home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!ogicse!uwm.edu!rpi!bu.edu!transfer.stratus.com!ellisun.sw.stratus.com!cme
- From: cme@ellisun.sw.stratus.com (Carl Ellison)
- Newsgroups: sci.crypt
- Subject: Re: A Copper Balloon
- Message-ID: <1dm50cINNcse@transfer.stratus.com>
- Date: 9 Nov 92 16:52:28 GMT
- Article-I.D.: transfer.1dm50cINNcse
- References: <1992Nov7.142220.1683@guvax.acc.georgetown.edu>
- Organization: Stratus Computer, Software Engineering
- Lines: 77
- NNTP-Posting-Host: ellisun.sw.stratus.com
-
- In article <1992Nov7.142220.1683@guvax.acc.georgetown.edu> denning@guvax.acc.georgetown.edu writes:
- >I'd like to suggest another possibility, which for want of a
- >better name I'll call the "copper balloon". It's quite clear that key
- >registration goes over like a "lead balloon". My question is: is this
- >any better? worse? I would also like to suggest that we keep this
- >thread focused on this proposal and not on the merits/demerits of
- >wiretapping in general.
-
-
- I concur and would advocate that we keep this subject line free from the
- wiretapping discussion. It's going on quite nicely over in
- comp.org.eff.talk.
-
-
- One way to separate this conversation from privacy in general is to view
- the copper balloon as a proposal for a nationwide, encrypted voice and data
- service. In this plan, the phone companies would provide encrypting wired
- phones, cellular phones and modems using the 3-way DH key exchange which
- Dorothy proposes. These phones (due to volume production) would be cheap
- enough that all business and many personal phones would use encryption.
- The encryption, meanwhile, would be high quality: 1000+ bit DH, 3-fold
- DES-CBC (with a full 360 bits of key).
-
- This has the advantage of cutting down on industrial espionage.
-
- This undercuts companies like Cylink or Racal-Guardata -- doesn't put them
- out of business because you would need their current products to provide
- privacy even from the Gov't -- but you would presumably take away from them
- the business of people who just want to avoid non-gov't espionage.
-
-
- So: what if the entire national communications infrastructure were
- well encrypted? People could add their own encryption, of course,
- but most wouldn't. Most are lazy or don't see the need.
-
-
-
- This gains us control over industrial espionage and the tapping of cellular
- phones by private citizens.
-
- It also gains us some civil liberty. Without getting a key from the
- intermediary, the gov't (presumably even the NSA) wouldn't be able to do
- its tapping. That request can be logged and preserved for later FOIA
- retrieval.
-
- Meanwhile, this mechanism could presumably be extended from 3 to more than
- 3 agents, along the lines of Silvio's proposal, with each one getting a
- clear record of each tap request and each one having to rule on the
- validity of the order.
-
- I claim, therefore, that this mechanism would save us from Nixon-style
- abuses while still permitting unrestricted private encryption and leaving
- open to wiretapping a large number of calls (probably just the same calls
- that are open today).
-
-
- However, I would like Dorothy to post details of the algorithm she
- proposes. Based on her description of its behavior, I assume it's like the
- following -- but this differs from Silvio's proposal:
-
- agree on common prime, p, and ranno a, (1< a < p).
-
- each party, i, choose random, secret x[i] (1 < x[i] < (p-1))
-
- 1 <= i <= n
-
- each party compute y[i,1] = a^x[i] mod p and pass it to (i+1)
-
- each party compute y[i,j] = y[i-1,j-1]^x[i] mod p
-
- the values y[i,n] will all be the same
-
- --
- -- <<Disclaimer: All opinions expressed are my own, of course.>>
- -- Carl Ellison cme@sw.stratus.com
- -- Stratus Computer Inc. M3-2-BKW TEL: (508)460-2783
- -- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298 FAX: (508)624-7488
-
