Cryptography-Digest Digest #666, Volume #13 Fri, 9 Feb 01 21:13:01 EST
Contents:
URL for article about NSA/VmWare project ("Douglas A. Gwyn")
Re: Factoring (and not the Philippino :) (Splaat23)
Re: Factoring (and not the Philippino :) ("Michael Brown")
Shortening ElGamal encryption (lcs Mixmaster Remailer)
Re: Bill Payne and Philippine RSA "break" (Paul Crowley)
Re: Phillo's alg is faster than index calculus ([EMAIL PROTECTED])
Re: Phillo's alg is faster than index calculus ([EMAIL PROTECTED])
Re: Factoring (and not the Philippino :) (John Savard)
Re: Factoring (and not the Philippino :) (Bob Silverman)
Re: ideas of D.Chaum about digital cash and whether tax offices are ("Thomas J.
Boschloo")
Re: ideas of D.Chaum about digital cash and whether tax offices are ("Thomas J.
Boschloo")
Chosen Key ID attack on PGP/RSA (Was: Custom Key ID) ("Thomas J. Boschloo")
Re: ideas of D.Chaum about digital cash and whether tax offices are ("Thomas J.
Boschloo")
Re: ideas of D.Chaum about digital cash and whether tax offices are ("Thomas J.
Boschloo")
----------------------------------------------------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: URL for article about NSA/VmWare project
Date: Fri, 9 Feb 2001 23:26:00 GMT
http://www.vmware.com/news/releases/nsa_pr.html
------------------------------
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: Factoring (and not the Philippino :)
Date: Sat, 10 Feb 2001 00:11:44 GMT
In regards to (3), if gcd(n, e) <> 1, then it is a break of the
modulus, because e will be either p or q (the only factors of n).
What is the current theory/facts regarding the uniqueness of a number
and its inverse in a n modulus field? I mean, can a given 'e' have
multiple 'd''s (besides d' = d + n) that work as a RSA pair? My
understanding was that as long as gcd(e,n) = 1 (which means e <> p and
e <> q), then e has a unique inverse.
- Andrew
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> DJohn37050 wrote:
> > if e = 3 then p (and q) = 2 mod 3 which gives more info about the
values
>
> I have some general thoughts about potential RSA cracking:
> (1) N is computed from p and q, e and d are computed via z. It is
> often said that cracking an RSA encryption is equivalent to factoring
> N, but in practice one is faced with a known (N,e) and all that is
> needed for a crack is *some* d' (not necessarily the d maintained
> as a secret by the sender) that has the relevant inverse property,
> not p and q. Is it a theorem that knowing (N,e,d) allows a fast
> recovery of p and q? If not, then the notion that cracking RSA is as
> hard as factoring needs to be rethought.
> (2) Cracking RSA is not the same as merely being given N and
> being asked to factor it. What we are actually given is (N,e)
> *and* an algorithm for using them for arbitrary (controlled-PT)
> encryptions. That means that we can "tickle" the system by
> encrypting some suitable basis set, maybe the individual bits
> 1, 2, 4, 8, 16, etc., or a batch of small primes 2, 3, 5, 7, etc.,
> or a randomly chosen set as in an index-calculus attack, or
> whatever else might fit a particular attack.
> (3) Why isn't the GCD applied to (N,e) and resultants of any use
> in finding a d'? (I don't claim to be a number theorist; maybe
> the answer is obvious to someone who is.)
>
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Michael Brown" <[EMAIL PROTECTED]>
Subject: Re: Factoring (and not the Philippino :)
Date: Sat, 10 Feb 2001 13:57:02 +1300
"John Savard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Fri, 9 Feb 2001 17:37:22 +1300, "Michael Brown"
> <[EMAIL PROTECTED]> wrote, in part:
>
> >No flames, please, unless you
> >actually _look_ at it :)
>
> Well, I've looked at it, and one thing puzzles me.
>
> Not all numbers are the product of two prime numbers. Some numbers
> have many prime factors.
Correct, but you break the number into two smaller peices (by selecting
where the bits are different and doing the algebra like thing) then do a
primality test on the two numbers and repeat if necessary (try it, and
you'll se what I mean :)
>
> One can't automatically tell which form a number is in just by looking
> at its last few digits, either.
>
> So how can it be possible to prove, from the last few digits of a
> number, what the last two digits of the numbers multiplied to make it
> must be?
