[2674] in Kerberos
Clinton Crypto System - IGNORE PREVIOUS MESSAGE
daemon@ATHENA.MIT.EDU (Ganesan)
Mon Apr 19 17:45:48 1993
From: bf4grjc@socrates.MIT.EDU (Ganesan)
To: smb@research.att.com
Date: Mon, 19 Apr 1993 17:22:21 -0500 (EDT)
Cc: kerberos@Athena.MIT.EDU, denning@cs.cosc.georgetown.edu
Reply-To: bf4grjc@bell-atl.com
1) Thought this would be good time to remind the security
community of the 1st ACM Conference on Computer and Communications
Security, to be held in November 1993. Dorothy Denning, the General Chair,
MAY be organizing a panel on our favourite topic..... Also paper
submissions (see enclosed CFP) are due to me by May 15. Note that
"Cryptographic Standards" is one of the topics....
2) Doesn't this thing have a name? Its NOT a key exchange standard. How about
the Clinton Crypto System (CCS) since the buck for this stops with him??
3) Re: Keeping algorithms secret. Fine. Use the greatest tamperproofing
chip technology you can find. What they CANNOT DO is keep the usage
a secret. i.e. the i/o parmaters, pin details HAVE to be public. As one
of the inputs is the session key K - the question boils down to this:
Introducing: The GOTCHA chip
----------------------------
What does it cost to manufacture a chip with an identical external
configuration that uses some completely different encryption method, but is
plug compatible with the PCS equipment or the motherboard of a computer? Lets
call this the GOTCHA chip. Any two users who use the GOTCHA chip instead of the
CLIPPER chip WILL have a secure, UNTAPPABLE, channel.
Cost of GOTCHA chip: Probably quite high. The Fixed Cost of chips are high
compared to the unit cost. However this cost is HARDLY LIKELY to be out of
the reach of a sophisticated drug/terrorist ring. (Also: Can the govt. make
production/possesion/use of the GOTCHA chip illegal? Are there parallels
here with the use of radar detectors?
Hypothetically, we can break line-tapping activities as targeted against
three classes of users:
Category 1: Terrorists/Drug-Dealers: The big guys, whom the govt. is most
interested in tapping. These guys will probably use the GOTCHA chip.
Category 2: Lesser criminals who will probably use the CLIPPER chip for
convenience. I mean "lessor' in terms of the societal impact of the
crime - NOT its nature. Maybe kidnappers, serial killers and rapists
belong here.
Category 3: Misuse/abuse against innocent people. These users WILL use the
CLIPPER chip.
If you are willing to buy the argument that Category 1, WILL use the
GOTCHA chip, then someone needs to ratiocinate the benefits of catching
the Category 2 criminals against the abuse.
Ravi
--
*******************************************************************************
Ravi Ganesan e-mail: ravi@socrates.bell-atl.com
IS SAS Corporate Network Planning v-mail: (301) 595-8439
Bell Atlantic Fax: (301) 595-1341
Note: If your e-mail reply to me bounces, try sending it explicitly to
ravi@socrates.bell-atl.com instead of using the 'reply' feature.
******************************************************************************
********* 1st ACM Conference on Computer and Communications Security **********
Nov 3-5 1993, Fairfax, Virginia
Sponsor: ACM SIGSAC
Hosts: Bell Atlantic and George Mason U
In cooperation and participation from:
International Association of Cryptologic Research
IEEE Communications Society TC on Network Operations and Management
IEEE Computer Society TC on Security and Privacy
C A L L F O R P A P E R S
-------------------------------
Topics of interest
==================
The purpose of this new conference is to bring together researchers and
practitioners of computer and communication security. The emphasis is on
the security requirements of the industrial and commercial sectors, e.g.
telecommunications, finance, banking, etc. The primary focus is on high
quality original unpublished research, case studies and implementation
experiences. We also encourage submission of papers addressing the social
and legal aspects of security. Conference proceedings will be published by
ACM. Selected papers, with suitable revisions, will be considered for
publication in upcoming special issues of the Communications of the ACM and
IEEE Communications Magazine. Topics of interest include:
Communications & Information Security: Theory and Techniques
------------------------------------------------------------
Access Control Cryptanalysis Digital Signatures Intrusion Detection
Audit Cryptosystems Formal Models Randomness
Authentication Crypto. Prtcls Hash Functions Viruses and Worms
Authorization Database Sec. Integrity Zero Knowledge
Applications,Case Studies & Experiences
---------------------------------------
Cellular and Wireless LAN Security Security APIs Smart Cards
Electronic Commerce Network Firewalls Security Arch. Telecom. Sec.
Enterprise Security Open Systems Security Security Mgmt. WAN Security
Social and Policy Issues
------------------------
Cryptographic standards Information Priv. Legal Issues Tech. Export
Instructions for Authors
========================
Authors should submit five copies of their papers to Ravi Ganesan at the
address below by May 15, 1993. Papers should not exceed 7500 words (approx.
15 single spaced pages of 11pt), and should not have been published or
submitted else where. As the review process will be anonymous, names and
affiliations of authors should appear only on a separate cover sheet. Authors
will be notified of review decisions by July 15, 1993. Camera ready copies of
accepted papers are due back by August 15, 1993 for inclusion in the
Conference proceedings.
Program Committee
=================
Victoria Ashby, MITRE Steve Bellovin, AT&T Bell Labs.
Whitfield Diffie, SUN Microsystems Taher El Gamal, RSA
Deborah Estrin, Univ. of Southern CA Joan Feigenbaum, AT&T Bell Labs.
Virgil Gligor, Univ. of Maryland Li Gong, ORA Corp.
Richard Graveman, Bellcore Sushil Jajodia, George Mason U
Paul Karger, GTE Carl Landwehr, NRL
E. Stewart Lee, Univ. of Toronto Giancarlo Martella, Univ. of Milan
Michael Merritt, AT&T Bell Labs Jonathan Millen, MITRE
Clifford Neuman, USC Info. Sci. Inst. Steven Rudich, CMU
Rainer Rueppel, Crypto AG Eugene Spafford, Purdue Univ
Jacques Stern, DMI-GRECC Michael Wiener, BNR
Yacov Yacobi, Bellcore
Organizers
==========
General Chairs
--------------
Dorothy Denning Raymond Pyle
Georgetown U Bell Atlantic
Reiss 225 7th Floor, 11720 Beltsville Drive
Georgetown, DC 20057 Beltsville, MD 20705
denning@cs.georgetown.edu rpyle@socrates.bell-atl.com
Program Chairs
--------------
Ravi Ganesan Ravi Sandhu
Bell Atlantic George Mason U
7th Flr, 11720 Beltsville Drive ISSE Dept.
Beltsville, MD 20705 Fairfax, VA 22030
ravi@socrates.bell-atl.com sandhu@sitevax.gmu.edu
Ph#: (301) 595-8439
Proceedings Chair and Treasurer Local Arrangements Chair
------------------------------- ------------------------
Victoria Ashby Catherine Hoover
MITRE George Mason U
7525 Coleshire Drive, Center for Professional Development
McLean, VA 22102 Fairfax, VA 22030
ashby@mitre.org Ph#:(703) 993-2090
**************************
