Active Eavesdropping of Clipper Phones
Mike Ingle
MIKEINGLE at delphi.com
Wed Sep 29 20:46:33 PDT 1993
>From what I've read, the basic Clipper chip provides no key management, and
AT&T is going to use DH. If there is no key certification involved, wouldn't
this be vulnerable to active eavesdropping?
In other words, cut the victim's phone line somewhere between his house and
the central office. Connect up your tap. It just passes voice through, but
when he goes secure, it breaks in and hijacks the key exchange. Instead of
the two phones exchanging keys with each other, both exchange keys with your
tap. Now you have two keys. Load each into a Clipper chip. Send the received
data to one chip to decrypt, then to the other to encrypt with the other
key, and send it on its way. Neither party would know he's being had - it is
much like feeding someone a phony PGP key.
The tap could use stock Clipper chips, with no need to reverse engineer,
since they will be used for their intended purpose - to communicate with
another Clipper at the far end. You could probably reduce it to a notebook
computer and the guts of two AT&T ClipperPhones.
There must be something to prevent this - isn't there?
--- MikeIngle at delphi.com
"Hey hey, NSA, how many phones did you tap today?"
More information about the cypherpunks-legacy
mailing list