Unconditional security

[Perry E. Metzger]

John Young asks:

Smith stated: "A cipher is Unconditionally Secure (US)
if no matter how much ciphertext is intercepted, there
is not enough information in the ciphertext to
determine the plaintext uniquely."

No examples for this strength were given, and it was
not clear from Smith's presentation whether there is
such a cipher or the category was only provided
as a theoretical premise.

Question: is there a cipher that is Unconditionally
Secure?

Yes. A one-time pad based cipher has precisely this property. They are
also, however, unpleasant to use.

Keep in mind that as soon as you use anything but a perfectly random
keystream that is only employed once, it is no longer a one-time
pad. "Pseudo" one time pads are not even remotely unconditionally
secure. At best they are simply stream ciphers of ordinary
security. Frequently, "pseudo" one time pad schemes are totally
worthless.

--
Perry E. Metzger[EMAIL PROTECTED]
--
Quality NetBSD CDs, Support & Service. http://www.wasabisystems.com/

Re: copy protection

[Perry E. Metzger]

Paul Crowley <[EMAIL PROTECTED]> writes:
> "Trivial" is overstating it, I think.  I've seen dongle-based license
> code designed such that if you tried modifying the code to skip the
> dongle check, the program's pointer arithmetic would go screwy and it
> would crash in horrible ways.  It was a damn clever design, which I
> can't say much about here except that it depended on a fairly detailed 
> understanding of the innards of several parts of a large and complex
> program, and so making the appropriate fix would be a sizeable job for 
> a very skilled and patient hacker; for example, it did not depend on 
> branches that were only taken when the dongle was absent.
> 
> Of course, it could be cracked, but it wouldn't have been trivial.

I find that very hard to believe. At some point, you can (at worst)
simulate the returns of the routine that examines the dongle.

Even assuming they've done something really clever, though, once
cracked, it is cracked for all time. Building a tool to get around the
"clever copy protection" in an automatic way for programs using said
"clever copy protection" then becomes feasible, indeed, inevitable.

Almost all copy protection schemes are, in the end, snake oil. You
cannot prevent people from eventually cracking around them.

Manufacturers spend huge amounts of time fretting over finding ways to
annoy their customers, when (IMHO) lost revenue due to piracy is not
significantly reduced by copy protection. Their legitimate customers,
however, are often significantly hurt by the schemes.

Ah well. Another good argument for the open source model.


Perry
--
Perry E. Metzger[EMAIL PROTECTED]
--
Quality NetBSD CDs, Support & Service. http://www.wasabisystems.com/

copy protection

[Perry E. Metzger]

David Honig <[EMAIL PROTECTED]> writes:
> Just a historical anecdote.  Back in the old days, software
> could be linked to the unique ID on Sun motherboards.  To move
> software to a new machine, you called and maybe faxed something
> signed (with a pen) to the effect that you weren't ripping them off.
> 
> This was before the software-based floating licenses became 
> popular.

At a large firm I worked at, we wrote a kernel mod for SunOS that lied
to the executables about what the system ID was. We did not steal
licenses, mind you -- we did this because we would often have systems
crash in the middle of the night and need to move the executables to
another system, and the folks at the software company would not be in
their office to give us license keys until morning.

Getting around the license stuff will always be trivial, however, in
spite of the pipe dreams of fools. If the software can be read by the
user's computer, it can be copied. If it can be copied, automated
tools will be developed to permit it.

Fake "cryptography", hardware "keys", hardware modifications and all
the other garbage people try are at best ways to slow down duplication
and to annoy legitimate users. None of it works in the end. The sick
thing is, all of it has been tried before, over and over, and yet new
companies constantly appear promising new holy grails for the copy
protection crowd.

Perry

ADMIN: List Moving

[Perry E. Metzger]

The cryptography list will be moving in the next few days from c2.net
to a server I control elsewhere. "Stay tuned."

Perry

[Hugo Krawczyk ] Re: I-D ACTION:draft-krovetz-umac-01.txt

[Perry E. Metzger]

-- 
--- Start of forwarded message ---
Date: Thu, 26 Oct 2000 17:53:34 +0200 (IST)
From: Hugo Krawczyk <[EMAIL PROTECTED]>
To: ipsec list <[EMAIL PROTECTED]>,
TLS list <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: I-D ACTION:draft-krovetz-umac-01.txt

As recently announced, the draft draft-krovetz-umac-01.txt is available 
from the Internet-Drafts directory.
This document contains a full specification of the "UMAC" 
Message Authentication Code (i.e a function that provides data 
integrity verification for entities that share a key).
This is the result of a three-year project involving several researchers.  
A paper describing the mathematical foundations of the algorithm 
was published more than a year ago in CRYPTO '99 [1].

UMAC was designed to provide strong authenticity guarantees while 
being flexible, provably secure, and **as fast as possible** on modern 
(and emerging) processors.  Experiments show that UMAC achieves 
software speeds that are many times the speed of HMAC-SHA1.  
A quite unique feature of UMAC is that it lets you easily trade performance
and security: from weak authentication against Denial of Service at 
GigaByte/second to the strongest authentication for the real paranoids 
at 100's of MegaBytes/second.

For the most speed-demanding applications, as they emerge, I believe 
that UMAC provides a solution that is superior to current algorithms 
based on cryptographic hash functions (e.g. HMAC) or block ciphers 
(e.g. CBC-MAC).

See the the UMAC homepage,  http://www.cs.ucdavis.edu/~rogaway/umac,  
for additional information, including some performance details. 

Hugo

PS: A word about UMAC's security. 
 UMAC's security analysis is based on two factors:
   1) The 20-year old methodology (due to Carter and Wegman) for 
  building MAC functions on the basis of universal hashing.
   2) The availability of a strong cipher (e.g. AES).
 The result of this analysis is that the only way that the proven 
 security bounds for UMAC could fail is by breaking the underlying
 cipher (say Rijndael).  As long as this cipher is unbroken so is UMAC.  
 In this sense, UMAC does not need to be subject to cryptanalytical
 scrutiny before it can be used; you just need to believe that the
 underlying block cipher is secure.
 (See more information in [1] and in the draft's Security Considerations)

[1]  J. Black, S. Halevi, H. Krawczyk, T. Krovetz, and P. Rogaway. 
"UMAC: Fast and secure message authentication".   Advances in 
Cryptology - CRYPTO '99.  Lecture Notes in Computer Science, 
vol. 1666, Springer-Verlag, 1999, pp. 216-233.




--- End of forwarded message ---

[Internet-Drafts@ietf.org] I-D ACTION:draft-krovetz-umac-01.txt

[Perry E. Metzger]

--- Start of forwarded message ---
To: IETF-Announce: ;
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED]
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: I-D ACTION:draft-krovetz-umac-01.txt
Date: Wed, 25 Oct 2000 06:16:02 -0400

--NextPart

A New Internet-Draft is available from the on-line Internet-Drafts directories.


Title   : UMAC: Message Authentication Code using Universal 
   Hashing
Author(s)   : T. Krovetz et al.
Filename: draft-krovetz-umac-01.txt
Pages   : 39
Date: 24-Oct-00

This specification describes how to generate an authentication tag
(also called a 'MAC') using the UMAC message authentication code.
UMAC is designed to be very fast to compute, in software, on
contemporary processors.  Measured speeds are as low as 1.0 cycles
per byte.  The heart of UMAC is a universal hash function, UHASH,
which relies on addition and multiplication of 16-bit, 32-bit, or
64-bit numbers, operations well-supported by contemporary machines.
To generate the authentication tag on a given message, UHASH is
applied to the message and key to produce a short, fixed-length, hash
value, and this hash value is then XOR-ed with a key-derived
pseudorandom pad.  UMAC enjoys a rigorous security analysis and its
only 'cryptographic' use is a block cipher, AES, to generate the
pseudorandom pads and internal key material.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-krovetz-umac-01.txt

Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
"get draft-krovetz-umac-01.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


Internet-Drafts can also be obtained by e-mail.

Send a message to:
[EMAIL PROTECTED]
In the body type:
"FILE /internet-drafts/draft-krovetz-umac-01.txt".

NOTE:   The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility.  To use this
feature, insert the command "ENCODING mime" before the "FILE"
command.  To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader.  Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.


Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"

--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="[EMAIL PROTECTED]"

Content-Type: text/plain
Content-ID: <[EMAIL PROTECTED]>

ENCODING mime
FILE /internet-drafts/draft-krovetz-umac-01.txt

--OtherAccess
Content-Type: Message/External-body;
name="draft-krovetz-umac-01.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"

Content-Type: text/plain
Content-ID: <[EMAIL PROTECTED]>

--OtherAccess--

--NextPart--




--- End of forwarded message ---

AES selection info up on NIST page

[Perry E. Metzger]

Full info on the Rijndael selection is up on:

http://csrc.nist.gov/encryption/aes/

--
Perry E. Metzger[EMAIL PROTECTED]
--
Quality NetBSD Sales, Support & Service. http://www.wasabisystems.com/

Rijndael wins

[Perry E. Metzger]

I was unable to get in on the webcast, but third parties inform me the
winner was Rijndael (pronounced like "rhine dahl" for ignorant English
speakers.)

--
Perry E. Metzger[EMAIL PROTECTED]
--
Quality NetBSD Sales, Support & Service. http://www.wasabisystems.com/

Bletchley Park had ten Colossi in 1944

[Perry E. Metzger]

The British government is going to release a report on the "Colossus"
machines built at Bletchley Park, after 55 years of silence. It turns
out that they had ten of the things, and they were used to break
German codes used for communication between Berlin and military
commands. Really interesting stuff -- I hope the final report gets put
online when it becomes available because it is going to be neat
reading.

http://www.telegraph.co.uk:80/et?ac=003549412141223&rtmo=VP4uZ5Zx&atmo=tttd&pg=/et/00/9/7/ecfcol07.html

--
Perry E. Metzger[EMAIL PROTECTED]
--
Quality NetBSD Sales, Support & Service. http://www.wasabisystems.com/

RSA Patent gone two weeks early

[Perry E. Metzger]

RSA Security has released the RSA patent into the public domain two
weeks early, apparently in a successful attempt to generate publicity.

http://www.rsasecurity.com/news/pr/000906-1.html

They're also giving away neat RSA algorithm T-Shirts and have a FAQ
about the patent expiry.

http://www.rsasecurity.com/developers/total-solution/

--
Perry E. Metzger[EMAIL PROTECTED]
--
Quality NetBSD Sales, Support & Service. http://www.wasabisystems.com/

from IP: Major University to Be Asked to Review F.B.I.'s 'Carnivore'

[Perry E. Metzger]

--- Start of forwarded message ---
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: Major University to Be Asked to Review F.B.I.'s 'Carnivore'

Major University to Be Asked to Review F.B.I.'s 'Carnivore'

By DAVID STOUT

WASHINGTON, Aug. 10 -- The Justice Department will ask a major university 
to review a government e-mail surveillance program that is seen as both a 
great boon to law enforcement and a serious threat to the people's privacy.

Attorney General Janet Reno said the program, used by the Federal Bureau of 
Investigation and dubbed "Carnivore" because it can quickly gobble up and 
digest huge quantities of e-mail messages, will be studied in depth, and 
that the university's recommendations will be shared with the public.

http://www.nytimes.com/yr/mo/day/late/10cnd-carnivore.html

[be real interesting to see how ong the study takes dkf]



--- End of forwarded message ---

FBI involves itself in Verio merger

[Perry E. Metzger]

>From IP

-- 
Perry E. Metzger[EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."
--- Start of forwarded message ---
Date: Thu, 06 Jul 2000 15:43:03 -0400
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: Important Security Update?

>
>Date: Thu, 6 Jul 2000 13:36:32 -0400
>To: [EMAIL PROTECTED]
>From: Charles Brownstein <[EMAIL PROTECTED]>
>
>from http://www.internetnews.com/isp-news/article/0,2171,8_409201,00.html
>
>InternetNews - ISP News
>
>July 6, 2000 InternetNews - ISP News Archives
>
>
>FBI to Scrutinize NTT-Verio By the InternetNews.com Staff
>
>Tokyo-based Verio Inc. is being scrutinized by the Federal Bureau of 
>Investigation.
>
>According to the Wall Street Journal, the FBI Thursday raised national 
>security concerns about the Japanese company's attempt to acquire the U.S. 
>Internet service provider.
>
>The FBI registered concerns with the Treasury Department about NTT's 
>(NYSE:NTT) planned purchase of Verio (NASDAQ:VRIO) because agency is 
>concerned that foreign ownership of Verio would inhibit its ability to 
>maintain surveillance over its telecommunications network.
>
>NTT posted a $5.5 billion offer for Verio in May to acquire the final 90 
>percent of Verio it did not already own. Verio provides Web hosting and 
>network services for about 20 percent of the Fortune 500 companies in the 
>world.
>
>The FBI contents that in order to protect U.S. facilities, it must be 
>assured that only U.S.-owned companies can be used to handle domestic 
>Internet traffic. In the past, the FBI has also insisted that the 
>companies employ U.S. citizens to handle potential wiretapping activities.
>
>NTT announced Friday that the Treasury Department's Committee on Foreign 
>Investment in the U.S. would conduct a 45-day review of the planned merger.



--- End of forwarded message ---

Easy Listening (for Big Brother)

[Perry E. Metzger]

Forwarded from Interesting People

-- 
Perry E. Metzger[EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."
--- Start of forwarded message ---
Date: Mon, 12 Jun 2000 17:12:26 -0700
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: Easy Listening (for Big Brother)


>Date: Mon, 12 Jun 2000 18:06:48 -0600
>To: Dave Farber <[EMAIL PROTECTED]>
>From: Brett Glass <[EMAIL PROTECTED]>
>Subject: Easy Listening (for Big Brother)
>
>EDITORIAL: The opinion of the Mercury News
>
>EASY LISTENING: Government must rewrite cell phone eavesdropping rules to 
>provide judicial oversight and incorporate privacy concerns
>
>SIX years ago, Congress approved a bill to help law enforcement keep pace 
>with the digital world. The purpose was straightforward: Make sure that 
>the FBI and police hold onto the same kind of wiretapping capabilities 
>they had before cellular phones complicated electronic surveillance.
>
>Skip ahead to this month.
>
>Within weeks, the government will have new powers to eavesdrop on you that 
>go beyond maintaining the status quo. That's when the first set of 
>defective rules crafted by the Federal Communications Commission is 
>scheduled to be implemented. Others take effect next year.
>
>The rules need to be revised. If not, law enforcement agencies will be 
>able to follow and monitor cellular phone users in ways that Congress 
>never envisioned. Here's one example: Investigators will be able to track 
>the physical locations of cellular phone users, pinpointing your 
>whereabouts at the beginning and end of every call. In essence, wireless 
>phone systems will be transformed into giant tracking networks
>
>http://www.mercurycenter.com/premium/opinion/edit/CELLPHONES.htm
>



--- End of forwarded message ---

Re: legal status of digital signatures

[Perry E. Metzger]

Steve Bellovin <[EMAIL PROTECTED]> writes:

> According to the AP, U.S. House and Senate negotiators have reached a 
> compromise on legislation that will set national standards for digital 
> signatures and the like.  Details are in
> 
>http://www.nandotimes.com/no_frames/technology/story/0,4500,500213819-500301920-501670828-0,00.html

By the way, I Am Not A Lawyer, but digital signatures are certainly
legally binding already under the common law for anything that isn't
covered by the Statute of Frauds, and it isn't even clear that
anything but the simplest legislation would be needed to deal with
eliminating the ambiguity in situations that are covered by the
Statute of Frauds.

