Newsgroups: sci.crypt
Path: cantaloupe.srv.cs.cmu.edu!das-news.harvard.edu!noc.near.net!uunet!world!iecc!johnl
From: johnl@iecc.cambridge.ma.us (John R. Levine)
Subject: Why the clipper algorithm is secret
Message-ID: <1993Apr18.225502.358@iecc.cambridge.ma.us>
Organization: I.E.C.C.
References: <1993Apr17.175656.23656@ulysses.att.com>
Date: Sun, 18 Apr 1993 22:55:02 GMT
Lines: 21

>The cryptographic protocol, though, is another matter.  I see no valid
>reasons for keeping it secret, and -- as I hope I've shown above -- there
>are a lot of ways to do things that aren't (quite) as bad.

It just occurred to me why the algorithm is secret.  If it were
published, one could then build physically identical clone versions
of the chip that would interoperate with official Clipper chips.  But
the cloner wouldn't provide the keys to the escrow houses.  Hmmn.

Or is there a technical hack that I've missed?  E.g. how about if the
chips were made unprogrammed but serialized, and then shipped to the
two escrow houses who programmed in their halves of the keys, but
in a way that requires that secret keys known only to the escrow houses
be installed as well, without which clone versions wouldn't
interoperate?  This is getting awfully complicated, but that's
crypto for you.

-- 
John R. Levine, IECC, POB 349, Cambridge MA 02238, +1 617 492 3869
johnl@iecc.cambridge.ma.us, {ima|spdcc|world}!iecc!johnl
"Time is Money!  Steal some today!"
