Re: Next-Generation Encryption Algorithm "Camellia"
David Honig wrote: > > At 01:27 AM 4/4/00 PDT, nobuki nakatuji wrote: > >[No real details seem to be available on the cipher. The illustrations > >seem to show a fairly standard Feistel style arrangement. --Perry] > > They claim Camellia (love that name; someone should do a > 'Monica' cipher) takes 10K gates. This > is about twice what DES (using half the block size) requires. No doubt > they have kept the small S boxes and used simple key schedule typical of > hardware-optimized ciphers like DES. Will > be interesting to see how they retained security in the face > of such frugality. Actually, to pick nits, DES requires less than 2800 gates. -- remove "no_spam_" from Reply-to address
Re: injunction issued against cphack
"Steven M. Bellovin" wrote: > > The AP reports that a U.S. judge has issued an injunction against the > Canadian and Swedish authors of cphack, the program that unlocks and > displays the blocked site list from CyberPatrol. The order extends to > distribution by others as well, including -- according to the plaintiff's > attorney -- all mirror sites. > > Even without questions of the reach of U.S. law, this is a preposterous > ruling. If you add them in, it's insane. Right up there with a grade school class voting on the sex of a hamster, then being surprised by little boy hampsters having babies. (Hey, it ain't Shakespeare, but it has a certain democratic flavor to it.) I've seen conflicting reports on who the injunction affects. Is this a bit of FUD on the part of the attorney, or perhaps a misquote? I was also under the impression you had to be named in an injunction to be bound by it. http://www.wired.com/news/politics/0,1283,35038,00.html -- remove "no_spam_" from Reply-to address
New York teen-ager win $100,000 with encryption research (3/14/2000)
http://www.sjmercury.com/svtech/news/breaking/merc/docs/013955.htm
Re: How old is TEMPEST? (was Re: New Encryption Regulations have
Antonomasia wrote: > > "Arnold G. Reinhold" <[EMAIL PROTECTED]>: > > quoting David Kahn's "The Codebreakers" (1967): > > > "... the department budgeted $221,400 in 1964 for 650 KW-7's. ... The > > per-item cost of $4,500 may be due in part to refinements to prevent > > inductive or galvanic interaction between the key pulses and the > > plaintext pulses, which wire tappers could detect in the line pulse > > and use to break the unbreakable system through its back door. " > > Nah, I just think they were expensive. > > This would be the electro-mechanical equivalent of TEMPEST and > > suggests that NSA was well aware of the compromising potential of > > incidental emanations long before the computer communications era. > > This seems to refer to the problem of sending key and/or plaintext > alomg the communications channel intended to carry only ciphertext. > I seem to remember reading that this allowed allied reading of East German > cable messages tapped in the 1950s (operation Prince ? Karlshorst tunnel TEMPEST (NACSIM-5001) was intended to to prevent 'compromising emanations', including classified information leaking on encrypted links. This is the basic RED/BLACK separation. The rest is filtering, in general sufficient to meet FCC Part A. The KW-7/TSEC had an ancilliary interface unit that provided additional filtering, but I don't believe it was available in 1964. The biggest impact to low baud rate secure teletype systems was the the use of MIL STD 883B (low voltage, low current signalling roughly compatible with RS-232, although operating at +/- 6 Volts). Originally Teletypes used 60 milliamp current loops and mechanical relays. The result was enormous inductive spikes that could be detected at significant distances from the plaintext (RED) TTY. The current value was dropped to 20 MA. Eventually solid state relays were adopted based on cost. Another piece of equipment of the same era, the KG-13/TSEC (and various derivitives), had been modified by adding filtering modules and a 883B interface in a module on the back. There was a separated compartment for RED and BLACK interfaces, and the BLACK interface contained an AC power filter. For those who have subscribed to 'Electronics' or 'Signal' over the years, you may have noticed a general lack of advertisements for TEMPEST tested equipment. This is in part due to requirements for SCIFs and TEMPEST waivers for intelligence end users. TEMPTEST certifying is expensive, even more so than FCC/CDE, etc compliance testing, although roughly equivalent. The paper trail is probably reminiscient of aircraft parts. FIPS-140-1 is borrowed in part from the COMSEC audit for cryptographic systems. Throughout the history of COMSEC equipment, maintenance persons were forbidden the use of uncertified replacement parts, although from the mid '70s National Stocking Number parts in the Federal Supply System were crossed to unclassified components. Today, COMSEC equipment is all repaired at depots. I still have my DD-1435. -- remove "no_spam_" from Reply-to address
Re: World's fastest hardware encryption
