[296] in cryptography@c2.net mail archive
Re: GAK in domestic crypto products
daemon@ATHENA.MIT.EDU (Stefan Lucks)
Mon Feb 24 16:42:09 1997
Date: Mon, 24 Feb 1997 22:09:32 +0100 (MET)
From: Stefan Lucks <slucks@gwdg.de>
To: Lyle Seaman <lws@ms.com>
cc: cryptography@c2.net
In-Reply-To: <2.2.32.19970221202425.006c7178@remote.transarc.com>
On Fri, 21 Feb 1997, Lyle Seaman wrote:
> According to Peter Trei:
> >This makes it difficult for GAK'd and non-GAK'd products to
> >interoperate, and is a wedge to force GAK'd products
> >into even purely domestic communications.
>
> I don't see how it makes it terribly difficult to interoperate. You
> implement two protocols -- a GAK protocol and a non-GAK protocol. The
> software prefers the non-GAK protocol if it is available. You ship only the
> GAK protocol to foreign customers, and both to domestic customers.
Beware! You also need to implement an initialization protocol, designed
with great care. Its has to to to find out whether the other party is
non-GAK-able and then starts either the GAK or the non-GAK protocol.
Think of active attackers, somehow somehow modifying the data interchanged
between both parties. If the initialization protocol is not designed with
enough care, such active attackers could talk two non-GAK-able (I like
that word 8^) products into believing that the other one is a GAK-only
product. Then their communication is based on the GAK protocol--bingo!
Stefan Lucks Inst. f. NAM, Lotzestrasse 16-18, 37083 Goettingen, Germany
e-mail: lucks@math.uni-goettingen.de (or slucks@gwdg.de)
home: http://www.num.math.uni-goettingen.de/lucks/
----- Wer einem Computer Unsinn erzaehlt, muss immer damit rechnen. -----