It would be interesting if one of our lawyers who subscribe to the
list could comment on this.


Perry

Voting systems

[Perry E. Metzger]

r in spite of substantial time, effort
and hardship involved in getting to polling places.

In general, the reason for low turnout in the U.S. has nothing to do
with inconvenience. It is far more convenient to vote here than almost
anywhere else I've heard of. The reason is that people are unmotivated
to vote, often because of horribly bad candidates with
indistinguishable positions. If people aren't motivated to vote, they
won't bother to regardless of the impediments, and making elections
electronic will not fix that.

-- 
Perry E. Metzger[EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

IP: FBI insists it can tap e-mail without a warrant

[Perry E. Metzger]

>From Interesting People...

--- Start of forwarded message ---
Date: Wed, 17 May 2000 18:15:49 -0700
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: FBI insists it can tap e-mail without a warrant


>
>Date: Wed, 17 May 2000 19:13:09 -0600
>To: Dave Farber <[EMAIL PROTECTED]>
>From: Brett Glass <[EMAIL PROTECTED]>
>Subject: For IP: FBI insists it can tap e-mail without a warrant
>
>Feds: No warrants for Net wiretaps
>By Mike Brunker, MSNBC
>May 17, 2000 7:20 AM PT
>
>URL: 
>http://www.zdnet.com/zdnn/stories/news/0,4586,2570897,00.html?chkpt=zdhpnews01
>
>In a case with broad implications for communications technology, lawyers 
>for the Justice Department and a coalition of telecommunications and 
>privacy groups square off in federal court Wednesday to argue whether the 
>FBI should be allowed to intercept Internet communications and pinpoint 
>the locations of cellular phone users without first obtaining a search warrant.
>
>At issue in the proceedings before the U.S. Court of Appeals in Washington 
>are rules issued last year by the Federal Communication Commission 
>spelling out how telecommunications providers will be required to comply 
>with the Communications Assistance for Law Enforcement Act (CALEA), passed 
>by Congress in 1994.
>
>Among other things, the act requires telecommunications equipment 
>manufacturers and service providers to build into their systems the 
>capability for surveillance of telephone line and cellular communications, 
>as well as of services such as advanced paging, specialized mobile radio 
>and satellite-based systems.
>
>After telecommunications providers were unable to reach agreement with FBI 
>officials on how to implement the monitoring capabilities, the FCC adopted 
>rules that in several areas went beyond the CALEA language - including a 
>requirement that cellular phones be traceable and that information on any 
>digits dialed after a call is connected, which could include such things 
>as account or credit-card numbers or call-forwarding instructions, must be 
>provided.
>
>Warrant not required
>
>As interpreted by the FCC, the act also would require telecommunications 
>providers to turn over "packet-mode communications" - such as those that 
>carry Internet traffic - without the warrant required for a phone wiretap.
>
>Taken in total, the FCC rules amount to a "significant expansion" of law 
>enforcement's ability to monitor private communication, said Jim Dempsey, 
>senior staff counsel for the Center for Democracy and Technology.
>
>"We're arguing that given the constitutional right to privacy, and given 
>Congress' concern about protecting that privacy that it was wrong for the 
>FCC to broadly interpret this statute to give more surveillance powers to 
>law enforcement," he said.
>
>...
>
>
>"Rules? This is the Internet." -- Dan Gillmor
>



--- End of forwarded message ---

from IP: Sunday Times (London) 30th April: "MI5 builds new centre to read e-mails on the net"

[Perry E. Metzger]

Forwarded from "Interesting People"

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."
--- Start of forwarded message ---
Date: Sun, 30 Apr 2000 07:34:03 -0700
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: Sunday Times (London) 30th April: "MI5 builds new centre to
  read e-mails on the net"


>From: "Caspar Bowden" <[EMAIL PROTECTED]>
>
>
>http://www.sunday-times.co.uk/news/pages/sti/2000/04/30/stinwenws01034.html
>MI5 builds new centre to read e-mails on the net
>
>Nicholas Rufford
>
>MI5 is building a new =A325m e-mail surveillance centre that will have the
>power to monitor all e-mails and internet messages sent and received in
>Britain. The government is to require internet service providers, such as
>Freeserve and AOL, to have "hardwire" links to the new computer facility so
>that messages can be traced across the internet.
>
>The security service and the police will still need Home Office permission
>to search for e-mails and internet traffic, but they can apply for general
>warrants that would enable them to intercept communications for a company=
 or
>an organisation.
>
>The new computer centre, codenamed GTAC - government technical assistance
>centre - which will be up and running by the end of the year inside MI5's
>London headquarters, has provoked concern among civil liberties groups.
>"With this facility, the government can track every website that a person
>visits, without a warrant, giving rise to a culture of suspicion by
>association," said Caspar Bowden, director of the Foundation for=
 Information
>Policy Research.
>
>The government already has powers to tap phone lines linking computers, but
>the growth of the internet has made it impossible to read all material. By
>requiring service providers to install cables that will download material=
 to
>MI5, the government will have the technical capability to read everything
>that passes over the internet.
>
>Home Office officials say the centre is needed to tackle the use of the
>internet and mobile phone networks by terrorists and international crime
>gangs.Charles Clark, the minister in charge of the spy centre project, said
>it would allow police to keep pace with technology.
>
>"Hardly anyone was using the internet or mobile phones 15 years ago," a=
 Home
>Office source said. "Now criminals can communicate with each other by a=
 huge
>array of devices and channels and can encrypt their messages, putting them
>beyond the reach of conventional eavesdropping."
>
>There has been an explosion in the use of the internet for crime in Britain
>and across the world, leading to fears in western intelligence agencies=
 that
>they will soon be left behind as criminals abandon the telephone and resort
>to encrypted e-mails to run drug rings and illegal prostitution and
>immigration rackets.
>
>The new spy centre will decode messages that have been encrypted. Under new
>powers due to come into force this summer, police will be able to require
>individuals and companies to hand over computer "keys", special codes that
>unlock scrambled messages.
>
>There is controversy over how the costs of intercepting internet traffic
>should be shared between government and industry. Experts estimate that the
>cost to Britain's 400 service providers will be =A330m in the first year.
>Internet companies say that this is too expensive, especially as many are
>making losses.
>
>About 15m people in Britain have internet access. Legal experts have warned
>that many are unguarded in the messages they send or the material they
>download, believing that they are safe from prying eyes.
>
>"The arrival of this spy centre means that Big Brother is finally here,"
>said Norman Baker, Liberal Democrat MP for Lewes. "The balance between the
>state and individual privacy has swung too far in favour of the state."



--- End of forwarded message ---

From NewsScan: new EU export rules...

[Perry E. Metzger]

>From NewsScan Daily:

NEW EU ENCRYPTION EXPORT RULE LOOSER THAN U.S.
The European Union has agreed to relax the rules for exporting encryption
software, lifting almost all restrictions on encryption exports among the 15
EU countries and 10 other countries -- the U.S., Japan, Canada, Switzerland,
Australia, New Zealand, Norway, Czech Republic, Hungary and Poland -- which
together make up over 80% of the world market. The new EU rules eliminate
the need to secure approval from national licensing bodies and do away with
security checks for all encryption products with the exception of so-called
crypto-analytic tools, which can be used to test systems and crack codes.
Companies will need only to promise that the end user of the encryption
product is in one of the 25 countries approved. Exports to countries outside
that group will be subject to current restrictions. The move puts U.S.
encryption companies once again at a disadvantage, despite a liberalization
of export rules that took effect in January. And although U.S. companies are
likely to respond by pushing for further reforms, it's not likely that the
government will oblige. (Wall Street Journal 28 Apr 2000)
http://interactive.wsj.com/articles/SB956867771608897487.htm


-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

from Interesting People: Record encryption puzzle cracked -- finally

[Perry E. Metzger]

Anyone know anything about this?

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."
--- Start of forwarded message ---
Date: Mon, 17 Apr 2000 07:03:27 -0400
From: David Farber <[EMAIL PROTECTED]>
Subject: IP: Record encryption puzzle cracked -- finally

>From: [EMAIL PROTECTED]
>Date: Mon, 17 Apr 2000 06:58:52 EDT
>Subject: Check out ZDNet: News: Record encryption puzzle cracked -- finally
>To: [EMAIL PROTECTED]
>
>  http://www.zdnet.com/zdnn/stories/news/0,4586,2542359,00.html">Click
>  here: ZDNet: News: Record encryption puzzle cracked -- finally


Record encryption puzzle cracked -- finally

The broken encryption method is widely expected to secure 
next-generation wireless devices. But is the break such bad news?


By Robert Lemos, ZDNet News

UPDATED April 14, 2000 7:06 AM PT

An encryption method widely expected to secure next-generation 
wireless phones and other devices succumbed to a brute-force 
collaborative effort to break it, a French research agency announced 
Thursday.

An international team of researchers -- led by crypto researcher 
Robert Harley of the French National Institute for Research in 
Computer Science and Control, or INRIA -- and other computer 
enthusiasts found the 108-bit key to a scrambled message after four 
months of number crunching by 9,500 computers worldwide.




--- End of forwarded message ---

EPIC annual survey of international crypto policy is out

[Perry E. Metzger]

The EPIC annual survey of international crypto policy is out.

http://www2.epic.org/reports/crypto2000/

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

Article about TriStrata in Fortune

[Perry E. Metzger]

Some of you may remember a certain pseudo-OTP snake oil vendor called
TriStrata. This article in Fortune tells the story of their rise and
fall...

http://www.fortune.com/fortune/technology/2000/04/17/boo.html

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

New "Cybercrime.gov" site: Useful information or propaganda?

[Perry E. Metzger]

>From Dave Farber's Interesting People list...

--- Start of forwarded message ---
Date: Tue, 14 Mar 2000 14:03:10 -0500
Subject: IP: New "Cybercrime.gov" site: Useful information or propaganda?

>From: Brett Glass <[EMAIL PROTECTED]>
>
>Today, I scanned the US Government's newly-created "www.cybercrime.gov" 
>Web site, unveiled this week by Janet Reno. While I hoped that this would 
>be a useful resource for those seeking to learn about the issues and get 
>help with computer crime, I found to my disappointment that the majority 
>of the material posted there is political rather than technical and does 
>not provide balanced views of the issues.
>
>The site's advice for victims of computer crime, for example, boils down 
>almost entirely to three marginally helpful words: "Call the FBI." (Anyone 
>who has actually called a local FBI office and asked it to deal with 
>problems such as Internet intruders quickly learns that this is an 
>exercise in futility.) However, the site does contain lengthy arguments 
>for the regulation of cryptography, the expansion of police powers, and 
>the implementation of blocking technologies on the Internet. The pages at
>
>http://www.cybercrime.gov/crypto.html,
>
>which contain one-sided arguments against the availability of strong 
>encryption and contain serious technical errors (for example, the 
>difficulty of breaking encryption schemes such as single 56-bit DES is 
>grossly overstated), are typical.
>
>Links to the sites of groups with contrary views, such as EPIC and the 
>EFF, are notably absent.
>
>Who is behind the site? And why is the presentation so biased? The page at
>
>http://www.cybercrime.gov/ccips.html
>
>appears to hold the answer:
>
>"The Computer Crime and Intellectual Property Section ("CCIPS") attorney 
>staff consists of about two dozen lawyers who focus exclusively on the 
>issues raised by computer and intellectual property crime.  Section 
>attorneys advise federal prosecutors and law enforcement agents; comment 
>upon and propose legislation; coordinate international efforts to combat 
>computer crime; litigate cases; and train all law enforcement groups."
>
>Should our tax dollars be spent to create Web sites which promote 
>one-sided political agendas such as the ones outlined on this site?
>
>--Brett Glass
>



--- End of forwarded message ---

[Cryptome Daily ] Cryptome Daily 12 March 2000

[Perry E. Metzger]

--- Start of forwarded message ---
Date: Sun, 12 Mar 2000 20:14:25 -0500
To: Cryptome Daily <[EMAIL PROTECTED]>
From: Cryptome Daily <[EMAIL PROTECTED]>
Subject: Cryptome Daily 12 March 2000

Cryptome Daily - 12 March 2000

---

Attorney General Guidelines for FBI Foreign Intelligence 
Collection and Foreign Counterintelligence Investigations,
April 18, 1983

"These guidelines are established by the Attorney General 
to govern all foreign intelligence, foreign counterintelligence, 
foreign intelligence support activities, and intelligence 
investigations of international terrorism conducted by the FBI 
pursuant to Executive Order 12333. They also govern all FBI 
investigations of violations of the espionage statutes and 
certain FBI investigations requested, or FBI assistance to 
investigations conducted, by foreign governments."

  http://cryptome.org/fbi-guide.htm

This is the second of three documents regulating US Government
surveillance and investigation of U.S. persons obtained
by the National Security Archive and Jeffrey Richelson by 
FOIA request.

The first, listed here yesterday: 

NSA: "United States Signal Intelligence Directive 18."

  http://cryptome.org/nsa-ussid18.htm

The third is in preparation: "DoD 5240.1-R, Procedures Governing 
the Acitivities of DoD Intelligence Components that Affect 
United States Persons," December 1982.

---

OFFSITE

Former CIA Director Says US Economic Spying Targets "European 
Bribery", by Duncan Campbell, 12 March 2000

  http://www.heise.de/tp/deutsch/special/ech/6662/1.html

Campbell's report is based on full transcript of ex-CIA head
Woolsey's remarks:

  http://cryptome.org/echelon-cia.htm

---

Cryptome Daily by E-mail
Sub:   Blank e-mail to [EMAIL PROTECTED]
Unsub: Blank e-mail to [EMAIL PROTECTED]

http://cryptome.org

---


--- End of forwarded message ---

[Cryptome Daily ] Cryptome Daily 11 March 2000

[Perry E. Metzger]

FYI. I may ask jya to simply put "cryptography" on his mailing list if
the quality of these keeps being very good.

.pm

--- Start of forwarded message ---
Date: Sat, 11 Mar 2000 20:16:55 -0500
To: Cryptome Daily <[EMAIL PROTECTED]>
From: Cryptome Daily <[EMAIL PROTECTED]>
Subject: Cryptome Daily 11 March 2000

Cryptome Daily - 11 March 2000

---

NSA: US Signal Intelligence Directive 18, March 11, 2000

"LIMITATIONS AND PROCEDURES IN SIGNALS INTELLIGENCE
OPERATIONS OF THE USSS. 