I can't unless the last two digits are 11. The
> I don't think that an algorithm that is like regular
> multiplication, but working backwards, can be possible. But maybe I
> haven't looked carefully enough, and you are working backwards in a
> multiplication algorithm with different properties.
>
> John Savard
> http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
Date: 10 Feb 2001 01:00:04 -0000
From: lcs Mixmaster Remailer <[EMAIL PROTECTED]>
Subject: Shortening ElGamal encryption
With normal ElGamal encryption, you send:
g^k, M * y_r^k
where y_r is the recipient's public key and k is chosen randomly.
The problem is, if we are dealing with 1024 bit keys, this is 2048 bits.
Suppose the sender has a public key of his own, y_s, available to
the recipient. Rather than sending g^k, he sends t, defined by:
t = k / x_s
where x_s is the sender's private key, g^x_s = y_s.
Then the recipient can recover g^k from:
t = k / x_s
k = t * x_s
g^k = y_s ^ t
Sending t in place of g^k is potentially a significant savings as both
k and x_s can be chosen much smaller than the modulus. For a 1024 bit
modulus these values can be about 160 bits as in the DSA signature.
Therefore sending
t, M * y_r^k
will take a total size of 160 + 1024 or 1184 bits, a considerable
savings over the 2048 bits of normal ElGamal.
One problem with this approach is that k is now exposed to the same
security issues as the k in the DSA signature. If k is ever exposed or
guessed, the sender's private key x_s is revealed; likewise if k is ever
used twice. And as with the recent attack from Daniel Bleichenbacher,
bias in the choice of k could also leak the private key. However these
problems are not inherently difficult to solve, and in some environments
the savings may be worthwhile.
Naturally this approach can also be applied to other crypto protocols
which involve sending g^k mod p for a random k.
------------------------------
Subject: Re: Bill Payne and Philippine RSA "break"
From: Paul Crowley <[EMAIL PROTECTED]>
Date: Sat, 10 Feb 2001 01:01:20 GMT
Tom St Denis <[EMAIL PROTECTED]> writes:
> In article <[EMAIL PROTECTED]>,
> lcs Mixmaster Remailer <[EMAIL PROTECTED]> wrote:
> > Ironically, the Philippine RSA "break" is a retread of an old bogus
> > algorithm which was torn to shreds in the mists of sci.crypt's past.
[snip]
> > As David Wagner wrote back in 1999 on sci.crypt,
> >
> > > Bill Payne's method was 100% bogus. (So bogus that I'm a bit embarassed
> > > to even admit to having read it.) It had exponential time complexity,
> > > and would probably perform even worse than trial division. In no way
> > > does his "attack" justify the statement `RSA is broken'.
>
> So not only is it bogus, but it's not even new bogus? That's low.
On the other hand, this time the guy who presented it has been very
polite about it. Agreed, going to the press before he could be sure
was irresponsible (though he claims he asked them to hold off
publishing 'till Rivest confirmed his result) but he's been polite to
everyone and admitted his mistakes.
In that sense, he understands how crypto is done far better than any
of sci.crypt's resident nuts.
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Phillo's alg is faster than index calculus
Date: Sat, 10 Feb 2001 01:00:04 GMT
> Ok, I'll bite:
>
> b. No, it isn't because Phillo's algorithm is exponential in the
size of
> the number being factored, while index calculus is subexponential.
>
> --
> poncho
>
YooHoo! Finally some response! Except that i ain't talking about
factoring here!
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Phillo's alg is faster than index calculus
Date: Sat, 10 Feb 2001 01:11:37 GMT
> Your point is wrong. The current discreet log schemes use
> generators of large (and prime) order.
How about RSA? m^e = c mod pq, c^d = m mod pq
The message m won't be a generator.
Then c and m may have small cycles.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Factoring (and not the Philippino :)
Date: Sat, 10 Feb 2001 01:09:49 GMT
On Sat, 10 Feb 2001 13:57:02 +1300, "Michael Brown"
<[EMAIL PROTECTED]> wrote, in part:
>Correct, but you break the number into two smaller peices (by selecting
>where the bits are different and doing the algebra like thing) then do a
>primality test on the two numbers and repeat if necessary (try it, and
>you'll se what I mean :)
My point is that since the two smaller pieces aren't always _unique_,
why should - and how could - a method like yours work at all?
