9.10.1. Clipper chip fabrication details + ARM6 core being used - but also rumors of MIPS core in Tessera - MIPS core reportedly being designed into future versions - National also built (and may operate) a secure wafer fab line for NSA, reportedly located on the grounds of Ft. Meade--though I can't confirm the location or just what National's current involvement still is. May only be for medium-density chips, such as key material (built under secure conditions). 9.10.2. "Why is the Clipper algorithm classified?" - to prevent non-escrow versions, which could still use the (presumably strong) algorithm and hardware but not be escrowed - cryptanalysis is always easier if the algorithms are known :-} - general government secrecy - backdoors? 9.10.3. If Clipper is flawed (the Blaze LEAF Blower), how can it still be useful to the NSA? - by undermining commercial alternatives through subsidized costs (which I don't think will happen, given the terrible PR Clipper has gotten) - mandated by law or export rules - and the Blaze attack is--at present--not easy to use (and anyone able to use it is likely to be sophisticated enough to use preencryption anyway) 9.10.4. What about weaknesses of Clipper? - In the views of many, a flawed approach. That is, arguing about wrinkles plays into the hands of the Feds. 9.10.5. "What are some of the weaknesses in Clipper?" - the basic idea of key escrow is an infringement on liberty + access to the keys - " + "There's a big door in the side with a - big neon sign saying "Cops and other Authorized People Only"; - the trapdoor is the fact that anybody with a fax machine can make - themselves and "Authorized Person" badge and walk in. <Bill Stewart, bill.stewart@pleasantonca.ncr.com, 4-15- 94, sci.crypt> - possible back doors in the Skipjace algorithm + generation of the escrow keys - + "There's another trapdoor, which is that if you can predict the escrow - keys by stealing the parameters used by the Key Generation Bureau to - set them, you don't need to get the escrow keys from the keymasters, - you can gen them yourselves. " <Bill Stewart, bill.stewart@pleasantonca.ncr.com, 4-15-94, sci.crypt> 9.10.6. Mykotronx - MYK-78e chip, delays, VTI, fuses - National Semiconductor is working with Mykotronx on a faster implementation of the Clipper/Capstone/Skipjack/whatever system. (May or may not be connected directly with the iPower product line. Also, the MIPS processor core may be used, instead of the ARM core, which is said to be too slow.) 9.10.7. Attacks on EES - sabotaging the escrow data base + stealing it, thus causing a collapse in confidence - Perry Metzger's proposal - FUD 9.10.8. Why is the algorithm secret? 9.10.9. Skipjack is 80 bits, which is 24 bits longer than the 56 bits of DES. so 9.10.10. "What are the implications of the bug in Tessera found by Matt Blaze?" - Technically, Blaze's work was done on a Tessera card, which implements the Skipjace algorithm. The Clipper phone system may be slightly different and details may vary; the Blaze attack may not even work, at least not practically. - " The announcement last month was about a discovery that, with a half-hour or so of time on an average PC, a user could forge a bogus LEAF (the data used by the government to access the back door into Clipper encryption). With such a bogus LEAF, the Clipper chip on the other end would accept and decrypt the communication, but the back door would not work for the government." [ Steve Brinich, alt.privacy.clipper, 1994-07-04] - "The "final" pre-print version (dated August 20, 1994) of my paper, "Protocol Failure in the Escrowed Encryption Standard" is now available. You can get it in PostScript form via anonymous ftp from research.att.com in the file /dist/mab/eesproto.ps . This version replaces the preliminary draft (June 3) version that previously occupied the same file. Most of the substance is identical, although few sections are expanded and a few minor errors are now corrected." [Matt Blaze, 1994-09-04]
Next Page: 9.11 Products, Versions -- Tessera, Skipjack, etc.
Previous Page: 9.9 Clipper, Escrowed Encyption Standard
By Tim May, see README
HTML by Jonathan Rochkind