This directive prescribes policies and procedures, and 
assigns responsibilities to ensure that the missions and 
functions of tne United States SIGINT System (USSS) are 
conducted in a manner that safeguards the constitutional 
rights and privacy of U.S. persons."

  http://cryptome.org/nsa-ussid18.htm

---

Cyber Patrol Censorware Reverse Engineered, March 11, 2000

"Several attacks are presented on the "sophisticated anti-hacker 
security" features of Cyber Patrol(R) 4, a "censorware" product 
intended to prevent users from accessing Internet content 
considered harmful. Motivations, tools, and methods are 
discussed for reverse engineering in general and reverse 
engineering of censorware in particular. The encryption of 
the configuration and data files is reversed, as are the 
password hash functions. File formats are documented, with 
commentary. Excerpts from the list of blocked sites are 
presented and commented upon. A package of source code and 
binaries implementing the attacks is included."

  http://cryptome.org/cybpat4-hack.htm

---

OFFSITE

DoJ Report: Unlawful Conduct on the Net, March 11, 2000

  http://www.usdoj.gov/criminal/cybercrime/unlawful.htm

---

Cryptome Daily by E-mail
Sub:   Blank e-mail to [EMAIL PROTECTED]
Unsub: Blank e-mail to [EMAIL PROTECTED]

http://cryptome.org

---


--- End of forwarded message ---

[Cryptome Daily ] Cryptome Daily 9-10 March 2000

[Perry E. Metzger]

Some interesting stuff in this one...

--- Start of forwarded message ---
Message-Id: <[EMAIL PROTECTED]>
Date: Fri, 10 Mar 2000 23:20:14 -0500
To: Cryptome Daily <[EMAIL PROTECTED]>
From: Cryptome Daily <[EMAIL PROTECTED]>
Subject: Cryptome Daily 9-10 March 2000

Cryptome Daily - 9/10 March 2000 (None 7/8 March)

---

U.S. Intelligence and Investigative Net Domains, March 10, 2000

"This presents a collection of records on military and government 
Net domains gathered today for U.S. intelligence and investigative 
agencies such as the Central Intelligence Agency, Federal Bureau 
of Investigation, Department of Justice, Treasury Department, U.S. 
Courts, National Security Agency, National Reconnaissance Office 
and Defense Intelligence Agency. This provides recent information 
on which agencies are using machine addresses that overtly identify 
the operative agency and which do not. For example, Cryptome has 
never logged a machine overtly named cia.gov, fbi.gov, nsa.gov, 
nsa.mil, nro.gov, nro.mil or dia.mil, though there are machines 
logged with host addresses traceable to most of those agencies. 
In contrast, some other governmental machines are overtly 
identifiable by their addresses."

  http://cryptome.org/usiid.htm

---

Bernstein Second Inquiry to BXA on Crypto Regs, March 10, 2000

  http://cryptome.org/bernstein-bxa2.htm

---

Alleged MI6 Officers in Qadahfi Murder Plot Revealed, March 10, 2000

"The report says that among British journalists in Lisbon there was 
a certain bad feeling towards Home Secretary Jack Straw because the 
British Official Secrets Act 'forbids them publishing the names of 
David Watson and Richard Bartlitt, alleged secret agents PT-16B and 
PT-16, from MI6, and probably responsible for the murder attempt on 
Gadafhy, revealed by interviews of David Shayler in Paris.' "

  http://cryptome.org/qadahfi-mi6.htm

---

Espionage and Secrecy News, March 10, 2000

  http://cryptome.org/esn031000.htm  

---

Orbit/FR Debarred for ITAR Violation, March 10, 2000

  http://cryptome.org/dos031000.txt

---

BXA Rule on Hi-Performance Computers, March 10, 2000

  http://cryptome.org/bxa031000.txt
---

MPAA Attacks DeCSS Down Under, March 10, 2000

"MPAA have sent us, an Australian organisation, the same letter with 
the same demands etc etc, presuming that we should be subject to US 
laws etc. I thought you'd be further interested to see this posting 
about the situation as it's developing down under (in short, there 
are no laws preventing DeCSS from being distributed/marketed/whatever 
in Australia and a set of upcoming changes to Copyright law which 
bring in a few provisions about reverse engineering through 
decompilation etc don't address the issue and the MPAA is sending 
people to Australia to pressure the Government into adding them 
despite the bill being quite close to passing in it's current form 
without provisions for circumvention devices etc)."

  http://cryptome.org/dvd-mpaa-au.htm

---

Yahoo on Secret Qadahfi Report, March 9, 2000

"Cryptome noted that there is an intense British investigation to 
learn how the Qadahfi document was offered on Geocities, and that a 
British person had been arrested recently as a result. And asked 
would he comment on whether Yahoo has been contacted for this 
investigation. Mr. Holtz said to comment on such matters would 
violate Yahoo's policy on customer privacy. Mr. Holtz said it is 
Yahoo policy to neither confirm nor deny the reasons for the 
offering or removal of content on its Geocities web sites. Yahoo 
does not examine the content before it is offered, and does not 
review it unless a complaint is made. If reviewed in response to 
a complaint, the content is evaluated only according to the terms 
of Yahoo's service contract. Yahoo will never remove content that 

is in compliance with its terms of service contract -- except by 
court order. Mr. Holtz said he could not comment on whether Yahoo 
received a court order to reveal information about the source of 
the the Qadahfi document or to remove it, nor comment on any 
other speculation for its offering or removal, for that would 
violate Yahoo's strict policy on the privacy of customers."

  http://cryptome.org/yahoo-qadahfi.htm

---

Cylink Response, March 9, 2000

"In an e-mail to Cylink's CEO, you invited a response. This letter 
is that response. We see no reason to comment on the unsubstantiated, 
unsourced, unsigned and lib

60 Minutes on Echelon

[Perry E. Metzger]

This URL points to a summary of last Sunday's story on 60 Minutes:

http://cbsnews.cbs.com/now/story/0,1597,164651-412,00.shtml

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

More on Echelon

[Perry E. Metzger]

>From Edupage via IP

--- Start of forwarded message ---

The National Security Agency (NSA) recently defended itself in a
letter to Congress, claiming that all of its activities under the
Echelon satellite-surveillance program are conducted lawfully.
The agency has come under fire recently from the European
Parliament, which accused the NSA of using intelligence for the
benefit of American industry. The European Parliament also
contends that ordinary European and American citizens are being
spied upon. The American Civil Liberties Union has recently
requested congressional hearings on the matter.
(New York Times, 28 Feb 2000)



--- End of forwarded message ---

Re: Predictable IVs

[Perry E. Metzger]

Damien Miller <[EMAIL PROTECTED]> writes:
> What risks does using a predictable IV bring?
[...]
> Would the system be weakened if I was to use just the block number?

I'd avoid it. You needn't do something computationally onerous --
getting a pseudorandom stream from an RC4 generator will be fine --
but if you use a nice known sequence of sequential IVs you are going
to end up feeding slowly varying known goo into the crypto
algorithm. Although this isn't quite what one does when trying to get
texts for differential cryptanalysis, it does feel uncomfortably
similar, no?

Given that an RC4 generator takes next to no time to knock out eight
bytes of IV for you, why not do that and avoid possible future risk?
Since the application is IVs, even if there are flaws in RC4 they
won't hurt you -- the point is just that you end up with a nice bit
shuffled IV sequence.

Perry

from IP: Proposed US military budget will fund domestic wiretapping

[Perry E. Metzger]

Forwarded from Dave Farber's "Interesting People" list.

--- Start of forwarded message ---
Date: Mon, 07 Feb 2000 18:16:51 -0500
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: Proposed US military budget will fund domestic wiretapping


>http://www.wired.com/news/politics/0,1283,34164,00.html
>
>Clinton's Wiretap-Heavy Budget
>by Declan McCullagh ([EMAIL PROTECTED])
>
>1:25 p.m. 7.Feb.2000 PST
>WASHINGTON -- President Clinton's
>proposed $1.84 trillion budget includes
>millions of dollars in new spending on
>technology and law enforcement
>programs.
>
>The record budget request for the 2001
>fiscal year, which begins 1 October, asks
>Congress for more money for wiretapping,
>police databases, antitrust enforcement,
>and computer crime forensics.
>
>One of the heftiest increases, from $15
>million to $240 million, will pay telephone
>companies to rewire their networks to
>facilitate federal and state wiretapping.
>Under the 1994 Communications
>Assistance to Law Enforcement Act
>(CALEA), Congress may "reimburse" phone
>companies for their efforts, but the
>controversial process is the subject of a
>lawsuit currently before a federal appeals
>court.
>
>Half of that money, $120 million, will come
>from the Department of Defense's
>"national security" budget -- a move that
>alarms privacy groups.
>
>"The proposal to use thinly disguised
>intelligence agency money to fund CALEA
>confirms what we have suspected all
>along: the National Security Agency is a
>silent partner in the government's
>campaign to make our entire
>telecommunications system, including the
>Net, wiretap ready," says Barry
>Steinhardt, associate director of the
>American Civil Liberties Union.
>
>[...]



--- End of forwarded message ---

Intro to differential & linear cryptanalysis?

[Perry E. Metzger]

I'm teaching a course in crypto this semester, and I'm trying to give
my students a thorough background on some deeper topics. There isn't
much on differential and linear cryptanalysis in Schneier or in the
Handbook of Applied Cryptography, but I'd like to give them a
grounding in the topic.

Can anyone suggest some papers or other source materials on the area
to use in the course?

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

EFF seeks donations

[Perry E. Metzger]

[This is a bit of an unusual forward for the list, but I think it is
relevant -- or at least I'll declare it to be. :) --Perry]

   
   EFFector   Vol. 13, No. 1   Jan. 25, 2000   [EMAIL PROTECTED]
  
   A Publication of the Electronic Frontier Foundation ISSN 1062-9424
  
  IN THE 149th ISSUE OF EFFECTOR (now with over 21,000 subscribers!):
  
 * MPAA Continues Intimidation Campaign Against Open Source Software
   Community
  + Police Raid Home of Norwegian Linux Coder
  + WHAT YOU CAN DO
  + Links to More Information
 * Administrivia
   
   For more information on EFF activities & alerts: http://www.eff.org
 _
   

MPAA Continues Intimidation Campaign Against Open Source Software Community

  Police Raid Home of Norwegian Linux Coder
  
   The home of sixteen-year-old Jon Johansen, who was among the first to
   post the DeCSS program that allows users to view DVDs on computers
   using non-Windows or Macintosh operating systems, was raided yesterday
   in Larvik, Norway and his computer and cellular telephone seized by
   police.
   
   The police were acting at the behest of the motion picture industry as
   part of the industry's attempt to suppress discussion and distribution
   of DVD-viewing software developed outside of the industry's licensing
   regime to prevent the free availability of such software.
   
   Both Johansen and his father, who operated the website on which the
   teen posted the code, were questioned at length by the police and have
   been threatened with indictment for posting the code, which the motion
   picture industry dubiously claims was created illegally and promotes
   piracy. Legal analysis of Norwegian copyright and computer crime laws
   suggests the charges would not stick; the action appears intended to
   harass and frighten.
   
   This action is in addition to three lawsuits filed by the Motion
   Picture Association of America and the DVD Content Control Association
   and their overlapping membership, in California, New York and
   Connecticut against numerous individuals and organizations including
   coders, journalists and an ISP. EFF's legal staff, aided by some of
   the nation's top attorneys in copyright law, are vigorously defending
   those named in the suits, to support the rights of individuals to
   legally develop, post, and discuss software.
   
   "The motion picture industry is using its substantial resources to
   intimidate the technical community into surrendering their rights of
   free expression and fair use of information", said Tara Lemmey,
   President of the Electronic Frontier Foundation. "These actions are a
   wake-up call for the open-source software community. The process of
   reverse-engineering and public posting and commenting of code that the
   MPAA is attempting to suppress is fundamental to the development of
   open source software as well as being constitutionally-protected
   speech."
   
   EFF plans to assist the Johansen family and has already contacted
   several experts in European copyright law to involve them in the case.
   
   For more information and background material on the MPAA/DVDCCA
   crusade to censor free speech and innovation under the smokescreen of
   preventing piracy, visit EFF's Campaign for Audiovisual Free
   Expression ( http://www.eff.org/cafe ) or follow some of the links
   below.


   
WHAT YOU CAN DO

   Support EFF by making a special donation. The movie industry is
   clearly trying to spread us thin and make us expend all our resources.
   They've filed three lawsuits, generated one bogus criminal
   investigation, and will almost certainly do more -- hoping to spend us
   out of the way. Please don't let that happen. EFF is the only
   organization fighting this legal battle against big money and
   corporate arrogance. We need your help! You can make a donation via
   our secure Web site (just fill in the donation section of our
   membership form, and please become a member, too!) You can also send a
   check, or even donate stock. Membership/donation form (Visa, MC,
   AmEx):
   https://www.eff.org/join
   
   Contact info for postal or telephoned donations, and stock donations:
  Electronic Frontier Foundation
  attn: Kathleen Guneratne, Membership Coordinator
  1550 Bryant St., Suite 275
  San Francisco CA 94103-4832 USA
  +1 415 436 9333 x0
   
   PGP Key for encrypted donations via e-mail (send to
   [EMAIL PROTECTED]):
   http://www.eff.org/pub/EFF/effkey.pgp
   
   Were working on other ways for members and supporters to get involved
   -- we'll send out another edition of EFFector and feature it on our
   website as well.
   
   Thanks for your help and support.
   


Links to More Information

   EFF's Campaign for Audiovisual Free Expression 

Forwarded: banning 'soft-Tempest' fonts?

[Perry E. Metzger]

[A friend directed me to the following fun in the new regs --Perry]

re: new BXA regs

"a.4. Specially designed or modified to reduce the compromising
emanations of information-bearing signals beyond what is necessary
for the health, safety or electromagnetic interference standards;"

I'm teaching a crypto course near NYC...

[Perry E. Metzger]

I've agreed to teach an in depth introduction to crypto at Stevens,
which is an engineering school across the river from Manhattan in
Hoboken, NJ. I'm posting this largely just in case someone out there
really wants to enroll in such a course, doesn't otherwise know where
to find one, and happens to be in the NYC area. If this isn't you,
don't bother reading further as you won't be interested.

A caveat: this is going to be much more math oriented and much less
"applications oriented" than some may like.



CS765E: Introduction to Modern Cryptography
Instructor: Perry Metzger
Tuesday, 6:30 - 8:45

This course will survey the whole of modern cryptography.  Areas to be
covered will include: modern conventional ciphers (including Feistel
ciphers such as DES), public key systems (including RSA,
Diffie-Hellman and related systems), cryptographic protocols
(including areas such as Needham-Schroeder systems, blind signature
protocols, bit commitment systems, "Dining Cryptographers", voting
protocols, zero-knowledge proofs, etc.) and techniques for the
cryptanalysis of modern cryptographic systems (including differential
and linear cryptanalysis.)  As the topic is large, the course will
necessarily be reasonably fast paced, and students will be expected to
be mathematically experienced and highly motivated. Although some
background in probability and number theory is helpful, it is not
strictly required and review of these topics will be conducted during
the course. Undergraduates should inquire with the instructor
prior to registration.



