DrZaphod writes:
Remember folx.. ya heard it here first.. Lesse.. was quite a while ago.. the day/or after that it was announced I believe. when ideas come full circle I can't help but think we missed one go-around and this is another reminder to do it. Let's plan ahead so we don't get trapped without an escape.
Yeah, a lot of folks suggested the same thing (I didn't, so I'm neutral on the credit issue). It was debated in scy.crypt, as well as here on Cypherpunks. Reverse-engineering the Clipper/Capstone/Skipjack chips to the point of allowing drop-in replacements would entail several things: 1. Access to the Clipper chips. I don't think the AT&T phones ("Reach out and tap someone") are available yet...reports of yield problems, delays, unhappiness at AT&T with the pace of deliveries, etc. I don't know if Mykotronx, or their chip supplier (VLSI Technology Inc.) is selling chips to end users....Arthur Abraham follows this and may know. So, getting enough chips is the first step. 2. "Peeling" the chip is the next step, that is, getting access to the innards of the chip. Reports are that VTI is using various tamper-resistant technologies to make peeling the chip harder. (My guesses: etch-resistant epoxies, increased glass passivation/scratch protection, and judicious use of 3-layer metal processess to make probing difficult.) 3. Remember, testing the chip and attaching logic proves is generally not sufficient to deduce the internal layout. Emulation cannot be done this easily. The circuitry must match up to some extent (not exactly, but more than just partial emulation). 4. I expect the Skipjace algorithm cannot be "faked" without knowing the algorithm, and more. Several articles on this have alluded to the difficulties in producing plausible-looking LEEFs (Law Enforcement Exploitation Fields) without greater knowledge of the algorithms and the keys assigned (I believe, but I could be wrong) to the specific chip. 5. My guess is that a reverse engineering job on Clipper would cost more than $200K for a commercial service to do, perhaps cheaper for some motivated grad students at Berkeley or Stanford to do. (But then they probably are thinking about other things.) And the job would still have a fair chance of failing, not being a good enough emulation, etc. I suspect this is why such a project isn't going anywhere. The cost and expertise needed, and the basic lack of a motivation. The lack of motivation comes from the feeling of many of us that the talk of Clipper, of weaknesses in it, etc., is misguided, that the proper approach is reject key escrow on general principles. Convincing businesses and individuals to steer clear of Clipper is an easier win. (And if unapproved crypto is outlawed, all bets are off. Emulations are not likely to pass muster, either.) Finally, I've heard no repudiation of the other idea many folks have suggested, some the day Clipper was announced (me, for example), and some very recently: encrypt your data with your own algorithm prior to using the government's system, should it be mandated. Unless they open your packets, they'll never know. If they open your packets and complain, claim it was something like bits for a test of randomness, etc. (Too many variations on this to go into now. Suffice it to say that outlawing the sending of bits that they can't "understand" is too hard to enforce, even with foreseseable trends.) But I don't want to discourage DrZaphod from launching such a project to reverse-engineer the Clipper chip....I wish him luck on this effort. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power:2**859433 | Public Key: PGP and MailSafe available.