Re: NONSTOP Crypto Query
On Fri, 12 Jan 2001, John Young wrote: >Wright also describes the use of supersensitive microphones >to pick up the daily setting of rotors on cryptomachines of the >time, in particular the Hagelins made by CryptoAG. Hmmm. That sounds like a trick that could be brought up to date. If you get two sensitive microphones in a room, you should be able to do interferometry to get the exact locations on a keyboard of keystrokes from the sound of someone typing. I guess three would be better, but with some reasonable assumptions about keys being coplanar or on a surface of known curvature, two would do it. Interesting possibilities. Bear [A quick contemplation of the wavelength of the sounds in question would put an end to that speculation I suspect. --Perry]
Re: NONSTOP Crypto Query
In message <[EMAIL PROTECTED]>, John Young write s: > >This loops back to NONSTOP and the question of what may >be the signatures and compromising emanations of today's >cryptosystems which reveal information in ways that go beyond >known sniffers -- indeed, that known sniffers may divertingly >camouflage. Again going back to "Spycatcher", Wright described a number of other emissions. For example, voices in a room could modulate the current flow through a telephone's ringer. (This was, of course, back in the days of electromagnet-actuated ringers...) One can also find signals corresponding to the plaintext superimposed on the output waveform of the ciphertext, and possibly see coupling to the power supply. (One of the rules I've read: "Step 1: Look for the plaintext".) I've seen brochures for high-grade encryptors that speak of "red-black separation" and separate power supplies for the two halves. --Steve Bellovin, http:/www.research.att.com/~smb
Re: Historical PKI resources
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 (If you ask me, veering off into unsolicited advertisements for unrelated ANSI standards isn't actually on-topic, but there are other posts so I'll assume Perry will let this through... I'm making historical comments so this is grist for the original query.) At 08:39 PM 1/8/01 -0500, Rich Salz wrote: >The adoption by X.509 for use as authentication in X.500 got us common >technology, and is probably the only reason anyone will ever have to >learn >ASN.1 and DER. :) Some of us learned ASN.1 and DER because of The Great ISO Scare of the 80's. That gave us a disfunctional protocol stack, which included disfunctional file transfer (FTAM), virtual terminal (VT), and email (X.400). Other than the pollution of the Microsoft email gene pool (Exchange has X.400 code in it's belly, something about ancestors frome one's past one should be ashamed of...) there was little real X.400 usage, but that and a small amount of FTAM were the only 'real' reasons some of us learned ASN.1. It was appalling to see that SNMP, and later PKIX, decided to adopt this bad idea from the past. X.500 was the directory scheme for X.400, as was DAP, so seing it recast itself as LDAP wasn't to nice either. >The old IETF PEM project gave us "---BEGIN" lines :) and showed >empirically >that global X.500 deployment is a non-starter. Or, it showed that you can have disfunctional standards activities inside the IETF. Both are probably true. PEM also gave us BASE 64. So there's TWO things it did reasonably. > RSA's version, which >became >the IETF's S/MIME showed how to do it practically. Practically? You're joking, right? -BEGIN PGP SIGNATURE- Version: PGP 7.0 iQA/AwUBOl9JFj/0TyQ4fTjtEQLMFQCeJ8QEtEDVJV8hSsPuJu9k1IX1iT4AoKA0 nVA+b/Gn+LJM87vh05yVm/74 =rNUs -END PGP SIGNATURE-
NONSTOP Crypto Query
One of the Tempest FOIA docs NSA released recently concerns NONSTOP, a term whose definition is classified as SECRET. About half of the document, NACSEM 5112, "NONSTOP Evaluation Techniques," has been redacted, and we'll publish it soon. >From the clear text, NONSTOP appears to refer to protection against compromising emanations of cryptographic systems, and maybe in particular radio crypto systems. Another document refers to NONSTOP testing and protection being especially needed on vehicles, planes and ships. We've been unable to retrieve more than a few words from the redacted portions (by use of xerography to reveal text below the overwrites), and would appreciate any leads on what NONSTOP means. Joel McNamara has been searching for NONSTOP info for some time: http://eskimo.com/~joelm/tempest.html We would also like to learn more about covert surveillance by "resonance" technology. Peter Wright, in Spycatcher, provides most interesting anecdotes about this. He writes of remotely "radiating" specially-designed objects in a space to pick up signals, and tells of several covert operations in which MI5 used this method. Wright also describes the use of supersensitive microphones to pick up the daily setting of rotors on cryptomachines of the time, in particular the Hagelins made by CryptoAG. This loops back to NONSTOP and the question of what may be the signatures and compromising emanations of today's cryptosystems which reveal information in ways that go beyond known sniffers -- indeed, that known sniffers may divertingly camouflage. Along this line I mention for the nth time that the National Academy of Science 1996 CRYPTO report, which advocated loosening crypto controls, also recommended increased funding for other surveillance technologies that have never been identified, although Carnivore may be one such, along with keyboard sniffers and who knows what else that has been passed to domestic law enforcement by the intelligence agencies to crack crypto protection.
