Hack Lotus?

Bill Stewart stewarts at ix.netcom.com
Sat Jan 20 19:33:17 PST 1996


At 05:14 PM 1/19/96 -0500, daw at quito.CS.Berkeley.EDU (David A Wagner) wrote:
>I was talking to Avi Rubin from Bellcore last night, and he speculated
>that maybe the 64 bit key was a fixed one, generated once at installation
>time and escrowed with the government then.

To do that, the user's system have to communicate with the government,
which would be unlikely and avoidable.  Alternatively, if Lotus is willing
to release copies with different serial numbers (either on the disk
or printed on the label), the installation process could include
public-key encrypting a 64-bit key for the user with the GAK key,
generating a (say) 512-bit encrypted key which could be dragged around
in the headers or (if they wanted to minimize overhead) handed out
in 64-bit chunks with every message or some such silliness.
#--
#				Thanks;  Bill
# Bill Stewart, stewarts at ix.netcom.com, Pager/Voicemail 1-408-787-1281
#
# "Eternal vigilance is the price of liberty" used to mean us watching
# the government, not the other way around....







More information about the cypherpunks-legacy mailing list