Xref: cantaloupe.srv.cs.cmu.edu sci.crypt:15345 alt.security:9984 comp.org.eff.talk:16937 comp.security.misc:3421 comp.org.acm:1628 comp.org.ieee:1560
Path: cantaloupe.srv.cs.cmu.edu!das-news.harvard.edu!noc.near.net!howland.reston.ans.net!bogus.sura.net!jhunix.hcf.jhu.edu!fmsrl7!lynx.unm.edu!dns1.NMSU.Edu!amolitor
From: amolitor@nmsu.edu (Andrew Molitor)
Newsgroups: sci.crypt,alt.security,comp.org.eff.talk,comp.security.misc,comp.org.acm,comp.org.ieee
Subject: Re: Once tapped, your code is no good any more.
Date: 18 Apr 1993 21:55:45 GMT
Organization: Department of Mathematical Sciences
Lines: 58
Distribution: na
Message-ID: <1qsip1INNnj2@dns1.NMSU.Edu>
References: <tcmayC5M2xv.JEx@netcom.com> <1qpg8fINN982@dns1.NMSU.Edu> <1993Apr18.150259.1748@escom.com>
NNTP-Posting-Host: moink.nmsu.edu

al@escom.COM (Al Donaldson) writes:
>amolitor@nmsu.edu (Andrew Molitor) writes:
>>Yes, those evil guys in the FBI can probably, with some
>>effort, abuse the system. I got news for you, if the evil guys in
>>the FBI decide they want to persecute you, they're gonna, ...
>
>And if Richard Nixon had had this kind of toy, he wouldn't have had
>to send people into the Watergate.
>

	This appears to be generic calling upon the name of the anti-christ.
Just for the hell of it, let's destroy this remark. Let us imagine that
the executive branch actually could extract keys from the escrow houses
without anyone knowing, or telling. Now what? Dick has 80 bits of data.
What the hell's he gonna do with it?

	1) Trot around to the telco and say 'we'd like an unauthorised
decrypting tap'. Uh huh.
	2) Break in to watergate and install his own tap (so his people still
do have to break in, neat, huh?) record some noise, then get the Executive
Branch Phone Decryption Box (huh? they've got one? Goodness, wait 'til the
washington post gets hold of this) and decrypt the noise.
	3) More likely, stare at the key, and say 'Oh, hell it's not
worth all this bloody hassle'

	Truth is, even granted *lots* of covert power on the part of
the Executive Branch, this system is *more* difficult to tap with than
POTS gear. The fact that it is easier to tap than some hypothetical
system neither you nor I am going to place on our phones is neither
here nor there.

	The only rational concerns I am seeing raised are:

	a) is the key really just chopped in half, and not some XOR
arrangement? That is, has some egregious technical error been built
in to the plan?
	b) is this is the first step toward strict regulation of strong
encryption?


>But that's not really the issue.  The real issue is whether this 
>will be used to justify a ban against individuals' use of private 
>(i.e., anything else) encryption methods.

	This is b), of course. I suspect not. If the government actually
wanted to make such regs, they'd just do it. A few hundred people on Usenet
yelling about it wouldn't even slow the machine down.

	Besides, who is this mysterious 'they' who's going to take away
all our rights the instant we let our guard down? Congress? That gang
of buffoons can't even balance their checkbooks. The FBI? But.. they
don't make the laws. The NSA? Ditto. The white house? Bill Clinton
is probably still looking for the bathroom. It's a big place, after all.

	Andrew

>
>Al