Election Technology Expo -- Jan 16, 2001
[Perry -- this may interest cryptography] List: The Expo was announced right before Christmas by the SoS and The Bell immediately announced it in the website www.thebell.net and in the December edition. In case you missed it, the Expo is next week. The California Secretary of State is sponsoring the Election Technology Expo. The Expo will be at the Hyatt Regency in Sacramento, January 16, from 9:00 to 3:00. It opens at 8:00 for registration. There will be also a series of panels in the morning. For information, contact Bruce McDannold <[EMAIL PROTECTED]> Cheers, Ed Gerck
DoJ cybercrime manual covers PDAs, encryption, secret searches
*** See: http://www.cybercrime.gov/searchmanual.htm *** http://www.wired.com/news/politics/0,1283,41133,00.html The Feds'll Come A-Snoopin' by Declan McCullagh ([EMAIL PROTECTED]) 2:00 a.m. Jan. 12, 2001 PST WASHINGTON -- Ever wonder how much leeway federal agents have when snooping through your e-mail or computer files? The short answer: a lot. The U.S. Department of Justice this week published new guidelines for police and prosecutors in cases involving computer crimes. The 500 KB document includes a bevy of recent court cases and covers new topics such as encryption, PDAs and secret searches. It updates a 1994 manual, which the Electronic Privacy Information Center had to file a Freedom of Information Act request to obtain. No need to take such drastic steps this time: The Justice Department has placed the report on its cybercrime.gov site. [...] SECRET SEARCHES: Call it the latest trend in law enforcement: Surreptitious breaking-and-entering of homes and offices. In one recent secret-search case related to computers, the feds sneaked into the office of Nicodemo S. Scarfo, the son of Philadelphia's former mob boss, who allegedly ran a loan shark operation in north New Jersey. Once there, they secretly installed software to sniff Scarfo's PGP passphrase so they could decrypt his communications. Civil libertarians argue secret searches are unconstitutional. "Sneak-and-peek searches may prove useful in searches for intangible computer data. For example, agents executing a sneak-and-peek warrant to search a computer may be able to enter a business after hours, search the computer, and then exit the business without leaving any sign that the search occurred," the Justice Department says. The DOJ argues that secret searches are permissible, despite rule 41(d) of the Federal Rules of Criminal Procedure, which requires agents to notify the person whose home or office has been broken into. But the document admits that courts have "struggled" to reconcile this idea with the U.S. Constitution's privacy guarantees. To clear up any doubt, in mid-1999 the Justice Department proposed legislation that would let police obtain surreptitious warrants and "postpone" notifying the person whose property they entered for 30 days. After vocal objections from civil liberties groups, the administration backed away from the controversial bill. In the final draft of the Cyberspace Electronic Security Act submitted to Congress, the secret-search portions had disappeared. [...] ENCRYPTION: The manual doesn't address whether a criminal defendant can be compelled to give up his passphrase to allow prosecutors to decrypt his files. But it does give one good reason to use useful software like PGPdisk (available for free at pgpi.com) that can create an encrypted hard drive partition that requires a passphrase to access. Under current law, anyone with access to the computer you use -- including your spouse -- can allow the feds to search it without a warrant. (Unless your files are stored on a remote computer on a network, in which case it gets more complicated.) But if your files are encrypted, you might be better off. "It appears likely that encryption and password-protection would in most cases indicate the absence of common authority to consent to a search among co-users who do not know the password or possess the encryption key," the Justice Department says. [...]