I asked some of the folks there if they could give me a URL or two
helpful for someone who isn't a student there but might want to take
the class, and was given this:

--

Prospective students should *strongly* consider attending the Advising Forum, 
January 13th, 4:30PM - 7:30PM, 4th Floor, Stevens Center Building.  This is a 
one-stop shopping experience.

http://attila.stevens-tech.edu/gradschool/news/advising.html

For directions to Stevens, please see:

http://www.stevens-tech.edu/tours/

Also useful is

http://www.stevens-tech.edu/eci/academics/index.html

--

ADMIN: List on Holiday Schedule

[Perry E. Metzger]

List moderation work will occur only sporadically from December 28th
until January 3rd. As a result, some messages may be queued for up to
a week.

Have a happy Year 2000 Transition.

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

looking for encrypted login program for NT

[Perry E. Metzger]

Hey, all,

I'm looking for an encrypted remote login program for NT. I just need
a terminal window running cmd.exe on the NT box -- I can deal without
having remote GUI access. Is there anything out there right now? I
know there is no commercial supported SSH server for NT (or is there?)

-- 
Perry Metzger   [EMAIL PROTECTED]

More on Echelon

[Perry E. Metzger]

The Register is running a story about increased Congressional demands
for oversight of the NSA.

http://www.theregister.co.uk/991127-01.html

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

USB smartkeys etc.

[Perry E. Metzger]

Steve points out that USB is not meant for repeated connect-disconnect
cycles to the extent needed for "smart keys" and such, and that many
machines have inconveniently placed USB ports.

However, it would be reasonable to build a small extension
cable+alternative connector that *was* able to handle repeated
cycles. Such a thing would have negligible cost in bulk, unlike smart
card readers.

This would probably be a significant boon. Smart card readers are
expensive, and smart cards are way too stupid. This, however, might
actually provide a reasonably easy way to make the underlying idea fly.

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

TMI sets precedent with U.S. deal: Telecom firm agrees to wiretaps -- but not on Canadians [JUST AMERICANS? djf]

[Perry E. Metzger]

FYI, from Interesting People

--- Start of forwarded message ---
Message-Id: <[EMAIL PROTECTED]>
Date: Wed, 17 Nov 1999 04:38:37 -0500
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: TMI sets precedent with U.S. deal: Telecom firm agrees to
  wiretaps -- but not on Canadians [JUST AMERICANS? djf]


>From: "the terminal of Geoff Goodfellow" <[EMAIL PROTECTED]>
>To: "Dave e-mail pamphleteer Farber" <[EMAIL PROTECTED]>
>
>
>http://www.canoe.ca/MoneyNewsTechnology/sept13_tmisatellite.html
>
>TMI sets precedent with U.S. deal
>Wins security clearance: Telecom firm agrees to wiretaps -- but not on
>Canadians
>More Technology News
>By PETER MORTON
>The Financial Post
>
>   WASHINGTON - A tiny Canadian satellite communications company will be the
>first foreign firm to receive top security approval from the FBI to operate a
>telecommunications business in the United States after agreeing to allow U.S.
>security agencies to wiretap its service.
>
>   The precedent-setting deal, to be signed today, will soon allow TMI
>Communications Inc. to offer satellite telecommunications services in the U.S.
>market, Larry Boisvert, TMI's chief executive, confirmed in an interview.
>
>   "If you want to provide telecommunications in the U.S. you have to be
>prepared to meet the security required as determined by the FBI and the
>Department of Justice," Mr. Boisvert said.
>
>   Even though it will operate the service from Canada, TMI agreed to put a
>digital switch in the United States that would give FBI and other U.S. 
>security
>agencies the ability to listen in on satellite calls or copy data, such as
>financial records, as required by new federal laws that will force all U.S.
>mobile communications companies to do the same by next June.
>
>
>
>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>[EMAIL PROTECTED], Prague CZ * tel/mobil +420 (0)603 706 558
>"Success is getting what you want & happiness is wanting what you get"
>http://www.nytimes.com/library/tech/99/01/biztech/articles/17drop.html



--- End of forwarded message ---

ECHELON Watch

[Perry E. Metzger]

>From Dave Farber's "Interesting People" list.

--- Start of forwarded message ---
Message-Id: <[EMAIL PROTECTED]>
Date: Tue, 16 Nov 1999 14:39:27 -0500
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: ECHELON Watch


>Date: Tue, 16 Nov 1999 13:59:41 -0500
>To: Dave Farber <[EMAIL PROTECTED]>
>From: Barry Steinhardt <[EMAIL PROTECTED]>
>
>Dave,
>
>ACLU today launched a new web site www.echelonwatch.org, which is designed 
>to focus public attention on the threats to civil liberties which are 
>posed by the massive international communications surveillance program 
>sometimes known by the code name ECHELON. The attached release gives more 
>details on the site.
>
>I believe this issue will be of interest to the IP list.
>
>Regards,
>
>Barry Steinhardt
>
>
>ACLU Launches Web Site On Global Surveillance System
>FOR IMMEDIATE RELEASE Contact:
>Jennifer Helburn
>Tuesday, November 16, 1999
>(202) 675-2312
>WASHINGTON-The American Civil Liberties Union today launched a web site
>designed to shed light on a global electronic surveillance system known by
>the code name "Echelon" that reportedly allows the United States and other
>governments to eavesdrop on private citizens.
>"Echelon is perhaps the most powerful intelligence gathering network in the
>world," said Barry Steinhardt, Associate Director of the ACLU. "But it is
>still very much a black box, which apparently operates without the oversight
>of Congress or the courts."
>The website - www.echelonwatch.org - encourages public discussion of the
>potential threat that Echelon poses to civil liberties, and allows visitors
>to fax free letters to Congress, urging their support for a congressional
>inquiry into the Echelon project. It also provides a collection of research
>documents on Echelon.
>After many years of reports by investigative journalists, the existence of
>Echelon became an international issue when the European Parliament received
>two reports detailing its operations and after the Australian government
>confirmed its participation in the operation. According to those reports,
>Echelon is led by the U.S. National Security Agency in conjunction with its
>counterpart agencies in England, Canada, Australia and New Zealand.
>Echelon reportedly attempts to capture all satellite, microwave, cellular
>and fiber-optic communications worldwide, including communications to and
>from North America. Computers then use sophisticated filtering technology to
>sort through conversations, faxes and emails searching for keywords or other
>flags. Communications that include the flags are then forwarded to the
>intelligence agency that requested them. The report to the European
>Parliament charged that Echelon had been used in the United Kingdom to spy
>on charities such as Amnesty International and Christian Aid.
>"Echelon can no longer be dismissed as an X-Files fantasy," Steinhardt said.
>"The reports to the European Parliament make it quite clear that Echelon
>exists and that its operation raises profound civil liberties issues."
>The NSA has refused to share with Congress and the public the legal
>guidelines for the project. This refusal prompted passage of a bill, now in
>the final stages before becoming law, requiring the intelligence agencies to
>prepare a report on the legal standards they use for monitoring
>communications. Within the next few months, the U.S. House Government Reform
>and Oversight Committee will hold hearings on Echelon.
>"It appears that the U.S. government is once again spying on Americans'
>private communications," said Gregory T. Nojeim, a legislative counsel in
>the ACLU's Washington National Office. "Congress must determine if Echelon
>is as sweeping and intrusive as has been reported, and most importantly, it
>must ensure that Americans' conversations are not intercepted without a
>court order."
>The ACLU created and administers the site in conjunction with the
>Washington, DC based Electronic Privacy Information Center and the Omega
>Foundation of Great Britain, which prepared the first report to the European
>Parliament.
>###
>
>



--- End of forwarded message ---

PGPphone sources released.

[Perry E. Metzger]

Apparently the sources to PGPphone have been released (after many
years). See:

http://www.pgpi.org/files/pgpfone.txt

--
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

BBC Online 2/10/99: "Global spy network revealed"

[Perry E. Metzger]

Thought this would be of interest -- it was a posting Dave made to the
"Interesting People" mailing list.

--- Begin forwarded message ---
Date: Wed, 03 Nov 1999 11:42:09 -0500
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: BBC Online 2/10/99: "Global spy network revealed"


>Date: Wed, 3 Nov 1999 16:03:52 +
>To: [EMAIL PROTECTED]
>
>
>http://news.bbc.co.uk/hi/english/world/newsid_503000/503224.stm
>Global spy network revealed
>
>Listening in to your phone calls and reading your emails
>
>By Andrew Bomford of BBC Radio 4's PM programme
>Imagine a global spying network that can eavesdrop on every single phone
>call, fax or e-mail, anywhere on the planet.
>
>It sounds like science fiction, but it's true.
>
>Two of the chief protagonists - Britain and America - officially deny its
>existence. But the BBC has confirmation from the Australian Government that
>such a network really does exist and politicians on both sides of the
>Atlantic are calling for an inquiry.
>
>On the North Yorkshire moors above Harrogate they can be seen for miles, but
>still they are shrouded in secrecy. Around 30 giant golf balls, known as
>radomes, rise from the US military base at Menwith Hill.
>
>Linked to the NSA
>
>Inside is the world's most sophisticated eavesdropping technology, capable
>of listening-in to satellites high above the earth.
>
>Facility is said to be capable of 2m intercepts per hour
>The base is linked directly to the headquarters of the US National Security
>Agency (NSA) at Fort Mead in Maryland, and it is also linked to a series of
>other listening posts scattered across the world, like Britain's own GCHQ.
>
>The power of the network, codenamed Echelon, is astounding.
>
>Every international telephone call, fax, e-mail, or radio transmission can
>be listened to by powerful computers capable of voice recognition. They home
>in on a long list of key words, or patterns of messages. They are looking
>for evidence of international crime, like terrorism.
>
>Open Oz
>
>The network is so secret that the British and American Governments refuse to
>admit that Echelon even exists. But another ally, Australia, has decided not
>to be so coy.
>
>The man who oversees Australia's security services, Inspector General of
>Intelligence and Security Bill Blick, has confirmed to the BBC that their
>Defence Signals Directorate (DSD) does form part of the network.
>
>"As you would expect there are a large amount of radio communications
>floating around in the atmosphere, and agencies such as DSD collect those
>communications in the interests of their national security", he said.
>
>Asked if they are then passed on to countries like Britain and America, he
>said: "They might be in certain circumstances."
>
>But the system is so widespread all sorts of private communications, often
>of a sensitive commercial nature, are hoovered up and analysed.
>
>Journalist Duncan Campbell has spent much of his life investigating Echelon.
>In a report commissioned by the European Parliament he produced evidence
>that the NSA snooped on phone calls from a French firm bidding for a
>contract in Brazil. They passed the information on to an American
>competitor, which won the contract.
>
>"There's no safeguards, no remedies, " he said, "There's nowhere you can go
>to say that they've been snooping on your international communications. Its
>a totally lawless world."
>
>Breaking the silence
>
>Both Britain and America deny allegations like this, though they refuse to
>comment further. But one former US army intelligence officer has broken the
>code of silence.
>
>Colonel Dan Smith told the BBC that while this is feasible, it is not
>official policy: "Technically they can scoop all this information up, sort
>through it, and find what it is that might be asked for," he said. "But
>there is no policy to do this specifically in response to a particular
>company's interests."
>
>Legislators on both sides of the Atlantic are beginning to sit up and take
>notice. Republican Congressman Bob Barr has persuaded congress to open
>hearings into these and other allegations.
>
>In December he is coming to Britain to raise awareness of the issue. In an
>interview with the BBC he accused the NSA of conducting a broad "dragnet" of
>communications, and "invading the privacy of American citizens."
>
>He is joined in his concerns by a small number of politicians In Britain.
>Liberal Democrat MP Norman Baker has tabled a series of questions about
>Menwith Hill, but has been met with a wall of silence.
>
>"There's no doubt it's being used as a listening centre," he said, "There's
>no doubt it's being used for US interests, and I'm not convinced that
>Britain's interests are being best served by this."
>

_
David Farber
The Alfred Fitler Moore Professor of Telecommunication Systems
University of Pennsylvania
Home Page: http://www.cis.upenn.edu/~farber
Email: [EMAIL PROTECTED]

Home: +1 610 274 8

["NewsScan" ] NewsScan Daily, 20 October 1999 ("Above The Fold")

[Perry E. Metzger]

I thought this would be amusing.

--- Start of forwarded message ---
From: "NewsScan" <[EMAIL PROTECTED]>
To: "Multiple recipients of list newsscan <[EMAIL PROTECTED]>" <[EMAIL PROTECTED]>
Date: Wed, 20 Oct 1999 11:06:02 -0700
Subject: NewsScan Daily,  20 October 1999 ("Above The Fold")
Reply-To: "NewsScan" <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>

NewsScan Daily,  20 October 1999 ("Above The Fold")

 
NewsScan Daily is underwritten by IEEE Computer Society and Arthur 
Andersen, world-class organizations making significant and sustained 
contributions to the effective management and appropriate use of 
information technology.


[...]

CRYPTOGRAPHERS CRACK AMAZON CONTEST CODE
Cryptography buffs succeeded in deciphering the meaning behind five lines of
seemingly random numbers just hours after Amazon.com launched a two-week
contest to promote sales of books on the subject. Hacker members of the
Slashdot.org site made short work of the task after one software developer
discerned that the seemingly random numbers matched up with ISBN numbers
used to reference books. Meanwhile, some Slashdot participants thought the
contest was much too easy. "This contest is supposed to be winnable by
people who get stumped by crossword puzzles in USA Today, not by some
paranoid lunatic that uses Ordo Novus Seclorum to read his e-mail and
encrypts his grocery list so that no one will find out he's buying stinky
cheese and miniature vegetables." (Wired.com 19 Oct 99)
http://www.wired.com/news/technology/0,1282,31988,00.html

[...]

