Question: How many bits of true "hardware randomness" go into the generation of each set of unit keys? Question: Exactly how are these random numbers generated? Which entity or entities provide the hardware and/or software to generate them? Are they generated inside the "vault" at the time of programming or "off-line"? Question: Are any of the random inputs to the key generation algorithm held constant during the generation of a "batch" of chips? If so, what is the justification for this practice? Question: What is the current batch size? What will the batch size be if production reaches ~1 million units per year, or ~4000 per work day? Question: What assurances are there that the key generation algorithm documented and examined by the review committee is the one actually used in production? Question: What assurances are there that the encryption algorithm studied by the review committee is the same as the one implemented by the chip? More specifically, have several members of the review committee each coded their own SKIPJACK implementations, including the escrow protocols, "from scratch" on computer systems not owned or provided by the U.S. government, and compared their outputs to that of the chips under study? If this is not feasible, please explain why. Question: What assurances are there that the actual physical chip(s) implementing the EES implements exactly and only the skipjack algorithm, the documented escrow procedures, and other publicly documented features? Are there any VLSI experts on the review committee? If so, what chips have they designed, and what chips have they "reverse engineered"? ---- By "assurances" I mean that there is an active process in place for validating compliance to a particular requirement such that no single *organization*, or single model of hardware can "fail" in a way such that violation of the requirement goes undetected. I consider the set of current and former employees of the Executive Branch of the U.S. Government to be a single organization for purposes of assurance. Addendum to all of these: If this information is classified, please justify this classification etc., etc., Steve, I hope you don't consider any of these "have you stopped beating your spouse".. - Bill