Ethan Heilman <eth...@gmail.com> writes: >Do I understand you correctly. The checksum is calculated using a key or the >checksum algorithm is secret so that they can't generate checksums for new >keys? Are they using a one-way function? Do you have any documentation about >this?
Like the algorithms themselves, the details would be classified. The only case where we know anything is for Clipper, but we have no idea whether it's done similarly for other devices. Given the LEAF-based design, which wouldn't be needed for normal military/goverment use, it seems unlikely. (If you needed to do something like this isn't not too hard to figure out how to do it, just MAC the key in some way and if the MAC check fails, truncate it to (say) 16 bits so the unauthorised user thinks they're encrypting data but you can recover the plaintext without too much effort). Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
