Greets. These two forwarded message are from the RISKS Forum (14.51). I thought some of you folks might be interested. (Padgett Peterson is a fellow assembler buff who is better known on comp.virus.) ---- Forwded Messages -------------------------- Date: Mon, 19 Apr 93 9:21:53 EDT [RISKS-14.51] From: Clipper Chip Announcement <clipper@first.org> Organization: FIRST, The Forum of Incident Response & Security Teams Subject: Slide presented at White House briefing on Clipper Chip Note: The following material was handed out a press briefing on the Clipper Chip on 4/16. Chip Operation Microchip User's Message +----------------------+ ------------------> | | 1. Message encrypted | Encryption Algorithm | with user's key | | | Serial # | 2. User's key encrypted | |--> with chip unique key | Chip Unique Key | User's Encryption | | 3. Serial # encrypted Key | Chip Family Key | with chip family key ------------------> | | | | +----------------------+ For Law Enforcement to Read a Suspect's Message 1. Need to obtain court authorized warrant to tap the suspect's telephone. 2. Record encrypted message 3. Use chip family key to decrypt chip serial number 4. Take this serial number *and* court order to custodians of disks A and B 5. Add the A and B components for that serial number = the chip unique key for the suspect user 6. Use this key to decrypt the user's message key for this recorded message 7. Finally, use this message key to decrypt the recorded message. - ------------------------------ Date: Sat, 17 Apr 93 09:12:57 -0400 [RISKS-14.51] From: padgett@tccslr.dnet.mmc.com (A. Padgett Peterson) Subject: "Clipper Chip" I suppose we should have expected something after all of the sound and fury of the last few years. The announcement does not really give enough information though. My first thought involves conventional compromise: what happens if the keys are captured through theft *and you know about it* - how difficult is it to change the keys ? What do you do between the time the loss is detected and the time a new key set is approved. How difficult is it to program the chip or do you need a new one ? (and if the chip can be reprogrammed, how do you prevent covert changes that will not be discovered until authorization to tap is received and the agency finds out that it cannot ?). Potentially this must occur every time a trusted employee leaves. For some time, I have been playing with dynamic access cards ("tokens") as seeds for full session encryption rather than just for password devices. Since the encryption requires three parts (PIN, challenge, and token) which are only physically together at the secure system, and since only the challenge passes on the net, and since once encryption starts you have not only provided protection to the session, you have also authenticated both ends simultaneously (by the fact that you can communicate), it seems ideal. *And everything necessary already exists*.
From several US companies. It just has not been put together as a commercial product (FUD at work 8*(.
Since key generation is on-the-fly at the onset of the session, obviously what the gov needs is not the key but the "key to the key" (of course computers, even a PC, are really good at this. The real question is "Why a new chip ?" The technology to do this has been around for years and several DES chips are available commercially today. The BCC laptop (I like Beaver better 8*) 007 provides this internally today with (I believe) the LSI-Logic chip and Enigma-Logic's PC-SAFE (plugs) does the same with software alone. As indicated in the announcement, financial institutions have been using encrypted transmissions for years without any great outcry. IMHO the real hold-up has been $$$ - cheap error-correcting modem technology to prevent synch losses rather than a lack of good crypto algorithms. Today this is a done deal (actually we have known how to keep in synch since the sixties but you couldn't buy 56kb for under $300.00 at BizMart - now part of K-Mart ! - then). True, there are a lot of questions yet to be answered, but again IMHO most center on the exception cases and not the encryption technology itself. Padgett ---- End Forwarded Messages -------------------------- Cheers. Paul Ferguson | Uncle Sam wants to read Network Integration Consultant | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp@sytex.com | Chip...