News Flash: Clipper Bug?
bill.stewart@pleasantonca.ncr.com +1-510-484-6204
wcs at anchor.ho.att.com
Thu Jun 2 11:23:33 PDT 1994
> Here is what the article on the upper right hand side of this morning's
> New York Times says:
>
> "To defeat the system, Dr. Blaze programmed a 'rouge' unit to test
> thousands of LEAF's. Once he found a valid key, he inserted it in place
I assume 'rouge' is a typo - Matt's paper was talking about
rogue units, rather than Commies or makeup-artists :-)
One weakness in the weakness is that most Clippersystems
appear to be designed to use the same session key in each direction,
so both ends have to be privacy-protected versions to prevent
wiretapping, since a non-rogue LEAF from either end will give away the key.
But it's a good start, and ought to be exploited for all the
political mileage we can get out of it.... and it's not surprising
that security in a conversation is everybody's job...
Bill
More information about the Testlist
mailing list