--- End of forwarded message ---

IP: IETF considers building wiretapping into the Internet

[Perry E. Metzger]

I thought this forward from "Interesting People" would be of interest

--- Start of forwarded message ---
Message-Id: 
Date: Tue, 12 Oct 1999 20:44:03 -0700
From: David Farber <[EMAIL PROTECTED]>
Subject: IP: IETF considers building wiretapping into the Internet

>
>
>http://www.wired.com/news/politics/0,1283,31853,00.html
>
>  Wiretapping the Net: Oh, Brother
>  by Declan McCullagh ([EMAIL PROTECTED])
>
>  2:00 p.m. 12.Oct.99.PDT
>  Since its humble beginnings as a
>  15-person committee in 1986, the
>  Internet Engineering Task Force has had
>  one guiding principle: To solve the
>  problems of moving digital information
>  around the world.
>
>  As attendance at meetings swelled and
>  the Internet became a vital portion of
>  national economies, the
>  standards-setting body has become
>  increasingly important, but the engineers
>  and programmers who are members
>  remained focused on that common goal.
>
>  No longer.
>
>  The IETF is now debating whether to wire
>  government surveillance into the next
>  generation of Internet protocols. The
>  issue promises to cause the most
>  acrimonious debate the venerable group
>  has ever experienced and could have a
>  lasting effect on privacy online.
>
>  To reach even a preliminary decision in a
>  special plenary session of the IETF
>  meeting in Washington next month,
>  attendees must weigh whether law
>  enforcement demands are more important
>  than communications security and
>  personal privacy -- a process that places
>  technology professionals in the unusual
>  position of taking a prominent political
>  stand.
>
>  "As Internet voice becomes a wider
>  deployed reality, it is only logical that the
>  subject has to come up," IETF chairman
>  Fred Baker said. "We are deciding to bring
>  it up proactively rather than reacting to
>  something later in the game."
>
>  The wiretapping issue arises as the IETF
>  is wrestling with another prominent
>  privacy issue in IPv6, the slated
>  next-generation Internet protocol. As
>  outlined, the proposal would include the
>  unique serial number for each computer's
>  network connection hardware as part of
>  its expanded address.
>
>  Many governments, including the United
>  States, require telephone companies to
>  configure their networks so police can
>  easily wiretap calls. As more phone calls
>  flow through the Internet, some experts
>  predict that the FBI and similar agencies
>  will demand additional surveillance
>  powers.
>
>  If the IETF takes no action and
>  governments require IP telephony firms to
>  use snoopable products, some veteran
>  task force members fret that companies
>  might simply start to use technology that
>  won't talk to products from other
>  manufacturers. It's a noxious prospect for
>  a standards-setting body like IETF.
>
>  Even worse: The products may divulge
>  more information to an eavesdropper or
>  introduce further security holes.
>
>  "The basic problem is that the
>  government will probably demand of IP
>  telephony the rules that govern
>  wiretaps," said University of Pennsylvania
>  electrical engineering professor Dave
>  Farber, a board member of the Electronic
>  Frontier Foundation and the Internet
>  Society. "...I wish we didn't have the law.
>  But given that the law is there, it's wiser
>  to make sure it just applies to the stuff
>  that's IP telephony and not all of our data
>  

forwarded: Trusted Computing Platform Alliance Invites Companies to Join

[Perry E. Metzger]

Thought this would be of interest.

--- Start of forwarded message ---
Message-Id: 
Date: Mon, 11 Oct 1999 15:41:43 -0400
From: David Farber <[EMAIL PROTECTED]>
Subject: IP: Trusted Computing Platform Alliance Invites Companies to Join


(IBM/CQ/HP/IBM/INTEL/MSOFT)(IBM) Compaq, Hewlett Packard, IBM, Intel,
and Microsoft Announce Open Alliance to Build Trust and Security into PCs
for e-Business

 Business/High-Tech Editors

 NEW YORK--(BUSINESS WIRE)--Oct. 11, 1999--


Trusted Computing Platform Alliance Invites Companies to Join


 Compaq, Hewlett Packard, IBM, Intel, and Microsoft today announced the
formation of the Trusted Computing Platform Alliance (TCPA), an industry
group focused on building confidence and trust of computing platforms in
e-business transactions by creating an industry standard for security
technologies in personal computing environments.



 The alliance's mission is the development of a new hardware and software
specification that will enable technology companies to offer a more trusted
and secure personal computer platform based on common standards. The five
members are inviting other companies to join the TCPA and participate in the
development of the new specification.



 According to a recent report by Forrester Research, business-to-business
trade on the Internet will surge from $43 billion in 1998 to $1.3 trillion
in 2003.1 With its focus on simplifying the deployment, use, and
manageability of security technologies, the TCPA will enable more trust in
existing e-business, while paving the way for e-business opportunities that
may not exist today.



 "Security solutions, which must be designed from top to bottom, not
incrementally, will become more critical to e-business as security concerns
increase," said David Farber, the Alfred Fitler Moore Professor of
telecommunications systems, at the University of Pennsylvania. "With the
formation of the Trusted Computing Platform Alliance and by making it open
to broad industry participation, I believe that the TCPA will benefit the
whole information technology industry by enabling a more secure solution to
doing business on the Internet."


 "The widespread adoption of internet-based electronic commerce will
depend on significant improvements in the security capabilities of current
PCs," said Brian Gladman, a U.K.-based independent security consultant,
well-known in Europe. "I am delighted to find that the Trusted Computing
Platform Alliance is investing is such developments by fostering
international, industry-wide cooperation on the requirements and
technologies needed for a truly secure computing platform."



 An overriding security problem for companies as they manage networks of
personal computers is that they lack a standard set of system hardware-based
functions needed to establish trust on the platform. Companies need a common
standard to simplify the way they deploy, use, and manage security elements
on personal computers.



 Numerous technologies, products, services and standards address the
issue of security, such as X.509, IPSEC, IKE, VPN, PKI, smart cards,
biometrics, S/MIME, and SSL, but the goal of the new alliance is to create a
base-level security standard that would complement existing technologies,
and enhance security at the level of the platform hardware, BIOS, and
operating system. Such a standard does not currently exist.



 The alliance aims to create a specification proposal by the second half
of 2000, to be licensed openly to the industry through appropriate
verification and implementation processes.



 The specification will help to define security operations in several
critical areas. Examples of areas under investigation by the alliance
include secure storage of confidential information, generation of random
numbers used to create public and private encryption keys and electronic
signing of data used to authenticate the identity of the sender. Recognizing
that privacy is extremely important, the TCPA specification will allow a
computer owner to maintain complete control over information contained by
the system. In addition, the group is investigating how to build stronger
integrity into systems by enhancing virus detection to validate beyond the
software level; check the hardware BIOS, master boot record and operating
system; and supply platform integrity information.



 The alliance is inviting participation by new members in defining these
and other areas of the specification. For more information about joining the
Trusted Computing Platform Alliance, see its web site at
http://www.trustedpc.org


--- End of forwarded message ---

["NewsScan" ] NewsScan Daily, 1 October 1999 ("Above The Fold")

[Perry E. Metzger]

--- Start of forwarded message ---
Message-Id: <[EMAIL PROTECTED]>
From: "NewsScan" <[EMAIL PROTECTED]>
To: "Multiple recipients of list newsscan <[EMAIL PROTECTED]>" <[EMAIL PROTECTED]>
Date: Fri, 01 Oct 1999 06:10:52 -0700
Subject: NewsScan Daily,  1 October 1999 ("Above The Fold")
Reply-To: "NewsScan" <[EMAIL PROTECTED]>

NewsScan Daily,  1 October 1999 ("Above The Fold")

 
NewsScan Daily is underwritten by Arthur Andersen and IEEE Computer 
Society, world-class organizations making significant and sustained 
contributions to the effective management and appropriate use of 
information technology.


[...]

JUSTICE MAY REVIEW ENCRYPTION RULING
An appeals court has granted the U.S. Justice Department a new hearing over
its authority to regulate the export of encryption technology. In May, a
three-judge panel had ruled that encryption programs and the mathematical
algorithms therein were expressions of ideas, and therefore protected under
the right to free speech. The panel found that the existing regulations
"allow the government to restrain speech indefinitely, with no clear
criteria for review." Justice appealed that decision, which it said
threatened its ability to keep strong encryption software out of the hands
of criminals and terrorists. The lawsuit was initiated by Daniel Bernstein,
a professor at the University of Illinois at Chicago who claimed government
suppression of his encryption software was a violation of his right to free
speech. The Clinton administration has promised some concessions to software
companies who want to export their encryption products, but those rules
won't be implemented until December. (AP 1 Oct 99) 
http://wire.ap.org/

[]
--- End of forwarded message ---

ADMIN: mysterious bounces

[Perry E. Metzger]

I believe I may have tracked down the source of the mysterious bounces
that were impacting everyone who sent mail to the list. If anyone
gets any more of these (i.e. errors that go to the sender and not to
the list manager), please let me know.

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

secure access products for NT?

[Perry E. Metzger]

A client of mine is using SSH for all their Unix server access and
management and is looking to do something similar for NT --
unfortunately, they can't find a commercial SSH server for NT. Does
anyone know of anything else that's in the same class but which *does*
run on NT?

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

[David Farber ] more re Encryption Technology Limits Eased

[Perry E. Metzger]

Forwarded from Dave Farber's IP mailing list.

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."
--- Start of forwarded message ---
Message-Id: 
Date: Thu, 16 Sep 1999 11:47:12 -0400
From: David Farber <[EMAIL PROTECTED]>
Subject: IP: more re Encryption Technology Limits Eased
Reply-To: [EMAIL PROTECTED]

>From: "Dave Wilson" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>
>
>I don't want to brag, but it was *first* reported by the San Jose Mercury
>News. Go to http://www.mercurynews.com for a complete report by Jonathan
>Rabinovitz.
>

As I said , the devil is in the details.  I just got off the phone 
with "a well placed person" who said point two , which could 
translate as key escrow, is not intended by the Administration to 
call for mandatory escrow. It is intended to get at places which 
maintain key escrow facilities like corporations  etc. I pointed out 
that in the course of debate in the Congress, someone will surely try 
for mandatory and he said "lets see what happens" I agree lets watch 
and be ready to stop it.

I got a strong impression that the credit for this one goes to the VP 
Gore for leading the parts of the Government   down a path they did 
not want to go. If so , well done!!

Wonder what the FBI will do with $80 m. Subcontract with NSA?

Dave


According to the official, the policy comprises three pillars:

*The administration will give $500 million to the Defense 
Department over the next several years to beef up its information 
security and to become a model for other government agencies and the 
private sector.

*Exporters of the strongest encryption products, which 
generally have keys of 128 bits or more, will no longer need to 
license each shipment. Instead, they will in most instances only need 
to have a one-time technical review of the product. However, the new 
policy will maintain the current ban on sending such products to 
states considered ``terrorist nations'' and will require a 
case-by-case review of sales of high-power custom encryption to 
foreign governments.

* Legislation will be proposed to Congress that will set up a 
system for law enforcement officials to go to court to get from third 
parties the keys that would open encrypted messages. Along with this 
proposal, the administration plans to set aside $80 million over the 
next four years to help the FBI improve its ability to crack codes.



--- End of forwarded message ---

ADMIN: enough _NSAKEY for now

[Perry E. Metzger]

Okay, I think we're rubble bouncing now. I'm going to start ruthlessly
trimming the _NSAKEY stuff until there is some actual new news. I
might allow through something with particularly interesting insights
or which sheds new light on things. If and when there are news reports
with substantive new data, I'll loosen up again.

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

ADMIN: finally caught up

[Perry E. Metzger]

After a week of machine crashes and internet access problems, I've
finally caught up on the moderation backlog. I'm very sorry about the
temporary disruption.

-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

$100 secure phones from Starium

[Perry E. Metzger]

Starium is about to start selling $100 phone encryption units,
according to this article:

http://www.wired.com/news/news/technology/story/21236.html

This could potentially change the encryption debate landscape quite
dramatically, as even casual users will be able to justify the price.


-- 
Perry Metzger   [EMAIL PROTECTED]
--
"Ask not what your country can force other people to do for you..."

[Ross Anderson ] AES: AES

[Perry E. Metzger]

NIST has just announced that the finalists in the Advanced Encryption
Standard competition are MARS, RC6, Rijndael, Serpent and Twofish.
That makes three US algorithms, one Belgian, and one which I developed
in collaboration with colleagues in Israel and Norway.

It may be of interest that, under the export controls on intangibles
which the DTI pushed in their recent White Paper and which they are
now trying to have adopted as an EU regulation, I would have needed a
personal export licence from the DTI in order to do this work. (Nigel
has confirmed this.)

It seems somewhat unlikely that a licence would have been granted.
Arms exporters complain to me that DTI officials are notorious for
blocking licences to punish them for such `offences' as complaining
about the licensing process. So perhaps I would have not done the
work; perhaps I'd have defied the law and now be involved in a huge
test case in the European Court; perhaps I'd have emigrated; perhaps
we'd just not do research in collaboration with foreigners. Who knows?

Ross


The AES announcement is at:

http://csrc.nist.gov/encryption/aes/aes_home.htm

The University of Cambridge press release is at:

http://www.cl.cam.ac.uk/~rja14/serpentpr.html

The Serpent home page is at:

http://www.cl.cam.ac.uk/~rja14/serpent.html

AES finalists named

[Perry E. Metzger]

This just came to me from several sources (thanks to Steve Bellovin
for drawing my attention to it...)

Date: Mon, 09 Aug 1999 10:45:15 -0400
To: [EMAIL PROTECTED]
From: Jim Foti <[EMAIL PROTECTED]>
Subject: AES

Hi Folks-

It's now official!  Our FIVE finalists for the AES are:

MARS
RC6
Rijndael
Serpent
Twofish

More info is available at ...

Jim

Turing's Treatise on Enigma

[Perry E. Metzger]

Slurped off of Dave Farber's "Interesting People" mailing list:


>Subject: Turing's Treatise on Enigma
>Date:1999/07/21
>Author:  Frode Weierud <[EMAIL PROTECTED]>
>
>I have just gone public with three chapters of Turing's Treatise on
>Enigma. This is a joint effort of three members of the Crypto
>Simulation Group who have entirely retyped the Treatise. The only
>publicly existing copy, which is coming from NARA, is extremely poor
>in many places and even if the complete text now has been retyped
>there is still a lot of work left to get all the drawings and tables
>done correctly.
>
>The three chapters which now have been released should be seen as
>preliminary
>versions. We are working hard on preparing the other chapters but it
>probably will still take a few months before we will do the next
>release.
>
>You can access the Web page with the Treatise from my Cryptology page
>at: http://home.cern.ch/~frode/crypto/index.html
>
>Please enjoy. It is interesting reading.
>
>Frode
>--
>Frode Weierud
>Phone  : +41 22 7674794 CERN, SL,  CH-1211 Geneva 23,
>Fax: +41 22 7679185 Switzerland
>E-mail : [EMAIL PROTECTED]
>WWW: wwwcn.cern.ch/~frode

UK to impose yet more nasty interception laws...

[Perry E. Metzger]

>From "The Guardian" in the U.K.

 Straw insists on e-mail
 interception powers 
 
 Links, reports and background on the
 Freedom of Information debate 
 
 David Hencke, Westminster Correspondent 
 Friday July 23, 1999 
 
 Draconian powers to jail anybody for up to two
 years who discloses that their company's encrypted
 e-mails or electronic documents are being
 intercepted by the police, Customs or the security
 services are to be announced by the government
 today. 

http://www.newsunlimited.co.uk/AC/setguestcookie.cgi?section=News&host=www%2Enewsunlimited%2Eco%2Euk&uri=%2Fpolitics%2Fstory%2F0%2C3604%2C67849%2C00%2Ehtml&userid=4G9Dbb01

BBC report alleges UK tapped all communications to Ireland

[Perry E. Metzger]

Not quite cryptography, but it is SIGINT.

http://news.bbc.co.uk/hi/english/uk_politics/newsid_395000/395843.stm

First paragraphs (From the BBC):

Headline: UK 'monitored Irish phone calls' 

Subhead: The messages were scanned for key words 

The UK Government tapped all telephone messages between Britain
and Ireland during the past 10 years, it has been alleged. 

Channel 4 News said a tower in Capenhurst, Cheshire, was used to
intercept all telephone signals between Ireland and the UK from 1989
to when it closed down earlier this year.

