[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] MIT prof hatches alternative Internet security plan
From:       jericho () dimensional ! com
Date:       1998-03-28 9:54:31
[Download RAW message or body]


From: Gary Porter <grporter@nps.navy.mil>

Monday March 23 12:43 PM EST

MIT prof hatches alternative Internet security plan

SAN FRANCISCO (Wired) - An MIT professor has proposed a new method of
providing for secure data exchange on the Internet -- one that uses a
technique that he argues lies outside the control of US officials
struggling to maintain a tight hold on encryption-enabled software. 

Ronald Rivest, relying on an ancient threshing floor analogy, calls his
process chaffing and winnowing.

Using his technique, messages are sent on the Net in a combination of good
packets (wheat) and bad packets (chaff). 

The wheat packets can be distinguished - or winnowed - from the chaff
packets by the authentication code, or MACs, appended to them. 

If a packet meets the authentication code, it is valid; if it fails, it is
not valid and is thrown out. They key to the authentication code is known
only by the sending and receiving parties. 

Rivest notes that authenticating data is not considered encryption, and
thus his chaffing and winnowing process would avoids US restrictions on
the export of encryption technology. 

On an MIT (http://www-eecs.mit.edu/) site he writes: "Access to
authentication keys is one thing that government has long agreed that they
don't want to." 

Rivest's paper, reported in Sunday's New York Times, has a clear political
point: "As a consequence of the existence of chaffing and winnowing," he
writes, "one can argue that attempts by law enforcement to regulate
confidentiality by regulating encryption must fail, as confidentiality can
be obtained effectively without encryption." 

(Reuters/Wired)


-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated

[prev in list] [next in list] [prev in thread] [next in thread]