Hack Lotus?

hallam at w3.org hallam at w3.org
Fri Jan 19 15:16:13 PST 1996



I've been thinking about how I would do the lotus hack. I certainly would not be 
wanting to do a public key operation for the benefit of the government on every 
message. How about the following:

During installation of program:

Select a random key ER, encrypt it under the govt. public key to give Eg(ER).

To start encrypting,

chose a random value R, encrypt under destination public key to give Ek(R)

set 40 bits of R to 0 to produce R'

Encrypt R' under ER to give E-ER(R')

Hash R, E-ER(R') and Eg(ER) with a one way function (MDMF like) to produce the 
actual key.

Send across Ek(R), E-ER(R'), Eg(ER)

To decrypt the message one needs the information for the escrow authority.

		Phill








More information about the cypherpunks-legacy mailing list