The 13-storey windowless tower used electronic equipment to collect
and store all faxes, e-mails, telexes and data communications, the
programme said. Their contents were then allegedly scanned for key
words and subjects of interests.

[...]

SAFE slowly moves forward -- could be acted on this month

[Perry E. Metzger]

A story on NEWS.COM says:

   Key fights on crypto exports in Congress 
   By Courtney Macavinta
   Staff Writer, CNET News.com
   July 14, 1999, 3:40 p.m. PT 

   The future of strict export controls on strong computer
   security products could be decided in key battles unfolding on
   Capitol Hill this month. 

Full story (which is fairly fluffy but does contain information) at:

http://www.news.com/News/Item/0,4,39177,00.html

Reno and Free oppose loosening Crypto controls -- film at 11

[Perry E. Metzger]

>From the AP:

 Reno Opposes Eased Export Controls 

 By Tom Raum
 Associated Press Writer
 Tuesday, July 13, 1999; 2:52 p.m. EDT

 WASHINGTON (AP) -- Easing export controls on powerful data and
 voice-scrambling technology will hamper efforts to track down
 terrorists and other criminals, the nation's top two law enforcement
 officials told Congress.  

Full story at:

http://search.washingtonpost.com/wp-srv/WAPO/19990713/V000644-071399-idx.html

forwarded from Dave Farber's "IP" list...

[Perry E. Metzger]

>
>REQUEST FOR PUBLIC COMMENT: THE DIGITAL MILLENNIUM COPYRIGHT ACT,
>SECTION 1201(g)
>
>Issue: Encryption/Copyright
>
>The National Telecommunications and Information Administration (NTIA) and 
>the U.S. Copyright Office invite interested parties to submit comments on 
>Section 1201(g) of The Digital Millennium Copyright Act (DMCA). The topics 
>are encryption research and the development of encryption technology; the 
>adequacy and effectiveness of technological measures designed to protect 
>copyrighted works; and the protection of copyright owners against 
>unauthorized access to their encrypted copyrighted works. 
>
>The principal question is: "How will the provisions of section 1201(g) 
>of the DMCA affect encryption research?" The Register of Copyrights and 
>the Assistant Secretary of Communications and Information of the Department 
>of Commerce must prepare a report for Congress, examining Section 1201(g) 
>no later than October 28, 1999. Comments by the public must be received 
>by July 26, 1999. 
>
>Mail comments to both the Department of Commerce and the Copyright Office 
>addresses: Paula J. Bruening, Office of Chief Counsel, NTIA, Room 4713, 
>U.S. Department of Commerce, 14th Street and Constitution Ave, NW, 
>Washington, DC 20230 and Jesse M. Feder, Office of Policy and 
>International Affairs, U.S. Copyright Office, Copyright GC/I&R, 
>P.I. Box 70400, Southwest Station, Washington, DC 20024. Comments sent 
>in electronic form should go to both [EMAIL PROTECTED] and [EMAIL PROTECTED] 
>
>For details about the format of the submissions, visit the NTIA web site at 
>the url below. [SOURCE: NTIA, AUTHOR: NTIA, U.S. Department of Commerce and 
>the U.S. Copyright Office, Library of Congress] 
>(http://www.ntia.doc.gov/ntiahome/occ/dmca.htm)

More on Congress vs. Echelon

[Perry E. Metzger]

Niall McKay (apparently the author) forwarded a pointer to this New
York Times "CyberTimes" article on substantially the same subject --
it offers a lot more detail about the U.S. Congressional concerns
about Echelon. (For those without accounts, I believe the standard
"cypherpunks/cypherpunks" account/password dodge works).

   http://www10.nytimes.com/library/tech/99/05/cyber/articles/27network.html

It looks like Echelon has become a big deal to everyone in the know,
although it appears that the big time broadcast news media in the
U.S. has not taken any of the bait offered by the recent stories on
the subject.


Perry

NSA and Congress at odds over Echelon

[Perry E. Metzger]

Federal Computer Week has an interesting article about the NSA
resisting Congressional oversight about Echelon:

http://www.fcw.com/pubs/fcw/1999/0531/web-nsa-6-3-99.html

Australia admits to UK USA/Echelon participation

[Perry E. Metzger]

Not that it is deep news, but an Australian government official has
for the first time confirmed in public that Australia engages in
signals intelligence work and exchanges the data with the other
countries in the UK USA agreement. Full story:

http://www.theage.com.au/daily/990523/news/news3.html

Perry

Russian internet wiretaps

[Perry E. Metzger]

A posting to Dave Farber's "Interesting People" list. I can't say that
I entirely blame the Russian secret police -- after all, they're only
copying the FBI's demands.

Perry

--

>From: "Rob Raisch" <[EMAIL PROTECTED]>
>To: "Dave Farber" <[EMAIL PROTECTED]>
>
>  SORM-2, the Russian security service's plans to monitor the
>  Internet, finally broke this week, with one Volgograd ISP
>  manager, Nailj Murzahanov, deciding he'd had enough, and
>  suing the spooks in court. SORM-2 is a Tap-You-Yourself
>  policy by the cash-strapped KGB successors, the FSB: it
>  requires ISPs to connect their local FSB office for free to
>  their pipe, with agents able to sniff any and all packets
>  (incoming and outgoing) from the comforts of their offices. 
>  Oh, and the ISPs have to provide free support and training.
>
>Full Story: http://www.sptimes.ru/archive/times/466/internet.htm
>Culled from "Need To Know", http://www.ntk.net/
>
>-- 
>Rob Raisch CTO - RivalWorks, Inc.  


--

Wiretaps tripled last year, and U.K. Parliament criticizes Enfopol

[Perry E. Metzger]

Forwarded from NewsScan Daily:

> NewsScan Daily,  21 May 1999 ("Above The Fold")
> 
> 
> NewsScan Daily is a summary of significant information technology news,
> written by John Gehl & Suzanne Douglas.   It is a FREE service of 
> NewsScan.com. Visit us at http://www.NewsScan.com/.
> 
[...]
> ELECTRONIC WIRETAPS TRIPLED LAST YEAR
> The number of wiretaps placed by state and federal law enforcement officials
> on cell phones, pagers, e-mail and other telecommunications devices nearly
> tripled last year, and for the first time wiretaps on cell phones and pagers
> outnumbered those on conventional telephones.  About three-quarters of the
> 1,329 wiretaps authorized were related to drug cases, according to a report
> issued by the Administrative Office of the U.S. Courts.  Wiretaps on
> wireless communications devices -- cell phones and pagers -- more than
> doubled, from 206 in 1997 to 576 last year, and for the first time, five
> e-mail wiretaps were implemented.  (USA Today 21 May 99)
> http://www.usatoday.com/life/cyber/tech/ctf213.htm
> 
> EU PLAN FOR INTERNET SNOOPING UNDER ATTACK
> The U.K. House of Commons Select Trade and Industry Committee has released a
> report criticizing the European Union's Enfopol resolution, which would
> force Internet service providers and telecommunications carriers to
> establish an infrastructure that would enable law enforcement agencies to
> intercept Internet traffic.  Calling the plan unjustified and unfeasible,
> committee chairman Martin O'Neill said, "We felt the civil-liberties
> arguments outweighed the security arrangements.  If (the intelligence
> services) could justify what they were doing in terms of results, people
> would want to do it.  Otherwise, it's a leap in the dark."  O'Neill also
> noted that such restrictions could damage the climate for e-commerce in
> Great Britain, and Europe in general.  (TechWeb 21 May 99)
> http://www.techweb.com/wire/story/TWB19990520S0022
[...]

British Parliament Committee slags cryptography bill...

[Perry E. Metzger]

British Parliament Committee slags cryptography bill...

http://news.bbc.co.uk/low/english/sci/tech/newsid_347000/347550.stm

Exerpt:

Key escrow now dropped

"Now that key escrow has been dropped by the government, the committee
believes that the rationale for an electronic commerce bill is open to
question," the report states.

"It recommends that the government think twice about the content of
the forthcoming bill and only include in the bill measures which will
promote electronic commerce rather than measures discarded from the
previous key escrow policy."

Original of the European Parliament report

[Perry E. Metzger]

The TechWeb version of the article had this link to the report:

http://www.iptvreports.mcmail.com/stoa_cover.htm

another version of the "US uses Echelon for industrial espionage" URL

[Perry E. Metzger]

Another URL for the "US uses Echelon for industrial espionage" story
-- this one should be usable by more people.

http://www.techweb.com/wire/story/TWB19990518S0004

US spying on Europe

[Perry E. Metzger]

A short rant:

I am not the least bit shocked to read, in the link published here
earlier today:

http://www.nytimes.com/techweb/TW_Report_U_S_Uses_Key_Escrow_To_Steal_Secrets.html

that the US has, for some time, been conducting economic espionage
against European countries, and that an E.U. report has concluded that 
pushing for key escrow and international cryptographic controls has
been aimed to a large extent, not at preventing "crime", but at
espionage against "friendly" countries.

What does shock me, however, is that so many European countries have
been completely blind to what has been going on up to this point. Does
everyone remember the speculation from some time back that the
U.S. had employed ECHELON based espionage to determine the negotiating
positions of various Wassenar countries in order to achieve
international cryptographic controls? I assume that we can't be the
only people who've noted this. Does everyone remember the silly trivia 
that many European countries got in exchange for their support on
cryptographic controls? Things like arms contracts -- the phrase
"selling one's birthright for a mess o' pottage" comes to mind.

One wonders, however, if the latest revelations that companies like
Thompson S.A. and Airbus have lost contracts because ECHELON was used
to spy on them and give information on bids to American competitors
will create any change European policy.

If the Europeans know what's good for them, they'll start pushing mass
use of crypto instead of fighting it.

Perry

NSA taps universities for info security studies

[Perry E. Metzger]

>From Edupage via Dave Farber's "Interesting People" list:

The National Security Agency on Tuesday announced that seven 
universities had been selected as Centers of Academic Excellence 
in Information Assurance Education. NSA, which has broad 
influence on U.S. encryption policy, is responding to a Clinton 
administration directive to seek non-governmental research and 
information on critical infrastructure issues. NSA says the 
centers will become "focal points for recruiting, and may create 
a climate to encourage independent research in information 
assurance." The seven universities--James Madison, George Mason, 
Idaho State, Iowa State, Purdue, Idaho, and the University of 
California at Davis--will be formally named at an IBM information 
security systems conference on May 25-29. (EE Times Online 05/12/99)

Everyone wants in on the act...

[Perry E. Metzger]

Taken from:

NewsScan Daily,  14 May 1999 ("Above The Fold")


NewsScan Daily is a summary of significant information technology news,
written by John Gehl & Suzanne Douglas.   It is a FREE service of
NewsScan.com. Visit us at http://www.NewsScan.com/.


EUROPEAN PARLIAMENT WANTS ISPs TO SPY
The European Parliament last Friday passed the Lawful Interception of
Communications council resolution on new technologies -- known as Enfopol --
which requires Internet service providers and telephone companies to provide
law-enforcement agencies with full-time, real-time access to Internet
transmissions, even those traversing along multiple networks.  In addition,
wireless communications providers are required to provide geographical
location information on cell phone users, along with decoding of messages,
if encryption is provided as part of the service.  The European Internet
Service Providers' Association has denounced the resolution.  "Anyone who's
got half a clue about the Internet can easily see the Enfopol proposals are
unfeasible," says the chairman of U.K. ISP Linx. "The problem is it's a
bunch of law-enforcement people who have cooked this up in a vacuum without
public consultation."  He also expressed concerns that the stringent
requirements would prompt Internet users from other countries to route
around Europe, damaging the European telecom industry's revenue.  (TechWeb
14 May 99)  http://www.techweb.com/wire/story/TWB19990513S0009

ADMIN: stop the HTML, please.

[Perry E. Metzger]

Several posters have sent mail messages in the last couple of days in
HTML instead of plain text, or in a mime multipart/alternative with
text and HTML.

Please *stop*. I will systematically reject such postings in the
future. Most of us do not read our email with web browsers, no matter
what Netscape or Microsoft may think.

Perry

New story on Echelon, via Dave Farber's IP list

[Perry E. Metzger]

New story on Echelon, received via Dave Farber's IP list


Spying on the Spies
by Niall McKay 
WIRED 12:15 p.m. 10.May.99.PDT

The National Security Agency has its ear to the world, but doesn't
listen to everyone at once.

That was one conclusion of a new report, Interception Capabilities
2000, accepted late last week by the European Parliament's Science and
Technology Options Assessment Panel (STOA).

The panel commissioned Duncan Campbell, a British investigative
reporter, to prepare a report on Echelon, the US-led satellite
surveillance network.

"I have no objection to these systems monitoring serious criminals and
terrorists," said Glyn Ford, a British Labour Party member of
parliament and a committee member of STOA. "But what is missing here
is accountability, clear guidelines as to who they can listen to, and
in what circumstances these laws apply."

Campbell was asked to investigate the system in the wake of charges
made last year in the European Parliament that Echelon was being used
to funnel European government and industry secrets into US hands.

"What is new and important about this report is that it contains the
first ever documentary evidence of the Echelon system," said
Campbell. Campbell obtained the document from a source at Menwith
Hill, the principal NSA communications monitoring station, located
near Harrogate in northern England.

The report details how intelligence agencies intercept Internet
traffic and digital communications, and includes screen shots of
traffic analysis from NSA computer systems.

Interception Capabilities 2000 also provides an account of a
previously unknown, secret international organization led by the
FBI. According to Campbell, the "secret" organization, called ILETS
(International Law Enforcement Telecommunications Seminar), is working
on building backdoor wiretap capabilities into all forms of modern
communications, including satellite communications systems.

"[The report] is undoubtedly the most comprehensive look at Echelon to
date because of its attention to detail -- [and] the NSA's use of
technology," said John Young, a privacy activist in New York.

Although the United States has never officially acknowledged Echelon's
existence, dozens of investigative reports over the past decade have
revealed a maze-like system that can intercept telephone, data,
cellular, fax, and email transmissions sent anywhere in the world.

Previously, Echelon computers were thought to be able to scan millions
of telephone lines and faxes for keywords such as "bomb" and
"terrorist." But Campbell's report maintains that the technologies to
perform such a global dragnet do not exist.

Instead, Campbell said that the system targets the communications
networks of known diplomats, criminals, and industrialists of interest
to the intelligence community.  The report charges that popular
software programs such as Lotus Notes and Web browsers include a "back
door," through which the NSA can gain access to an individual's
personal information.

Citing a November 1997 story in the Swedish newspaper, Svenska
Dagbladet, the report said that "Lotus built in and NSA 'help
information' trapdoor to its Notes system, as the Swedish government
discovered to its embarrassment."

The report goes on to describe a feature called a "workfactor
reduction field" that is built into Notes and incorporated into all
email sent by non-US users of the system. The feature reportedly
broadcasts 24 of the 64 bits of the key used for each communication,
and relies on a public key that can only be read by the NSA.

Lotus could not be reached for comment.

The new report emerges as politicians on both sides of the Atlantic
are growing increasingly concerned about Echelon and its capabilities.

