NSA MSFT CAPI keys as PGP keys
[This struck me as having an entropy of at least 2048 bits so I'm passing it on --Perry] Anonymous provided the NSA and Microsoft CAPI keys in hex, so here are their RSA CAPI keys formatted as PGP keys. I've signed them. I put the keys at: http://www.dcs.ex.ac.uk/~aba/nsakey/ Adam Type Bits/KeyIDDate User ID pub 1024/51682D1F 1999/09/06 NSA's Microsoft CAPI key [EMAIL PROTECTED] -BEGIN PGP PUBLIC KEY BLOCK- Version: 2.6.3i mQCPAzfTdH0AAAEEALqOFf7jzRYPtHz5PitNhCYVryPwZZJk2B7cNaJ9OqRQiQoi e1YdpAH/OQh3HSQ/butPnjUZdukPB/0izQmczXHoW5f1Q5rbFy0y1xy2bCbFsYij 4ReQ7QHrMb8nvGZ7OW/YKDCX2LOGnMdRGjSW6CmjK7rW0veqfoypgF1RaC0fABEB AAG0LU5TQSdzIE1pY3Jvc29mdCBDQVBJIGtleSA8cG9zdG1hc3RlckBuc2EuZ292 PokBFQMFEDfTdJE+e8qoKLJFUQEBHnsH/ihUe7oq6DhU1dJjvXWcYw6p1iW+0euR YfZjwpzPotQ8m5rC7FrJDUbgqQjoFDr++zN9kD9bjNPVUx/ZjCvSFTNu/5X1qn1r it7IHU/6Aem1h4Bs6KE5MPpjKRxRkqQjbW4f0cgXg6+LV+V9cNMylZHRef3PZCQa 5DOI5crQ0IWyjQCt9br07BL9C3X5WHNNRsRIr9WiVfPK8eyxhNYl/NiH2GzXYbNe UWjaS2KuJNVvozjxGymcnNTwJltZK4RLZxo05FW2InJbtEfMc+m823vVltm9l/f+ n2iYBAaDs6I/0v2AcVKNy19Cjncc3wQZkaiIYqfPZL19kT8vDNGi9uE= =PhHT -END PGP PUBLIC KEY BLOCK- Type Bits/KeyIDDate User ID pub 1024/346B5095 1999/09/06 Microsoft's CAPI key [EMAIL PROTECTED] -BEGIN PGP PUBLIC KEY BLOCK- Version: 2.6.3i mQCPAzfTc8YAAAEEALJz4nepw3XHC7dJPlKws2li6XZiatYJujG+asysEvHz2mwY 2WlRggxFfHtMSJO9FJ3ieaOfbskm01RNs0kfoumvG/gmCzsPut1py9d7KAEpJXEb F8C4d+r32p0C3V+FcoVOXJDpsQz7rq+Lj+HfUEe8GIKaUxSZu/SegCE0a1CVABEB AAG0L01pY3Jvc29mdCdzIENBUEkga2V5IDxwb3N0bWFzdGVyQG1pY3Jvc29mdC5j b20+iQEVAwUQN9Nz5j57yqgoskVRAQFr/gf8DGm1hAxWBmx/0bl4m0metM+IM39J yI5mub0ie1HRLExP7lVJezBTyRryV3tDv6U3OIP+KZDthdXb0fmGU5z+wHt34Uzu xl6Q7m7oB76SKfNaWgosZxqkE5YQrXXGsn3oVZhV6yBALekWtsdVaSmG8+IJNx+n NvMTYRUz+MdrRFcEFDhFntblI8NlQenlX6CcnnfOkdR7ZKyPbVoSXW/Z6q7U9REJ TSjBT0swYbHX+3EVt8n2nwxWb2ouNmnm9H2gYfXHikhXrwtjK2aG/3J7k6EVxS+m Rp+crFOB32sTO1ib2sr7GY7CZUwOpDqRxo8KmQZyhaZqz1x6myurXyw3Tg== =ms8C -END PGP PUBLIC KEY BLOCK-
Echelon in the news
Readers of this list may be interested in http://www.nandotimes.com/technology/story/body/0,1634,89923-142316-981920-0,00.html, which discusses Echelon and its impact in Europe. It's also the first mention I've seen of Echelon in mainstream American-based media. --Steve Bellovin
Re: Paul Brown on Solitiare randomness flaw?
