-----BEGIN PGP SIGNED MESSAGE----- RSADSI has been adamantly opposed to Clipper. You'd expect them to be opposed on business grounds; after all, Clipper wouldn't bring them any revenue and could quite possibly put them out of business if other forms of encryption were outlawed. I don't remember seeing many specific comments indicating that RSA was opposed to GAK on philosophical grounds (well, OK; some quotes on their "Sink Clipper" poster, if those count). Other groups were opposed to Clipper because Skipjack is of unknown strength. Putting the cypherpunkesque arguments about how GAK is a big step down the path towards a surveillance state, is it possible that the software GAK (SGAK) scheme could easily incorporate RSA's technology? Imagine: Schlafly et al win their court case, and RSADSI's patents on RSA and other public-key technology are declared invalid. SGAK can thus use RSA without any problem. The "Skipjack, DSS, and SHA may be weak" crowd can't object to RSA's strength, and of course RSADSI will be in no position to object. Another scenario: RSADSI wins and their patent remains valid. They can't refuse licensing to any entity which meets their terms, so SGAK can still be deployed, but RSADSI then gets a royalty. _This_ is what's scaring me. If Microsoft, Apple, et al offer weak encryption as part of SGAK, objections can be made to the weakness. If they use RSA, that avenue is gone. - -Paul - -- Paul Robichaux, KD4JZG | "Information is the currency of democracy." perobich@ingr.com | - some old guy named Thomas Jefferson Of course I don't speak for Intergraph. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLkemSKfb4pLe9tolAQGYiAP9EEwh/ImtxO6VoeGW6Ur15lwM+eJy9MRR liYk+LMisjfJUwdO7Ngz2EDg/gKWky3u/t2LOm5347tekShXJXEqFqmRlGIt2xu7 8eSMRxRpewYTtYstPWPBaxBe6nzBSfD7BciQseqEU1b6ug21pB53hzHgYP7OwtrY NEZSuas7C9g= =+J/I -----END PGP SIGNATURE-----
the path towards a surveillance state, is it possible that the software GAK (SGAK) scheme could easily incorporate RSA's technology? That depends on what you consider "RSADSI's technology". First, there are the direct claims of the patents. RSA and Diffie-Hellman primarily. The "public key" pattent of Hellman, Merkle, Diffie is the knapsack, which doesn't work. The Hellman, Pohlig patent is for a method of exponentiation as a secret key cipher. These claims are not very arguable if you believe the patents. (And there's an 'if' there, too.) But there's also the matter of patent extensions, the minor modifications to the actual patents that are also covered. I have heard that RSADSI claims that all use of modular exponentiation for cryptography are covered under their patents, as well as any public key type system. I think those claims are full of shit, myself, but that wouldn't stop RSADSI from suing for infringement and arguing the case and turning the attack from merit to one of lawyerdom. Eric
Paul Robichaux writes:
RSADSI has been adamantly opposed to Clipper. You'd expect them to be opposed on business grounds; after all, Clipper wouldn't bring them any revenue and could quite possibly put them out of business if other forms of encryption were outlawed. I don't remember seeing many specific comments indicating that RSA was opposed to GAK on philosophical grounds (well, OK; some quotes on their "Sink Clipper" poster, if those count).
I communicated with Jim Bidzos about this, asking him what he'd heard about the Karlsruhe/Walker-Belenson proposal--he said he'd gotten no wind of it, thinking it to be just another academic paper. Later messages indicated he was taking it more seriously. As to RSADSI's objections or approvals, I can't say. They are a _company_, planning to (someday??) turn a profit for their investors (Note: Alan Alcorn, the inventor of "Pong," invested in them in the early or mid-80s, and says he's not seen a dime come back, nor has the company gone public). That is, RSADSI is not run along Cypherpunkesque lines, but you all knew that.
Putting the cypherpunkesque arguments about how GAK is a big step down the path towards a surveillance state, is it possible that the software GAK (SGAK) scheme could easily incorporate RSA's technology?
My understanding is that the Walker-Belenson algorithm is quite strong as it is. I tried to ftp to ftp.tis.com, and succeeded, but could not find the Karlruhe paper(s) there, yet. If someone knows where they are (Carl?) or otherwise gets ahold of them, they might be useful additions to our own archives. Or a pointer, at least.
thus use RSA without any problem. The "Skipjack, DSS, and SHA may be weak" crowd can't object to RSA's strength, and of course RSADSI will be in no position to object.
I think 95% of the opposition to Clipper came from two sources: 1. General opposition to the principle of "escrowed encryption" 2. Disinterest/opposition to the idea of buying special hardware. I don't see the "Skipjack is weak" argument as ever having been persuasive. Hence, I don't see the following as too big a concern:
_This_ is what's scaring me. If Microsoft, Apple, et al offer weak encryption as part of SGAK, objections can be made to the weakness. If they use RSA, that avenue is gone.
What scares me is the incorporation of the SKE or GAK into products. Not that RSA may offer an even stronger system. It's the principle. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
From: tcmay@netcom.com (Timothy C. May) Date: Tue, 9 Aug 1994 10:52:48 -0700 (PDT) I don't see the "Skipjack is weak" argument as ever having been persuasive. [...] What scares me is the incorporation of the SKE or GAK into products. Not that RSA may offer an even stronger system. It's the principle. exactly .. This entire debate was sidetracked with a flurry of non-essentials. Who cares if Skipjack has a weakness? Who cares that it's classified? I don't need anything stronger than RSA and triple-DES, so Skipjack doesn't mean anything to me. However, it formed a kernel of controversy to distract a bunch of reporters and people posting to USENET. The only issue, as far as I'm concerned, is that in 4000 years of history of crypto (as documented by Kahn), private citizens have always had strong crypto and have kept their keys to themselves and there's no reason to believe the gov't should have the right, now or ever, to these keys. To me, the *only* issue is GAK. All the rest is moot...stuff to distract the critics and get them arguing among themselves (or with DERD and Sternlight). - Carl
participants (4)
-
Carl Ellison -
hughes@ah.com -
paul@poboy.b17c.ingr.com -
tcmay@netcom.com