"I believe that it's time that there is some congressional scrutiny of
the Echelon project and I am examining a way to do that," said
Representative Bob Barr (R-Georgia). "I understand the need for
secrecy -- I was with the CIA myself -- but Echelon has raised some
questions about fundamental policy and constitutional rights."

Barr is concerned that the NSA is using its Echelon partners to help
it sidestep laws that forbid the US government from spying on its own
people.

So far, there has been very little scrutiny of spy systems in the
United States, according to Patrick Poole, a privacy advocate and
lecturer in government and economics at Bannock Burn College in
Franklin, Tennessee.

"The only significant examination of spy systems in the United States
was the Church Report, which was prompted by Watergate in the early
'70s," said Poole.  "I hope that Europe's interest in the Echelon
system will spark some new debate in the US."

Echelon is believed to be principally operated by the NSA and its
British counterpart, the Government Communications Headquarters. The
system also reportedly relies on agreements with similar agencies in
other countries, including Canada's Communications Security
Establishment, Australia's Def

ADMIN: enough programming-as-communication...

[Perry E. Metzger]

I'm going to start ruthlessly trimming the programming thread shortly.

.pm

code

[Perry E. Metzger]

I have to utterly disagree with EKR.

1) I make substantial effort to make sure my code is readable. If the
so-called programmers you know don't do that, well, so what? Every
class I had when getting my degree drummed structured coding, comments 
and readability in to me. Maybe some coders don't do that, but many
people can't write clear English either, and that doesn't make English 
not a language for humans to read.
2) Comments exist EXPLICITLY to communicate to humans.
3) free() is no less "for my benefit" than "char *foo". Sure, Java
doesn't have free(). Lisp doesn't have "char *foo". "So what?" -- in
different languages, there are different models of
computation. Keeping track of memory in an algorithm is just as
important as knowing what types are in certain models. Your example is 
completely specious.

Source code exists for people first, computers second. If this were
not the case, we'd all just write code in machine language. High level 
languages exist *explicitly* to make it easier for people to
comprehend computation tasks. Communicating algorithms, both to the
reader who is not the author, and later to the author of the code
himself, is why we use high level languages.

Maybe Mr. Rescorla doesn't believe it, but I do, and it is the
doctrine taught in every decent CS curriculum in the world.

Perry

Code-As-Speech

[Perry E. Metzger]

I hate to say this, because it sounds "convenient" and "weird", but I
really believe that much source code *is* expression in the first
amendment sense that the 9th circuit held.

It isn't for nothing that for decades, students of computer science
have had beaten into their skulls "remember, code is not primarily for 
computers -- it is for *people*. Someone else will have to read what
you write. Make it clear, make it possible for them to understand it,
use comments, use descriptive variable names, etc." Why did we create
comments if humans weren't a primary target of code? Why did Knuth
waste all that time on exercises like "literate programming"?

One of the bigger pains in the buttocks the whole EAR regime has
given me is the inability to freely communicate with colleagues. If I
want to tell someone how something is done, I can't send them code. I
have to use a less expressive, less precise method of
communication.

Anyway, enough of a rant...

Perry

Neal Stephenson's "Cryptonomicon"

[Perry E. Metzger]

I got Neal Stephenson's "Cryptonomicon" some days ago.

My micro-review:

Amazingly good. As usual, Stephenson has no idea how to end a book,
but that barely matters -- the ride he takes you for is exceptional,
anyway.

The plot? Well, it would be hard to say what the book is about even if 
I wanted to. Lets just say that the story is a loose weave of several
threads, some taking place in the Second World War, some taking place
roughly now. Some of the threads directly involve cryptography, some
do not. You'll be happier just reading it, instead of reading about it.

Perry

IP: Latest developments on international interception policy (fwd)

[Perry E. Metzger]

Forwarded from Dave Farbers' IP list:

>From: Duncan Campbell <[EMAIL PROTECTED]>
>Subject: Latest developments on international interception policy 
>
>THE ENFOPOL AFFAIR
>
>INTERNATION COLLABORATION ON TAPPING : THE HIDDEN HAND OF ILETS
>
>30 APRIL 1999
>
>
>To : John Young (www.jya.com), uk-crypto, LACC, IP, others
>
>  From : Duncan Campbell(mailto:[EMAIL PROTECTED] http://www.gn.apc.org/duncan)
>
>This note contains pointers to articles just published about the latest 
>developments in European Union communications interception policy, 
>including monitoring the Internet.  The most important article identifies a 
>hitherto unknown FBI-founded organisation called ILETS, which has met in 
>secret for 6 years, and which has - unknown until now - led initiatives 
>around the world to build comprehensive interception systems into new 
>telecommunications systems.
>
>The full story about ILETS is published this week in Telepolis, the 
>European on-line magazine, at:
>http://www.heise.de/tp/english/special/enfo/6398/1.html
>
>And in German at:
>http://www.telepolis.de/tp/deutsch/special/enfo/6396/1.html
>
>The news story is in English in the Guardian (UK) at:
>http://www.newsunlimited.co.uk/The_Paper/Weekly/Story/0,3605,45981,00.html
>
>And also in Telepolis:
>http://www.heise.de/tp/english/special/enfo/6397/1.html
>
>And in German at:
>http://www.telepolis.de/tp/deutsch/special/enfo/6395/1.html
>
>The latter three reports describe how the latest version of the ENFOPOL 
>interception plan has just been leaked in London. It reveals that although 
>the name of the key document has been changed, European officials still 
>want to make tapping the Internet official European policy by the end of 
>May. They are pressing on, despite domestic opposition in Germany and 
>Austria and recent criticism by the European Parliament.
>
>The new document is called ENFOPOL 19. It was obtained this week by the 
>Foundation for Information Policy Research (FIPR).  (The name ENFOPOL (Law 
>ENFOrcement/POLice matters) is the generic title given to documents on 
>these subjects by the European Commission.)
>
>FIPR has put the ENFOPOL 19 document online at:
>http://www.fipr.org/polarch/index.html
>
>These articles bring up to date the story of secret co-operation on 
>interception between the US, Canada, Australia, New Zealand, the UK (ie, 
>the UKUSA group), and the so-called "G5" group of EU nations (Germany, 
>France, Sweden, the Netherlands and the UK).  Outside, the EU Norway and 
>Hong Kong are members of ILETS.Within the EU, Austria, Belgium, 
>Luxembourg, Ireland, Italy, Greece, Eire, Denmark, Finland, Spain and 
>Portugal have participated in ILETS.
>
>This co-operation was first noticed in 1997, when the Statewatch group in 
>London found and publicised an EU resolution on interception that had been 
>adopted in January 1995, but which was not published until November 1996.
>
>Observers noted that the European 1995 policy bore an unmistakable 
>resemblance to US legislation, in particular the 1994 Communication 
>Assistance to Law Enforcement Act (CALEA).   Since then legislation passed 
>and/or proposed in Australia and other EU states has shown the same 
>similarities.
>
>The article about ILETS now reveals how this has happened, through a common 
>technical document called "IUR1.0" or "IUR95".
>
>An updated IUR, which made new demands for Internet interception, security 
>measures, automatic downloading of subscriber personal information (among 
>other measures) was drawn up in 1998.   In September 1998, it was presented 
>to the EU's Police Co-operation Working group as "ENFOPOL 98".
>
>In November 1998, the German on-line magazine Telepolis obtained and 
>published ENFOPOL 98.  The stories above describe how ENFOPOL 98 has 
>progressed since.
>
>The original ENFOPOL 98 story was reported in English in December 1998:
>http://www.gn.apc.org/duncan/Enfopol_98_Obs.htm
>
>Telepolis has put the original (and scary) ENFOPOL 98 plan online at:
>http://www.heise.de/tp/deutsch/special/enfo/6334/1.html
>
>And in German at:
>http://www.telepolis.de/tp/deutsch/special/enfo/6326/1.html
>
>Erich Moechel and Armin Medosch have published English language accounts of 
>their scoop at:
>http://www.telepolis.de/tp/english/inhalt/te/1667/1.html
>http://www.telepolis.de/tp/deutsch/special/enfo/6329/1.html
>
>The original scoop (in German) is at:
>http://www.heise.de/tp/deutsch/inhalt/te/1663/1.html
>
>
>1999 STOA REPORT ON GLOBAL COMMUNICATIONS SURVEILLANCE AND ECHELON
>
>Further information about ILETS and communications interception will be 
>published in the near future by STOA, the Science and Technology Options 
>Assessment Office of the European Parliament.   This is contained in a 
>detailed report I have written for STOA, "Interception Capabilities 2000" 
>(IC2000).
>
>The full title of the IC2000 report is "The state of the art in 
>Communications intelligence (Comint) of automated processing for 
>intelligence purpose

Shamir designs cryptanalysis machine

[Perry E. Metzger]

A reader wrote in to point this out (unfortunately, he didn't make it
clear whether he wanted his message forwarded):

Israeli Scientist Reports Discovery of Advance in Code Breaking

http://www.nytimes.com/library/tech/99/05/biztech/articles/02encr.html

old cypherpunks archives

[Perry E. Metzger]

If anyone knows where I can get *really* old Cypherpunks archives
(back to 1992), please send me some mail.

Perry

FYI....

[Perry E. Metzger]

Columbia Institute for Tele-Information presents:

NEW PROPOSALS TO BRIDGE THE ENCRYPTION DEBATE

Amitai Etzioni
Professor, George Washington University and 
Founder, Communitarian Movement

Moderator:
Richard L. Field, Esq.,
Chair, Electronic Commerce Payment Committee, ABA

Respondents:
David Kelly, Institute for Objectivist Studies
Perry E. Metzger, Piermont Information Systems, Inc.
Frank Sudia, Internet Financial PKI Consultant

History indeed repeats itself.  Nowhere does this seem more true than in
the perennial encryption debates.  Spurred by the spread of the Internet
and electronic communications, the various sides have defined their
positions, declared their differences to be irreconcilable, and dug in for
the long battle.  At issue are our fundamental social values.  Some see a
future threatened from the outside -by rogue governments, terrorists,
criminals, industrial spies, and tax evaders.  Others see the more
insidious threat as coming from the inside -a "big brother" government
whose unblinking eye monitors and controls all its citizens.  In addition,
commercial interests want an environment that is conducive to global
business.  The cost of a prolonged encryption war of attrition is
substantial.  Encryption technology is an essential component of
electronic commerce.  It encodes computer messages and files, keeping
transmissions and stored records private and secure from unauthorized
alteration and surveillance.  It also allows parties to use secure "digital
signatures".  The Administration's current system of encryption export
controls and its intense global advocacy of government monitoring
capabilities for encrypted messages has received a mixed response,
with many countries rejecting aspects of the U.S. position in favor of
trade and privacy interests.  Professor Etzioni, author of The Limits of
Privacy, will offer his roadmap to balancing these competing interests. 
Respondents will review his conclusions from the business, technology,
and individualistic perspectives.

WEDNESDAY, APRIL 14, 1999, 5:30 PM
142 Uris Hall  COLUMBIA UNIVERSITY
Columbia Institute for Tele-Information
Columbia University
Graduate School of Business
809 Uris Hall
New York, NY 10027
RSVP to: Columbia Institute for Tele-Information
Fax:212 932-7816
Phone:  212 854-4222
E-mail: [EMAIL PROTECTED]

Big Brother Awards

[Perry E. Metzger]

Cute link someone just forwarded me:

http://www.bigbrotherawards.org/

McCain URL

[Perry E. Metzger]

Dave Anderson wrote to note both that McCain's original press release
is at:

http://www.senate.gov/~mccain/encrypt.htm

Perry

Senator John McCain ends support of key escrow

[Perry E. Metzger]

Senator John McCain ends support of key escrow, joins Senators Burns,
Leahy and Wyden in sponsoring liberalization legislation. This could
be a major reversal for the anti-crypto forces -- Senator McCain was a 
big obstacle to crypto export deregulation in the past.

NY Times URL:

http://www.nytimes.com/library/tech/99/04/biztech/articles/02encrypt.html

Remember you can use "cypherpunks/cypherpunks" as a login and password 
on the NY Times site.

If anyone knows of a non-restricted URL with details on this, please
post it.

Perry

RSA trademark claim note to IEEE

[Perry E. Metzger]

This is a jpg of the letter sent to the IEEE about the use of the term 
"RSA" in standards:

http://grouper.ieee.org/groups/1363/letters/SecurityDynamics.jpg

Neal Stephenson's "Cryptonomicon"

[Perry E. Metzger]

Neal Stephenson's novel "Cryptonomicon" appears to have its own web
site now.

http://www.cryptonomicon.com/

Perry

[John Gilmore ] RSA claiming trademark on all uses of "RSA" to describe algorithm

[Perry E. Metzger]

I realized no copy of the original of this had gone out so I thought
I'd forward this...




> This is a stds-p1363 broadcast.  See the IEEE P1363 web  page
> (http://grouper.ieee.org/groups/1363/)  for more information,
> including how to subscribe/unsubscribe.
> --
> 
> Security Dynamics Technologies, Inc. has sent a letter to the P1363
> working group regarding trademark protection of the RSA name.  The letter
> is now available from our patents page
> http://grouper.ieee.org/groups/1363/patents.html
> or directly at
> http://grouper.ieee.org/groups/1363/letters/SecurityDynamics.jpg

Now that their patent is getting ready to expire (next fall), RSA is
trying to crack down on anyone who refers to the use of the
algorithm by calling it "RSA".  They don't mind if you call it "type
1" or something else meaningless and irrelevant, though.  This is a
new low for a company known for self-serving legal bluster.

You would think they'd prefer to have people mentioning their corporate
name all over the place, but now that the algorithm has wide recognition,
they seem to want to make sure that nobody *else* can say their product
does RSA.  Even if it does.  If they can't keep you from competing,
at least they want to prevent you from advertising that you compete.
They aren't asking much...

Perhaps we should have a little contest for what to call the RSA
algorithm, given RSA's objection to calling a shovel a spade.  ASR
perhaps?  Though ASS is tempting, I wouldn't want to gratuitously
eliminate Ron Rivest's initial.  SAR as in what a SARry company?  RAS,
to send a RASberry to the lawyers?

"EFN" is rot13 of RSA, can we make up a good phrase that it's
supposed to stand for?  Electronic Freedom Now?  (Well, after Oct 2000
anyway.)  Extra Funny Name?  Elegant Fraud Nixer?  Embargoed For Now?

STB is RSA+1 (as in IBM and HAL); any good phrases lurking in there?

RAL are the first (rather than last) initials of the inventors.
Then there's RRASLA, the first and last initials.

There's always completely new names: "ExpoMax", "FactorThis!",
"SuperSig", "RonFish", etc...

John

PS: The alternative, of course, is to ignore them and keep using the
term "RSA".  Let them prove to a court that they own the term, which
was in use before they formed the company and which was created in the
traditional scientific community naming convention (after the names of
the inventors).  Or intervene in their trademark filings, saying the
term has wide use in the scientific and technical literature and that
they're trying to inappropriately monopolize it to replace their
expiring patent protection.  Does anyone out there work for a company
that would like to continue using the term "RSA" after you don't have
to pay the company for the patent any more?  (I'm sure if you continue
to pay them, they'll be glad to let you keep using the word; but you
might have other ideas.)  Which would be cheaper?  Having your
lawyers write a few letters to trademark agencies in various
countries now?  Or negotiating with good old "How much you got?" RSA?

new bill getting through congress?