[I have my doubts about the reality of this description -- the entire stego description seems like fantasy, especially given the low bandwidths available into many countries, and the obviousness of the whole thing. However, I'm forwarding it in spite of my bogometer beeping... Caveat Lector... --Perry] Arnold Reinhold [EMAIL PROTECTED] writes: Security concerns aside, I'd question Solitiare's suitability for field use by human rights people. First of all it is very tedious to use and a single mistake can be difficult to recover from. Second, just receiving or attempting to transmit ciphertext could be enough to get you into serious trouble in some places. We've done quite a bit of work with human rights groups and other NGOs working in relatively hostile third-world countries. Our approach has been to pack most email into MIME digests, which are then PGP-encrypted. The obvious ASCII PGP start and end message lines are removed, and the encrypted digest is stego'ed into the lower one or two LSBs of topical but relatively innocuous JPEG/GIF/TIFF images, which are attached to clear text email messages. Our mail servers in Europe and the US look for stego'ed PGP messages within image files bound for certain addresses. The PGP messages are decrypted, the MIME digests are extracted from them, and the digests' individual RFC822 messages (which can themselves contain MIME content or personal PGP-encrypted messages) are automatically remailed. Similarly, outbound messages are sent through our mail servers, which packs them into MIME digests, PGP-encrypts them, and stego's them into image or audio files, which are emailed to our overseas clients. Since PGP-encrypted text messages are quite small, the image or audio files don't have to be too big. Most of the server processing is handled by extensively-modified PGPdomo software (and procmail, of course). The clients use small plug-ins (which we wrote in C) for Eudora and Pegasus. Digests are time-stamped, and separate messages carry lists of digests sent and received, so we know if messages get "lost" in transit. This has worked quite well for us for over five years now, over a variety of media -- FIDOnet, dial-up UUCP, small-aperture satellite, shortwave packet radio, hand-carried floppies, and conventional network connections. Although the identity and location of our mail servers could be determined, we have been able to rely upon physical security to deter (and detect) tampering, and upon the political climates of our host countries to avoid interference from LEOs.
Encrypto Mailing List
--- begin forwarded text From: online-e [EMAIL PROTECTED] To: online-e [EMAIL PROTECTED] Subject: Encrypto Mailing List Date: Mon, 6 Sep 1999 15:24:34 -0500 Originator: [EMAIL PROTECTED] __ Online Europe ___ From: Thomas Roessler [EMAIL PROTECTED] Subject: Encrypto Mailing List A new mailing list, [EMAIL PROTECTED], has been established. It's intended for discussions of crypto politics with a focus on the European Union. Topics include: - Announcements and discussions on common European issues concerning availability, use, legal framework and politics of cryptographic techniques. - Announcements and discussions on common issues concerning communications interception and related topics, e.g. state-sponsored hacking of communication end points. - Announcements and brief discussions on national issues which may be of interest abroad. Extensive and in-depth discussions on such topics should be performed on respective national mailing lists such as [EMAIL PROTECTED] (for the UK), or [EMAIL PROTECTED] (for Germany). - Announcements and discussions on joint initiatives and campaigns concerning any of the abovementioned topics. To subscribe to the list, send an e-mail containing the words "subscribe eucrypto" to [EMAIL PROTECTED]. --- SPONSOR'S MESSAGE --- 24/7 Europe provides European Web Sites with focused advertising and sponsorship sales, locally, regionally and globally. With 14 offices in 12 European markets, and through 24/7 affiliates in the US, Asia Pacific and Latin America, we provide the one-stop solution that links Europe's online markets to the rest of the World. http://www.247europe.com If you find Online Europe useful, please forward this message to a friend or colleague. It's the easiest way you can contribute to increasing the value of this forum. To subscribe: mailto:[EMAIL PROTECTED] For information about Online Europe sponsorship, please contact Steven Carlson at mailto:[EMAIL PROTECTED] Online Europe is proudly hosted by Revnet Express. To learn more about how hosted email marketing can increase sales, build customer loyalty and strengthen brand awareness, please contact Lorraine Pieterse at: mailto:[EMAIL PROTECTED] To unsubscribe, mailto:[EMAIL PROTECTED] or ask the moderator for assistance at mailto:[EMAIL PROTECTED]. __ End of Online Europe Digest --- end forwarded text - Robert A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Paul Brown on Solitiare randomness flaw?
