual numbers kept by two separate escrow authorities -- who they are is to be decided. So your suggestion is, in fact, how it will be handled.
martin hellman
Disclaimer: this in no way should be interpreted to mean that I approve of the Clipper Chip. While I am still in the process of learning more about it, my immediate reaction was not positive. More later.
Organization: FIRST, The Forum of Incident Response & Security Teams Posted-Date: Sat, 17 Apr 93 23:05:23 PDT Date: Sat, 17 Apr 93 23:05:23 PDT From: "Martin Hellman" <hellman@isl.stanford.edu> To: ...clipper@csrc.ncsl.nist.gov... Subject: Clipper Chip
Most of you have seen the announcement in Friday's NY Times, etc. about NIST (National Institute of Standards & Technology) announcing the "Clipper Chip" crypto device. Several messges on the net have asked for more technical details, and some have been laboring under understandable misunderstandings given the lack of details in the news articles. So here to help out is your friendly NSA link: me. I was somewhat surprised Friday to get a call from the Agency which supplied many of the missing details. I was told the info was public, so here it is (the cc of this to Dennis Branstad at NIST is mostly as a double check on my facts since I assume he is aware of all this; please let me know if I have anything wrong):
...
Organization: FIRST, The Forum of Incident Response & Security Teams Posted-Date: Sat, 17 Apr 93 08:55:31 -0400 Date: Sat, 17 Apr 93 08:55:31 -0400 From: padgett@tccslr.dnet.mmc.com (A. Padgett Peterson) To: "clipper@csrc.ncsl.nist.gov"@uvs1.dnet.mmc.com Subject: Panel
I would like to be considered for the "outside panel" assessing the Clipper Technology. A. Padgett Peterson, P.E.
-- Harry Shapiro habs@panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991