Of course you can repeat a method that splits a number into two
factors if non-prime to obtain a complete factorization, as you note.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Factoring (and not the Philippino :)
Date: Sat, 10 Feb 2001 01:19:26 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> DJohn37050 wrote:
> > if e = 3 then p (and q) = 2 mod 3 which gives more info about the
values
>
> I have some general thoughts about potential RSA cracking:
> (1) N is computed from p and q, e and d are computed via z. It is
> often said that cracking an RSA encryption is equivalent to factoring
> N, but in practice one is faced with a known (N,e) and all that is
> needed for a crack is *some* d' (not necessarily the d maintained
> as a secret by the sender) that has the relevant inverse property,
> not p and q. Is it a theorem that knowing (N,e,d) allows a fast
> recovery of p and q?
Yes. *super* fast
> (2) Cracking RSA is not the same as merely being given N and
> being asked to factor it. What we are actually given is (N,e)
> *and* an algorithm for using them for arbitrary (controlled-PT)
> encryptions. That means that we can "tickle" the system by
> encrypting some suitable basis set, maybe the individual bits
> 1, 2, 4, 8, 16, etc., or a batch of small primes 2, 3, 5, 7, etc.,
> or a randomly chosen set as in an index-calculus attack, or
> whatever else might fit a particular attack.
This is just a chosen ciphertext attack, if I read your intent
correctly. It isn't terrible helpful.
> (3) Why isn't the GCD applied to (N,e) and resultants of any use
> in finding a d'? (I don't claim to be a number theorist; maybe
> the answer is obvious to someone who is.)
Huh? GCD(N,e) better be 1!!! N is not supposed to have small
divisors.....
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Crossposted-To: sci.crypt,talk.politics.crypto,alt.cypherpunks
Subject: Re: ideas of D.Chaum about digital cash and whether tax offices are
Date: Fri, 09 Feb 2001 23:52:06 +0100
"Douglas A. Gwyn" wrote:
>
> George Weinberg wrote:
> > On Sun, 04 Feb 2001 00:18:03 +0100, "Thomas J. Boschloo"
> > <[EMAIL PROTECTED]> wrote:
> > >hat if there would be
> > >a technology that allowed every bullet to be traced by some homing
> > >signal. Just like GSM phones are now. Would we use it to stop
> > >drive-by-shootings and terrorist actions in shopping malls?
> > Never work in the real world. A bullet with a GPS installed in would
> > probably cost about a grand, as opposed to more like a nickle for
> > a normal lead one, which would work better. No chance of getting
> > anyone to use something like this, ever.
>
> You missed the real, generic reason why it wouldn't work in the
> real world: Criminals don't follow the rules. Even if they
> couldn't obtain *or make* any ammo without a "tracing signal",
> what would they care about any trace? They'd be long gone.
Of course it wouldn't be possible in the real world, but it would mean
that the government could trace the owners of bullets everywhere around
the globe (in a sort of 'Nikita' way if you know the series). Also, if
one was fired, it could be automatically detected because of it's high
change in position. The question was, would we use such technology if it
was possible (which it is not)? It would be highly intrusive to the
privacy of gun owners (just like GSM's are now). But it would also allow
very effective forms of law enforcement. Like maybe take pictures from
space on the spot of the crime. Or look for cars in the vincinity (which
would also have some tracking chips inside like they are proposing now
in Holland). Or look for other bullets in the vincinity of the place
that the shots where fired from, basically requiring the 'criminal' to
empty his magazines to make a clean get away.
I am not talking about a one grand GPS bullet or some other form of
smart bullet. Just some sci-fi (emphasis on 'fi') way to trace all
bullets around the world.
Thank you for all your responces,
Thomas
--
=====BEGIN PGP MESSAGE=====
Comment: This dirty signed executable will twart Netsafe 4.2
Comment: Try Netsafe at <http://www.ozemail.com.au/~netsafe>
owEBzQAy/4kAeQMFADpc/IoBD9pfIlygCQEBvXYDHjqpd4mblDvTxQsubVPZAhEL
21LgMaNgT5rE9+Te4zLxaC4XpcnC7uMXSMPDWOPGHCijf9J2jo9HdrYsjQWPWUXH
JgwazJ88Df13S3QG8R3+i+uxtGxCG6OPr94nLSbdfcrO/6isT2IMdC11bnNhZmUu
Y29tAAAAAOsjLoA+/wAAdAHPgPwwdRBQLv4G/wC0TM0hLv4O/wBYLv8uXAC4ITXN
IYkeXACMBl4AtCW6AgHNIbIlzSc=
=3E5B
=====END PGP MESSAGE=====
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Crossposted-To: sci.crypt,talk.politics.crypto,alt.cypherpunks
Subject: Re: ideas of D.Chaum about digital cash and whether tax offices are
Date: Fri, 09 Feb 2001 23:52:06 +0100
"Douglas A. Gwyn" wrote:
>
> George Weinberg wrote:
> > On Sun, 04 Feb 2001 00:18:03 +0100, "Thomas J. Boschloo"
> > <[EMAIL PROTECTED]> wrote:
> > >hat if there would be
> > >a technology that allowed every bullet to be traced by some homing
> > >signal. Just like GSM phones are now. Would we use it to stop
> > >drive-by-shootings and terrorist actions in shopping malls?
