Newsgroups: sci.crypt
From: pla@sktb.demon.co.uk ("Paul L. Allen")
Path: cantaloupe.srv.cs.cmu.edu!magnesium.club.cc.cmu.edu!news.sei.cmu.edu!fs7.ece.cmu.edu!europa.eng.gtefsd.com!howland.reston.ans.net!torn!nott!bnrgate!bnr.co.uk!demon!sktb.demon.co.uk!pla
Subject: Re: Secret algorithm [Re: Clipper Chip and crypto key-escrow]
References: <9304190956.AA10390@pizzabox.demon.co.uk>
Reply-To: pla@sktb.demon.co.uk
Organization: Chaos
Lines: 70
X-Newsreader: Archimedes ReadNews
Date: Tue, 20 Apr 1993 23:47:32 +0000
Message-ID: <8aOEuEj024n@sktb.demon.co.uk>
Sender: usenet@demon.co.uk

-----BEGIN PGP SIGNED MESSAGE-----

In message <9304190956.AA10390@pizzabox.demon.co.uk> you write:

> : The cops/feds do *not* need to be able to get hold of your private key to
> : listen in to cellular conversations.  Encryption is not end-to-end, but 
> : cellphone to base-station
[...]

> That was true for the UK Paul, but I'm fairly sure they're talking about
> building end-to-end encryption phones out of this chip.  It's *not* for
> cellular (though it certainly could be used there in the way you suggest)

I'd lost the White House's deathless prose when I posted (that's what happens
when you read news at home when you're rat-arsed), but I did have a bunch
of follow-ups going on about cellular/cordless comms.  The original article
has reappeared, so:

    The President today announced a new initiative that will bring
    the Federal Government together with industry in a voluntary
    program to improve the security and privacy of telephone
    communications while meeting the legitimate needs of law
    enforcement.

Hmm, telephone communications could indeed include end-to-end encryption on
ordinary landlines.

    The initiative will involve the creation of new products to
    accelerate the development and use of advanced and secure
    telecommunications networks and wireless communications links.

But the next paragraph says telecoms networks and wireless communications
links.

OK, it's far from clear exactly what Cripple (what an apposite anagram) will
be applied to, but the reason Joe Public wants secure comms is to stop
people listening in to his cellular or cordless phones (and he wouldn't
even be bothered about that were it not for Wingnut and Squidqy's
misfortunes).

Yes, Cripple *might* be for end-to-end encyption, dropping to clear
when the other end doesn't have Cripple.  But then a cordless-to-ordinary
conversation would be in clear leaving the cordless end just as vulnerable
as at present.  Nope, I suspect that Cripple will only be used on radio
links.

OK, it's possible `telecommunications networks' could mean `ordinary phone
lines', but I'm betting it means the microwave links used by the telcos.

My apologies if I'm wrong, particularly if the turgid Press Release makes it
clear that I'm wrong and I missed it, but as far as I can see it was full of
obfuscation, and anyone expecting end-to-end encryption is in for a surprise
(IMHO).


BTW, Graham, I've posted questions to alt.security.pgp and not seen any
replies/followups from outside Europe - how about you?  Have I made it into
everyone's kill file, or is there some problem?

- --Paul

-----BEGIN PGP SIGNATURE-----
Version: 2.2

iQCVAgUBK9SPBmv14aSAK9PNAQGJBwP/ZoKyrm0gemlyYsNj8bqoH8l8qLJoMRBo
eOCClpKsTavebtdCLIGqHNzoWC6Ar2K1blIbpUa2tWnqwRGVa15OgOc7XXKJJ093
yb7P/vWvQbXYiA6zDJ5zkQsDeP7X6ckIDVDRz5CdIS+oNXtiOtHk3s3B3wjQBjCU
vks8KOV8gfg=
=gVy0
-----END PGP SIGNATURE-----

