comments on the clipper

[Andrew Loewenstern]

Going through all the messages on the Clipper, I noticed what may be  
a flaw that wasn't quite addressed...

The family key, which is the same for all devices, is hardwired onto  
the chip with the algorithm.  However, the device serial number and  
the unit key must be burned into a ROM.  This is somewhat like the  
EIN/MIN burned into the ROM of a cellular phone.  Just ask anyone who  
is familiar with cellular fraud how difficult it is to change the  
EIN/MIN of the phone.  So it should be more than possible for anyone  
to throw a wrench into the system by using hacked phones that have a  
random device serial number.  In this way it would not be possible  
for authorities to obtain the proper unit key since the device serial  
number would not exist in the escrow authority's database or would  
have the incorrect unit key associated with it.

Of course, it is possible that the scheme (i.e. the algorithm and the  
handshaking) is not secure.  Assuming it is not truly secure, I would  
think that only such agencies as the NSA and FBI would have not only  
the resources to decrypt Clipper generated communications without the  
session key, but the resources to keep such equipment from public  
knowledge (i.e. there is a companion device that breaks such  
communications).  It would most likely be too difficult to keep such  
equipment secret if it were available to local and state authorities.

Furthermore, the whole idea of escrow agents is hogwash to me.  How  
difficult is it to get someone's credit report?  How difficult is it  
to get social security records on a person?  Apparently no  
information held by a government or even private agency like TRW is  
impossible or even exceedingly difficult to obtain, and anyone  
wishing to intercept your communications will simply have to buy off  
the appropriate persons at each escrow authority.


To sum up, I think the whole idea stinks.


andrew