Perry writes: I have my doubts about the reality of this description -- the entire stego description seems like fantasy, especially given the low bandwidths available into many countries, and the obviousness of the whole thing... I think that you misunderstand the purpose of the stego, and overestimate the amount of message data that has to be hidden. Because of PGP compression, a typical daily encrypted digest is only 5 to 20 Kbytes. This can be hidden within a 20 to 160 Kbyte image file. Sure, it degrades the image quality, but the only purpose of the stego is to make automatic identification of encrypted messages impractical. PGP encryption of the digest and of individual messages provides the actual message security. And, of course, in some countries, we don't have to stego the encrypted digests at all. Many NGOs working in rural parts of Africa and Asia use packet email provided by a constellation of small-aperture Japanese satellites. These circle the earth several times a day, and transfer as much as several MB of mail at each contact. We are charged by the kB, but it still ends up being relatively inexpensive. Companies like Compuserve also have a pretty thorough network of POPs, accessable from almost any medium to large African or Asian city at speeds from 9.6 to 56Kb/s. Much of this traffic is monitored, but the local LEOs only have the resources to pick out obvious messages. Don't forget that our threat model is not the NSA or GCHQ, but organisations like the Iranian and Rwandan intelligence services. Our work is well regarded in our host countries, so we don't have to hassle with more sophisticated Western LEOs. Given that, this mix of off-the-shelf software, Perl code, and small US and European mail servers is very effective.
Re: Paul Brown on Solitiare randomness flaw?
On Mon, 6 Sep 1999, Arnold Reinhold wrote: If a field worker might have access to a computer in country but would not be in a position to use PGP, I'd suggest CipherSaber, which is based on RC4 and is simple enough to program from memory (see http://ciphersaber.gurus.com). Almost all PCs come with Qbasic built in or on the CD-ROM. I haven't tried it, but CipherSaber should fit easily into most of the newer graphing calculators (The $200 TI-92+ even has a qwerty keyboard. See http://www.ti.com/calc). Yeah, I have no doubt that RC4 could be implemented quite easily on TI calculators (certainly on the 85, 86, 92 and 89 .. and probably on the 82 and 83 as well .. though I haven't programmed them). I did MD5 on my 92 awhile back. A couple of points in making an actual crypto application on the TI (as opposed to just doing an algorithm): Transferring ciphertext from the TI to a computer would require a utility on the computer to wrap up the ciphertext to make it look like a list to the TI. Then the TI can do nice, easy subscripting to access the list. A table might be needed to display the plaintext, since I don't know if they use ASCII. On the 89 and 92, things will be easier. They use ASCII, and have lots of nice internal display features to do paging and stuff. Unfortunately, I've found documentation on the internal data formats to be a bit lacking. I wrote utilities awhile back to convert to/from TI 92 bitmaps to UNIX raw PBM's.. I found dox on the graphics format which work, but don't include info on how the supposed-checksum is performed (not that having it wrong makes a difference).. and the text-file description that I found is all wrong.. so writing a utility to convert the ciphertext to a list might be problematic. Michael J. Graffam ([EMAIL PROTECTED]) "Our merchants and master-manufacturers complain much of the bad effects of high wages in raising the price, and thereby lessening the sale of their goods both at home and abroad. They say nothing concerning the bad effects of high profits. They are silent with regard to the pernicious effects of their own gains." - Adam Smith, Wealth of Nations, Book I Chap. IX.