> > Never work in the real world. A bullet with a GPS installed in would
> > probably cost about a grand, as opposed to more like a nickle for
> > a normal lead one, which would work better. No chance of getting
> > anyone to use something like this, ever.
>
> You missed the real, generic reason why it wouldn't work in the
> real world: Criminals don't follow the rules. Even if they
> couldn't obtain *or make* any ammo without a "tracing signal",
> what would they care about any trace? They'd be long gone.
Of course it wouldn't be possible in the real world, but it would mean
that the government could trace the owners of bullets everywhere around
the globe (in a sort of 'Nikita' way if you know the series). Also, if
one was fired, it could be automatically detected because of it's high
change in position. The question was, would we use such technology if it
was possible (which it is not)? It would be highly intrusive to the
privacy of gun owners (just like GSM's are now). But it would also allow
very effective forms of law enforcement. Like maybe take pictures from
space on the spot of the crime. Or look for cars in the vincinity (which
would also have some tracking chips inside like they are proposing now
in Holland). Or look for other bullets in the vincinity of the place
that the shots where fired from, basically requiring the 'criminal' to
empty his magazines to make a clean get away.
I am not talking about a one grand GPS bullet or some other form of
smart bullet. Just some sci-fi (emphasis on 'fi') way to trace all
bullets around the world.
Thank you for all your responces,
Thomas
--
=====BEGIN PGP MESSAGE=====
Comment: This dirty signed executable will twart Netsafe 4.2
Comment: Try Netsafe at <http://www.ozemail.com.au/~netsafe>
owEBzQAy/4kAeQMFADpc/IoBD9pfIlygCQEBvXYDHjqpd4mblDvTxQsubVPZAhEL
21LgMaNgT5rE9+Te4zLxaC4XpcnC7uMXSMPDWOPGHCijf9J2jo9HdrYsjQWPWUXH
JgwazJ88Df13S3QG8R3+i+uxtGxCG6OPr94nLSbdfcrO/6isT2IMdC11bnNhZmUu
Y29tAAAAAOsjLoA+/wAAdAHPgPwwdRBQLv4G/wC0TM0hLv4O/wBYLv8uXAC4ITXN
IYkeXACMBl4AtCW6AgHNIbIlzSc=
=3E5B
=====END PGP MESSAGE=====
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp.discuss
Subject: Chosen Key ID attack on PGP/RSA (Was: Custom Key ID)
Date: Sat, 10 Feb 2001 01:58:18 +0100
=====BEGIN PGP SIGNED MESSAGE=====
"Imad R. Faiad" wrote:
>
> As for engineered RSA Key ID's, unfortunately,
> there is no automated tool to do that yet.
Chris Drake says he has a utility to do so. He has a chosen key ID on
his (business) RSA key of 2048 bits and claims it is as secure as a 1024
bit normal RSA key if I understood him correctly.
I also noticed there is an extra key with the same Key ID as mine
(0x225CA009). Only one is mine. So there must be somebody that can do
this, and he probably doesn't like me <g>. Maybe I'll try to factor the
second key some time and see if I can generate a decryption key for it.
I have received some posts encrypted to the wrong key (like I never sign
my posts).
> The reason being, is that I have not yet found
> a way to automate this process without
> compromising the generated key. So you have
> to do it yourself.
>
> On the other hand, RSA key ID engineering
> is more scientific, and a fun thing to do.
> It is also high yield when you succeed:-)
I guess you can just factor the chosen Key ID like 0x225ca009, and force
each of these factors over the lower 32 bits of your p or q. This can be
done in 386 32 bit registers like EAX, EBX, etc. so it should be a lot
faster than generating MPI numbers and test them for primality. You just
change the way to generate random MPI numbers and sacrifice at most
those 32 or maybe even 64 bits on your resulting RSA key length. That is
a small price to pay for a chosen Key ID like '0xC001C001'. That is
unless the guys as sci.crypt know something more to be wrong with this
way of key generation. This is something that probably never can be
totally ruled out, discrete math has a tendency to behave very wierd in
my non-expert opinion. (At least that is what my math teacher told me
when he explained the theory behind RSA).
