Clipper LEAF simulator chip???

Jyri Poldre jp at jep.pld.ttu.ee
Mon Jun 6 05:50:00 PDT 1994



> > 1. Taking advantage of desing imperfections, people trying to defeat the
> > system could repeatedly alter the LEAF until it erroneously passed the
> > "checksum" verification, despite an invalid session-key number.
> > This sounds like a very simple computation.  How much would it cost 
> to fab up some chips to do this, and solder them into the circuitry 
> next to the Clipper chip?  Or is there an even easier way to do this?

As far asi I know there has been no direct info about how the checksum is calculated, only that it is somehow connected to IV. 

So , the function of the chip for doing IT would look like the following:

1. Intercept original LEAF.
  Can be done. There should be no problems with such small timeouts, cause phones may sometimes have bad links, also the data transfer rate is of no big deal. 

2. Generating Random LEAF and testing it. 
The only problem here is the time it takes to test these forged LEAFs. Does it have the limit? Maybe chip waits some time before allowing for next testing, 0.1 sec would be enough - you would have to wait almost 2 hours for finding forged LEAF and for law-obeying user 0.1 sec makes no difference. Then maybe Clipper chips will re-initiate key exchange or whatever after some time-out.

If that is no question, meaning that  other chip will wait for connection then the whole design would consist of RND generator and some logic. This would fit perfectly into XILINX 3010 FPGA. There is another good point in using FPGA- the configuration info could be made public knowledge and then everyone could go out and make themselves one for some hamburgers price. 

price of 3010 FPGA in Estonia is  $5-$8 

Oops. add a Coke to these burgers :-)

(Xcuse me if I misunderstood smth. Haven't seen a live clipperphone, therefore can give no soldering / other details. ) 

JP from TTU.


> 
> 
> 






More information about the cypherpunks-legacy mailing list