Hellman's Hints

[R. David Murray]

Please excuse some questions from a somewhat crypto-naive person, but
I'd like to try to understand this thing a little better so I don't make
any stupid goofs if I talk about it.

I presume that we can simply consider this 'universal' key as if it
didn't exist?  Well, actually, I suppose it prevents 'joe average' from
getting the serial number, but certainly not foreign agents or any
criminal who has motivation to get it(*).  After all, a secret known by
more than one person will not remain a secret long, and this one is
going to be known by thousands.  Why even bother with it?  It seems like
it just adds compute overhead that could be better used for other
things.

(* I assume the TLAs get it legally)

The fact that the serial number is effectively in the clear then means
that traffic analysis attacks can glean information for anyone who can
get at the phone lines, yes?  Even if the states were to outlaw caller
id, these tapper phones would reintroduce that level of traceability.
Even worse, in some ways, since your tapper 'identity' goes with you if
you change phone numbers as long as you keep your old phone.

Finally, can anyone explain to me how this thing /works/, at the simple
'this is what you do with this key' level of description of how RSA
works?  I can't figure out how two phones can communicate with each
other without compromising one key or another, since RSA does /not/ seem
to be involved in this (there is no public key registry, right?)
Sorry if this is a dumb question . . . 

-- 
david			david at staff.udc.upenn.edu