sommerfeld@orchard.medford.ma.us (Bill Sommerfeld) :
BTW, my guess at the most likely back door is that the unit keys will be generated as a cryptographic function of the serial number and a *small* random number generated for each chip and unknown to the agency. They would have to search a mere 2**16..2**32 keys once they get the serial number out of the LEEF. The existance of such a backdoor would be difficult to prove, since there would be no visible evidence for it in the individual chips. It is also difficult to disprove such a theory because the clipper key generation algorithms are classified.
I just read a paper that might apply to this type of backdoor; it was by someone at RSA, with the title "..RSA's trapdoor can be broken". I'll look the article up when I get home. Basically, it argued that the smaller keyspace generation approach used above would be detectable. I think it might be generally applicable. I'll look it up again. mt Matt Thomlinson Say no to the Wiretap Chip! University of Washington, Seattle, Washington. Internet: phantom@u.washington.edu phone: (206) 548-9804 PGP 2.2 key available via email or finger phantom@hardy.u.washington.edu