Newsgroups: sci.crypt
Path: cantaloupe.srv.cs.cmu.edu!crabapple.srv.cs.cmu.edu!bb3.andrew.cmu.edu!news.sei.cmu.edu!cis.ohio-state.edu!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!howland.reston.ans.net!ux1.cso.uiuc.edu!bradley.bradley.edu!camelot!betel
From: betel@camelot.bradley.edu (Robert Crawford)
Subject: Re: How to detect use of an illegal cipher?
Message-ID: <betel.734997645@camelot>
Sender: news@bradley.bradley.edu
Nntp-Posting-Host: camelot.bradley.edu
Organization: Bradley University
References: <C5L17v.GH5@dove.nist.gov> <bontchev.734981805@fbihh> <1qmugcINNpu9@gap.caltech.edu> <1qn74nINNi38@golden.kaleida.com>
Date: 16 Apr 93 22:00:45 GMT
Lines: 20

Jay Fenton <Fenton@Kaleida.Com> writes:

>How can the government tell which encryption method one is using without
>being able to decode the traffic? i.e., In order to accuse me of using an
>unauthorized strong encryption technique they would have to take both
>keys out of escrow, run them against my ciphertext and "draw a blank".

	I was thinking about this, also. It's quite possible the
system transmits, in clear, the serial number of the device being
used. That way they can start a tap, get the serial number, and use
the warrant for the first tap to get the key.

	If they tap someone who's apparently using encryption, but
don't find that prefix, then they'll assume it's an "un-authorized"
encryption scheme.

--
	May the Kloo Gnomes be generous to you.

Robert Crawford				betel@camelot.bradley.edu
