Skipjack backdoor? NOT!
grendel@netaxs.com (Michael Handler):
In short, is it possible that the NSA built in a backdoor to Skipjack so they can stay ahead of the game like they used to in the pre-Clipper days?
Also, at the risk of starting a "computing power increases vs. difficulty of factoring vs. potential cost" flamewar: Is it possible that the NSA can brute force Skipjack? _Applied Crypto_ says that Skipjack only has an 80-bit key. How easily could the NSA break an 80-bit key?
If they were that smart, they'd simply have made Skipjack weak enough to easily break, and not cause all the outcry by suggesting escrows. See my earlier post, "Why dumb criminals will NOT use Clipper". -------------------------------------------------------------------------- Rishab Aiyer Ghosh rishab@dxm.ernet.in Voicemail +91 11 3760335; Vox/Fax/Data 6853410 H-34C Saket New Delhi 110017 INDIA The National Short-Sleeved Shirt Association says: Support your right to bare arms! --------------------------------------------------------------------------
If they were that smart, they'd simply have made Skipjack weak enough to easily break, and not cause all the outcry by suggesting escrows.
The thing is, the rest of the law enforcement agencies and the government have wised up to how easily people can be monitored on the Internet and other computer networks. Now, these other agencies want the NSA's ability to monitor encrypted communications, but the NSA, in typical spook fashion, is understandably reluctant to let other agencies in on its deep dark secrets of cryptanalysis. So, they created the Clipper scheme, which is a compromise. [1] It has a key-escrow scheme, so those other agencies, who actually have to worry about little things like the validity of searches and the Constitutionality of their actions, can go through proper channels and legally obtain the plaintext of the messages. [2] My guess is that Skipjack is compromised in some way (not releasing the algorithm was *really* suspicious) or that the NSA can easily break 80-bit keys, so that the NSA can continue to have a leg up on all of the other agencies (ie they don't have to deal with the key escrow departments or other little trivial legal details). Considering how easily RSA-129 was broken, my guess is that 80-bit keys are a joke for the NSA. All IMAO, of course. -- Michael Brandt Handler <grendel@netaxs.com> Philadelphia, PA, USA PGP v2.3a public key via server / finger / mail "I am iron, I am steel, nobody can touch me when I'm on the wheel" -- Curve
participants (2)
-
grendel@netaxs.com -
rishab@dxm.ernet.in