Thomas
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>
iQB5AwUBOoSEFgEP2l8iXKAJAQExswMgpGPpQ4XqvfDGO0DkH5iJJfoylHqNE8lZ
BZfKwHYG1UGpiJAxkLD/BQG6te6SdBzls+iwtCyjK5l/UxDTiymQvwIeMEWO7hR7
BEws1gVJZzDmGIhVqDACF7HDEyIDK/SeTDANPw==
=Iew1
=====END PGP SIGNATURE=====
--
Sharon build the bomb. His voters lit the fuse.
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.cypherpunks
Subject: Re: ideas of D.Chaum about digital cash and whether tax offices are
Date: Sat, 10 Feb 2001 02:04:41 +0100
Darren New wrote:
>
> Thomas J. Boschloo wrote:
> > This really has some consequences.
>
> The only real consequence of all this is that you can't make distribution of
> some types of digital information illegal while other types remain legal.
> The real problem is that it's too hard to catch pornographers/drug
> manufacturers/witches, so you catch their customers instead.
There is a good point in this, but I think it is beyond the interest of
this newsgroup. In his book 'Naked lunch', W.S. Buroughs states that to
destroy the 'junkie-pyramid' you have to start at the botom. He means
that a 'junkie' will basically sell his own grandmother to get his shot,
and the people upward on the pyramid are easily replacable.
Staying a bit off-topic, I think the only way to win the war on drugs is
to make drugs legal. That way drugs barons won't be criminals anymore
and you can tax them and they would probably better their lives
eventually because criminal activities are a risk to any legimit
business. Just 2 cents ;-)
> > content protected media (aka software enforced licensing schemes) will
> > make producers of such illegal material feel very secure.
>
> Well, I guess the laws will change. Gunpowder was pretty shocking to armored
> knights at the time, too.
Guns are basically outlawed in Holland. I feel very priviledged to have
fired an UZI full automatic gun during my subscribtion in the dutch
army. I must admit that it gives a kick (I'm probably spoiled forever).
A lot of the people I meet nowadays are vegetarians and pacifists. I
would rather be a vegetarian and give up all meat (including the fat
they use to bake chips and such) than being a pacifist. If you have some
kind of power you should use it ;-D
> > I also had an somewhat related (anti-echelon) thought about firearms
> > (since you Americans seem so obsessed with that). What if there would be
> > a technology that allowed every bullet to be traced by some homing
> > signal.
>
> Traced to what? Where it is? By whom? The government? They're the people we
> americans distrust! :-)
Traced by the government (police, secret service, echelon). From the
barrel to it's target and at any time they make a probe for it.
> > What is your standing on Assassination Politics by Jim Bell? In it
> > bad/corrupt politicians get killed by pseudonymiously 'predicting' the
> > time of death of that politician.
>
> If it ever became real, it would be made illegal to gamble on the death of a
> famous person, is all. Jim Bell seems to forget that when some legal
> activity threatens politicians, politicians make it illegal.
Problem is, that with anonymous publishing and anonymous 'donations' and
anonymous virtual vaults it cannot be stopped. The people or computer
systems involved will never be traced (unless the government has access
to all computers in the world, brrr, the thought alone! Makes Key escrow
look like an innocent sheep).
Thomas
--
=====BEGIN PGP MESSAGE=====
Comment: This dirty signed executable will twart Netsafe 4.2
Comment: Try Netsafe at <http://www.ozemail.com.au/~netsafe>
owEBzQAy/4kAeQMFADpc/IoBD9pfIlygCQEBvXYDHjqpd4mblDvTxQsubVPZAhEL
21LgMaNgT5rE9+Te4zLxaC4XpcnC7uMXSMPDWOPGHCijf9J2jo9HdrYsjQWPWUXH
JgwazJ88Df13S3QG8R3+i+uxtGxCG6OPr94nLSbdfcrO/6isT2IMdC11bnNhZmUu
Y29tAAAAAOsjLoA+/wAAdAHPgPwwdRBQLv4G/wC0TM0hLv4O/wBYLv8uXAC4ITXN
IYkeXACMBl4AtCW6AgHNIbIlzSc=
=3E5B
=====END PGP MESSAGE=====
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.cypherpunks
Subject: Re: ideas of D.Chaum about digital cash and whether tax offices are
Date: Sat, 10 Feb 2001 02:26:46 +0100
Anonymous wrote:
>
> In article <[EMAIL PROTECTED]>
> "Thomas J. Boschloo" <[EMAIL PROTECTED]> wrote:
> <snip>
> | But I have been thinking about this some more and it is not just pedo
> | pictures that are at stake here. And we are talking about real, strong
> | pseudonymity here. Like freenet. The technology is already there. 4C
> | Entity has the technology that will allow pedo-pornographers to
> | distribute forbidden material that is encrypted, and to decrypt it
> | consumers will have to get a digital license. I guess it wouldn't be
> | hard to do this anonymously if e-cash becomes anonymous. This really has
> | some consequences.
