16036

神经网络昆斯林的新闻组分类2006

Xref: cantaloupe.srv.cs.cmu.edu sci.crypt:16036 comp.org.eff.talk:17247
Path: cantaloupe.srv.cs.cmu.edu!magnesium.club.cc.cmu.edu!news.sei.cmu.edu!cis.ohio-state.edu!pacific.mps.ohio-state.edu!linac!uwm.edu!wupost!sdd.hp.com!caen!saimiri.primate.wisc.edu!copper!aspen.craycos.com!jrbd
From: jrbd@craycos.com (James Davies)
Newsgroups: sci.crypt,comp.org.eff.talk
Subject: Re: Clipper considered harmful [Restated and amplified]
Message-ID: <1993Apr26.212838.20029@craycos.com>
Date: 26 Apr 93 21:28:38 GMT
References: <15583@optilink.COM> <1993Apr26.145937.3570@wdl.loral.com> <WCS.93Apr26141950@rainier.ATT.COM>
Organization: Cray Computer Corporation
Lines: 15

In article <WCS.93Apr26141950@rainier.ATT.COM> wcs@anchor.ho.att.com (Bill Stewart +1-908-949-0705) writes:
>
>It is still easy to conceal super-encryption, at least until the
>inquisitors get ahold of the K key, which can take a while,
>presumably not in near-real-time.  (Worst-case, in which the escrow agencies
>provide the U key to the local cops, still only gets one side of the
>conversation per warrant, unless the same key is used for both directions,
>which I suppose the CAPSTONE version of the chip will probably insist on.)

I was under the impression (from reading Denning's description of the
Clipper's operation) that the same session key *is* used in both directions for
encrypting the message text, but that each chip uses it's own key for
encrypting the session key into the law-enforcement field.  So, you only
need to know the U key for one of the phones involved to decrypt the
messages in both directions.