Udhay Shankar N wrote: > > found on slashdot, where it was headlined "The first step to cypherspace > ?" > > http://www.sandia.gov/media/NewsRel/NR1999/encrypt.htm > > Sandia researchers develop world's fastest encryptor > > Soon will protect classified computer information > > ALBUQUERQUE, N.M. --The world's fastest encryption device, developed at > the Department of Energy's (DOE) Sandia National Laboratories, should > soon be protecting data being transmitted from supercomputers, > workstations, telephones and video terminals. It encrypts data at more > than 6.7 billion bits per second, 10 times faster than any other known > encryptor. > a superscalar implementation of DES (1 clock per round, 16 rounds of hardware) gives 6.7 Bps/64 bits per block or 104+ MHz clock. Should be able to do static key distribution accross the device, and 11 gate levels per round. That gives a number around 880 ps per gate with routing. Should be able to go 3 or 4 times faster. At least twice as fast with routing distances. You could also do a dual pipline... -- remove "no_spam_" from Reply-to address
Re: Congress, NSA butt heads over Echelon
Putrefied Cow wrote: > >However, NSA, the supersecret spy agency known best for its worldwide >eavesdropping capabilities, for the first time in the history of the >House Permanent Select Committee on Intelligence refused to hand over >documents on the Echelon program, claiming attorney/client privilege. > >Congress is "concerned about the privacy rights of American citizens and >whether or not there are constitutional safeguards being circumvented by >the manner in which the intelligence agencies are intercepting and/or >receiving international communications...from foreign nations that would >otherwise be prohibited by...the limitations on the collection of >domestic intelligence," Barr said. "This very straightforward >amendment...will help guarantee the privacy rights of American citizens >[and] will protect the oversight responsibilities of the Congress which >are now under assault" by the intelligence community. > > Copyright 1999 FCW Government Technology Group I've always found in somewhat refreshing to know that I am one of those endowed with the in-alienable right not to be spied on by the U.S. government. (Or do they have those insidious Canadians perform the dirty deed?) And what of those less fortunate than to be American? I seen to recall a Radio Communications Treaty of 1932 and the Radio Communications Act of 1934, forbidding such activity. Perhaps silence is assent... A libertarian or even a Jeffersonian would tell you that rights not derived from the State don't stop at national borders. A government that won't respect the wog's rights, won't respect the citizen's either. Mind you, while it is alright to kill civilians collaterally in Europe, it is considered bad taste to toast Branch Davidians in the U.S., at least as long as the 1st amendment to the Constitution stands. All this bespeaks a culture where it in the interests of 'national security' to classify as Top Secret that there is cannibalism going on in North Korea. Must be a good excuse to prop up another oppressive government or something. P.S. - there should be no space character between butt and heads in the subject line.
Re: Intel announcements at RSA '99
David Honig wrote: > At 08:56 PM 1/20/99 +, Ben Laurie wrote: > >Steve Bellovin wrote: > >> > >> Intel has announced a number of interesting things at the RSA conference. > >> The most important, to me, is the inclusion of a hardware random number > >> generator (based on thermal noise) in the Pentium III instruction set. > >> They also announced hardware support for IPSEC. > > > >An interesting question (for me, at least) is: how will I know that the > >hardware RNG is really producing stuff based on thermal noise, and not, > >say, on the serial number, some secret known to Intel, and a PRNG? > > > > You would have to reverse engineer random samples of the chip to gain > *some* confidence. Intel could make this easier by providing > their "source" and tool flow, from specs to a HDL to synthesis to layout. > > There are, I am told, commercial firms who will give you a netlist given > *only* a sample chip and lots of money. > > And there's of course Ross Anderson and Marcus Kuhn and their > chip-stripping labs.. > Intel is one manufacturer of the COMSEC module in the STU's. They also manufacture(d) a random noise module used in them. It says they have the expertise.
Re: What was the quid pro quo for Wassenaar countries?
John Gilmore wrote: > >> PS: I particularly like Ambassador Aaron's characterization that > this new development will help US industry, by censoring foreign crypto > publishers in the same way the US government censors US publishers. > A giant step forward for freedom and commerce everywhere, eh Mr. Aaron? > What an incredibly talented liar, I mean diplomat, he is. A glorious anouncement! The chocolate ration has been raised to 20 grams today, from 24 grams! (for those of you who thought it would never get here)