> <snip>
> This is no argument against *total* anonymity. Let's pretend most parts
> of the pepulation are no criminals. First - if you provide strong tools
> for encryption and anonymity, who will benefite? Okay, criminals as well
> as noncriminals. Now, if - let's say - two out of 500 are criminals, you'll
> protect the comunication of 498 people. This far better than most laws on
> taxes!
Well, if the FBI ever does some research on this (with the help of the
Frog-Admin <G>), they will probably find different numbers as they are
most probably baised.
> Second, what kinds of abuse do you think of? Ok there are the
> pedo-pornographes. They do not commit their primary crime on
> a computer. All
> their actions that lead to the pictues/movies are prohibited
> by noncyber-laws. The only other thing I can think of is
> blackmail. This does not seem to be a problem as every
> recipent of those emails could ask the remops to
> foreward no mail to her/his account for some time.
And there is traffic loss, remailers are only 95% accurate of course.
This can be countered by sending the same blackmail multiple times, but
maybe in the future such messages can be traced (I hope not). Come to
think of it, I think black-mailers (like angry ex-wifes) will probably
want to be known. It won't help the black-mailed person much if he tells
on her.
> Sorry to step out of the line, but could you please give me some URL on
> freenet technology? My search did only turn up some providers. <g>
SURE! <freenet.sourceforge.net> IIRC. Programmer is Berkley student and
cypher hero Ian Clarke IIRC (and I do remember correctly).
> |I sure am confusing myself :-) Thanks for all the responces so far. I
> |think this is an important discussion, even if I don't get all the
> |topics right first time.
> Try an other newsserver: http://www.newzbot.com/
I'll try.
> Thomas - GPL for presidency
Two Thomasses! Great. I like Gnu.org also, but they should create more
kick-ass games ;)
Here is another thought I had about my own examples. It is probably good
to have access to this illegal material as it can be used as evidence.
People probably don't want to know, let alone see reall snuff movies or
real rape pictures, but what if it hadn't be documented? Would that make
it go away? I think not.
Let the rapists, pedophiles and video murderers feel safe, it will at
least let the 'nabestaanden'/parents/friends know what happened to their
loved ones. And perhaps give some more info (like location, environment
sounds, you know, the stuff you see in movies). I hear that IRL
murderings are not generaly solved and in most cases not even the body
will be found :-( Maybe we do need that 'Nikita' bio-tracing
technology. Perhaps not. I value my privacy and that of others.
I think I am able to create a defendable opinion for myself now on the
topic of anonymous digital cash. Thanks for all your help, it has been
very valuable for me. At least I will be able to call myself a hard-core
cypherpunk activist again without second thoughts. Now if only the
newspapers would publish my letters :-) They really do suck. Sometimes I
think they colaborate with the music industry and other evil empires ;-)
Greetings,
Thomas
--
=====BEGIN PGP MESSAGE=====
Comment: This dirty signed executable will twart Netsafe 4.2
Comment: Try Netsafe at <http://www.ozemail.com.au/~netsafe>
owEBzQAy/4kAeQMFADpc/IoBD9pfIlygCQEBvXYDHjqpd4mblDvTxQsubVPZAhEL
21LgMaNgT5rE9+Te4zLxaC4XpcnC7uMXSMPDWOPGHCijf9J2jo9HdrYsjQWPWUXH
JgwazJ88Df13S3QG8R3+i+uxtGxCG6OPr94nLSbdfcrO/6isT2IMdC11bnNhZmUu
Y29tAAAAAOsjLoA+/wAAdAHPgPwwdRBQLv4G/wC0TM0hLv4O/wBYLv8uXAC4ITXN
IYkeXACMBl4AtCW6AgHNIbIlzSc=
=3E5B
=====END PGP MESSAGE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