[Perry E. Metzger]

Anyone know anything about this?

Thursday March 11 11:15 AM ET 

Bill To Relax U.S. Controls On Encryption Advances

WASHINGTON (Reuters) - A bill to relax strict U.S. export controls on
computer data-scrambling products passed a small hurdle Thursday,
gaining approval from a House Judiciary subcommittee by voice vote.

The measure, authored by Virginia Republican Bob Goodlatte, next moves
to the full House Judiciary Committee. As many as four other House
panels may also have a chance to amend the bill before it moves to the
House floor.

No amendments were offered to the bill, which would allow strong
encryption products out of the country if similar products were
already widely available from other nations.

The Clinton Administration relaxed some export controls last year, but
has in the past opposed Goodlatte's approach as going too far.

FWD: 20th Anniversary IEEE Security and Privacy Call for Participation

[Perry E. Metzger]

From: <[EMAIL PROTECTED]>
Subject: 20th Anniversary IEEE Security and Privacy Call for Participation
To: <[EMAIL PROTECTED]>
Date: Wed, 10 Mar 1999 18:04:28 -0500 (EST)
Reply-To: <[EMAIL PROTECTED]>
X-From-Line: [EMAIL PROTECTED] Wed Mar 10 18:24:58 1999
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: from frankenstein.piermont.com (frankenstein.piermont.com [206.1.51.17])
by jekyll.piermont.com (Postfix) with ESMTP
id 010BC166; Wed, 10 Mar 1999 18:24:57 -0500 (EST)
Received: by frankenstein.piermont.com (Postfix)
id A90CE1825; Wed, 10 Mar 1999 18:24:57 -0500 (EST)
Delivered-To: [EMAIL PROTECTED]
Received: from itd.nrl.navy.mil (s2.itd.nrl.navy.mil [132.250.83.3])
by frankenstein.piermont.com (Postfix) with ESMTP id 246921816
for <[EMAIL PROTECTED]>; Wed, 10 Mar 1999 18:24:54 -0500 (EST)
Received: from localhost (daemon@localhost)
by itd.nrl.navy.mil (8.8.8/8.8.8) with SMTP id SAA26205;
Wed, 10 Mar 1999 18:22:27 -0500 (EST)
Received: by itd.nrl.navy.mil (bulk_mailer v1.9); Wed, 10 Mar 1999 18:04:28 -0500
Received: (from syverson@localhost)
by itd.nrl.navy.mil (8.8.8/8.8.8) id SAA25653
for cipherdist; Wed, 10 Mar 1999 18:04:28 -0500 (EST)
Message-Id: <[EMAIL PROTECTED]>
Return-Path: <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]
Lines: 350
Xref: jekyll.piermont.com other:3669

An issue of Cipher is coming soon. I am sending this Special 20th
Anniversary Symposium Announcement out now, rather than waiting to
include it in the forthcoming issue.

Sincerely,
Paul Syverson

 1999 IEEE Symposium on Security and Privacy
   Special 20th Anniversary Program

   May 9-12, 1999
The Claremont Resort
Berkeley, California
 Sponsored by the IEEE Technical Committee on Security and Privacy
  In cooperation with the International Association of Cryptologic Research

Symposium Committee:
 John McLean, General Chair
 Jonathan Millen, Vice Chair
   Li Gong, Program Co-Chair
  Michael Reiter, Program Co-Chair

PRELIMINARY PROGRAM

--
Sunday, May 9, 1999
--
5:00pm Registration
6:00pm Reception
--

Monday, May 10, 1999
--
8:00am Registration
8:45am-9:00am Welcome: Chairs
--
9:00am-10:30am Systems
Session Chair: Roger Needham, Microsoft Research

Hardening COTS software with generic software wrappers
Timothy Fraser, Lee Badger, Mark Feldman
TIS Labs at Network Associates, Inc.
 
Firmato: A novel firewall management toolkit
Yair Bartal, Alain Mayer, Kobbi Nissim, Avishai Wool
Lucent Bell Labs
 
Flexible policy-directed code safety
David Evans, Andrew Twyman
MIT
-
10:30am-11am coffee break
-
11:00am-12:00pm Policy
Session Chair: Ravi Sandhu, George Mason University
 
Local reconfiguration policies
Jonathan K. Millen
SRI International
 
A modular, user-centered authorization service built on an RBAC foundation
Mary Ellen Zurko, Richard T. Simon, Tom Sanfilippo
Iris Associates, EMC, Groove Networks
 

12:00pm-12:30pm Surprise

12:30pm-02:00pm Lunch

2:00pm-3:00pm Verification
Session Chair: John Mitchell, Stanford University
 
Secure communications processing for distributed languages
Martin Abadi, Cedric Fournet, Georges Gonthier
Compaq Systems Research Center, Microsoft Research, and INRIA
 
Verification of control flow based security policies
T. Jensen, D. Le Metayer, T. Thorn
IRISA
 

3:00pm-3:30pm coffee

3:30pm-5:00pm Panel Discussion

Brief History of Twenty Years of Computer Security Research
Panel Chair: Teresa Lunt, Xerox PARC
Panelists: 

G.R. Blakley, Texas A&M University
20 years of cryptography

Virgil Gligor, U Maryland
20 years of operating system security (Unix as one focus)

Steve Lipner, MITRETEK 
20 years 

Junger v. Daley press release

[Perry E. Metzger]

I just got an ASCII version of this -- sorry for the delay.

--


Press Release
For Immediate Release
March 2, 1999



Ohio ACLU Files Brief in Internet Appeal

Cleveland Law Professor Seeks Right to Publish 
Encryption Information Online



For More Information, Contact:

Raymond Vasvari, Legal Director, ACLU of Ohio, 216-781-6277
Gino J. Scarselli, Associate Legal Director, ACLU of Ohio, 216-781-6277



The American Civil Liberties Union of Ohio filed a brief yesterday in
the United States Court of Appeals, on behalf of a Cleveland law
professor who wants to publish encryption information on his World
Wide web site.  Peter D. Junger is a law professor at Case Western
Reserve University in Cleveland.  He teaches a class in computers and
the law .

In August 1996, Junger filed suit in federal court, challenging
government regulations that prohibit him from publishing certain
programing language online without a government licence.  Gino
Scarselli, one of three lawyers representing Junger, explained that
the licensing requirement violates the First Amendment right to free
expression, because it forces Junger to submit his work to a censor
before publishing it online. The Commerce Department, and the super
secret National Security Agency, two of the defendants in the Junger
case, contend that programming languages are functional and not
expressive.  United States District Judge James Gwin in Akron agreed,
ruling against Junger on July 2, 1998.  Junger has appealed the
decision, with the help of the ACLU.

In the brief filed yesterday, ACLU lawyers argued that the district
court failed to recognize the significance of programming languages,
which for tens of thousands of computer processionals are a basic
means of communication.  "Computer scientists need these languages to
communicate complex ideas with precision. They should not need
government permission to share those ideas with colleagues via the
Internet," said Raymond Vasvari, another of Junger's attorneys.  The
brief filed yesterday also faults government regulations for a lack of
procedural safeguards to ensure even handed enforcement. The
government will file its brief next month, and Junger will have an
opportunity to respond in writing before the case is argued before the
Sixth Circuit Court of Appeals, in Cincinnati.  The Junger case has
attracted national attention.  It is one of only three cases
nationwide to challenge the government regulations in question.

--

[Fisher Mark (by way of Vin McLellan)] Breaking RSA may not be equivalent to factoring (Fwd)

[Perry E. Metzger]

I forgot to send this on last week.




[Fwd from Cypherpunks]

Some recent work from EUROCRYPT '98:
http://theory.stanford.edu/~dabo/abstracts/no_rsa_red.html
(abstract)
http://theory.stanford.edu/~dabo/papers/no_rsa_red.ps.gz (full
paper, gzipped PostScript)

However, they've only proved that breaking RSA != factoring, so they don't
think they've exposed any weakness in RSA.  Just another
datapoint...

==
Mark Leighton Fisher  Thomson Consumer Electronics
[EMAIL PROTECTED]   Indianapolis, IN
"Browser Torture Specialist, First Class"

ADMIN: stopping the bearer/settlement thread

[Perry E. Metzger]

I'm calling a halt to forwarding more of the bearer certs/instant
settlement/etc. thread for the moment -- I think the horse is dead.

Perry

ADMIN: cutting back the flood

[Perry E. Metzger]

There have been a flood of messages about the Intel announcement and
the question of compelling testimony about keys and such. I'm going to 
start ruthlessly cutting them back over the next half day.

.pm

Lawsuit filed to block "Internet Wiretaps"

[Perry E. Metzger]

FYI, originally to "Interesting People"

--- Start of forwarded message ---
Date: Fri, 19 Nov 1999 05:41:46 -0500
From: Dave Farber <[EMAIL PROTECTED]>
Subject: IP: Lawsuit filed to block "Internet Wiretaps"


>Date: Fri, 19 Nov 1999 00:38:28 -0800
>From: Martin Minow <[EMAIL PROTECTED]>
>Subject: Lawsuit filed to block "Internet Wiretaps"
>X-Sender: [EMAIL PROTECTED]
>To: [EMAIL PROTECTED], [EMAIL PROTECTED]
>Cc: [EMAIL PROTECTED]
>
>The New York Times web site (free, but registration required)
>reports that two civil liberties groups, EPIC and ACLU, filed
>suit challenging FCC rules that allow the U.S. government to
>monitor the Internet and other communications systems, such
>as cell phones. A separate suit was filed by the Electronic
>Frontier Foundation.
>
>'In their suit, the plaintiffs claim that the FCC rules exceed the
>requirements of CALEA and violate the Fourth Amendment, which
>prohibits "unreasonable searches and seizures."'
>
>The article is currently available at
>, and
>might also be available on the CNET site .
>
>Martin Minow
>[EMAIL PROTECTED]



--- End of forwarded message ---

SAFE returns?

[Perry E. Metzger]

Quite a week. India threatens to ban U.S. weakened crypto, France
takes step towards permitting the domestic use of cryptography, and
now SAFE is being re-introduced

http://www.news.com/News/Item/0,4,31032,00.html

   Crypto policy back in the spotlight 
   By Courtney Macavinta
   Staff Writer, CNET News.com
   January 15, 1999, 2:15 p.m. PT 

   CUPERTINO, California--Despite an emerging Cold War-like attitude
   toward China's access to sophisticated U.S. technologies, Silicon Valley
   Rep. Zoe Lofgren today said she plans to reintroduce legislation to ease
   export controls on encryption.

India may prohibit use of US software for finance

[Perry E. Metzger]

It appears the Indian government has become concerned about
U.S. cryptographic crippleware hurting Indian financial institutions,
and may require locally developed software with strong crypto.

See:
http://www.economictimes.com/120199/lead2.htm

Perry

[Ed Gerck ] Unicity, DES unicity, open trust and "open-keys"

[Perry E. Metzger]

Perry:

Would you so kind as to fwd this message and not the other one? This
is better ... and  shorter ;-)

Thanks,  Ed


---

List:

[ Complete text at  http://www.mcg.org.br/unicity.txt ]

This exposition initially revisits the concept of "unicity" and shows
that key-length is not the most important parameter to evaluate the
security of cryptographic systems, discussing possible weaknessess in
current systems and alternatives as well.

Applying the concepts developed, the paper shows that DES English
messages can be brute-force attacked over a plaintext space of only 3
characters -- instead of the currently assumed limit of 20
characters. It also shows that the low-end limit of security/key-bit
is occupied by DES. This result immediately impacts the assumed
security of SSL, S/MIME and other protocols that use DES. It further
shows that re-keying is not of very much use under DES, even if done
out-of-band, since one would have to re-key after every two
characters of text.

The exposition also advances other topics to motivate discussion of
higher-security cipher systems, even when short key-lengths need to
be used. Specially, concrete examples show the usefulness of "open
trust" (i.e., open-keys) to increase security -- in addition to the
currently exclusive use of "closed trust" (i.e., secret-keys). Since
open-keys are public, the concept may afford a way to increase
security even within imposed secret-key key-length limitations.

By allowing the secure use of smaller secret-keys, the open-key
concept can have other applications, such as in smart-cards, digital
signatures, authentication, non-repudiation, etc.


Comments are welcome.

Cheers,

Ed Gerck
__
Dr.rer.nat. E. Gerck [EMAIL PROTECTED]
http://novaware.com.br
 ---  Meta-Certificate Group member -- http://www.mcg.org.br  ---

"teach a man to fish, though, and..."

[Perry E. Metzger]

Howdy, all.

Following the recent international developments, I've decided that I
want to do more to help spread strong cryptography technology
throughout the world. I've realized that one of the things I could be
doing is teaching courses on cryptography. I'm told I'm a pretty good
instructor, so it would seem to be a good way to leverage my time. If
I build a piece of cryptographic software, I can only devote one man's
worth of effort to it, but if I can teach 100 people how to build
cryptosystems in that time, I'll effectively multiply my personal
leverage, even if only a few of the students end up applying the
technology.

The more people we get understanding the technology, the more people
will be incorporating it into our infrastructure, and the more people
will understand why we must stop controls on the distribution of
strong cryptographic systems.

I'm therefore announcing my availability for this purpose, and
soliciting help in finding fora in which I can spread the
knowledge. I'm most interested in doing this in the New York City
area, although I'm happy enough traveling to places (even overseas) to
teach short intensive courses provided I get compensated (since if I
travel I can't see my consulting clients).

If anyone has any contacts or is willing to help me with getting
speaking and teaching gigs of this sort, or otherwise has leads,
please let me know.

Perry

[Steve Coya] Harmful changes to Wassenaar Arrangement

[Perry E. Metzger]

FYI, from the IETF Secretariat.





The IAB and the IESG deplore the recent changes to the Wassenaar
Arrangement (http://www.wassenaar.org) that further limit the
availability of encryption software by including it in the Wassenaar
agreement's list of export controlled software (section 5.A.2.a.1
of the list of dual-use goods, WA LIST 98 (1)).  As discussed in
RFC 1984, strong cryptography is essential to the security of the
Internet; restrictions on its use or availability will leave us
with a weak, vulnerable network, endanger the privacy of users and
businesses, and slow the growth of electronic commerce.

The new restrictions will have a particularly deleterious effect
on smaller countries, where there may not be enough of a local
market or local expertise to support the development of indigenous
cryptographic products.  But everyone is adversely affected by
this; the Internet is used world-wide, and even sites with access
to strong cryptographic products must be able to talk to those who
do not.  This in turn endangers their own security.

We are happy that the key size limit has been raised in some cases
from 40 bits to 64; however, this is still too small to provide
real security.  We estimate that after a modest capital investment,
a company or criminal organization could crack a 64-bit cipher in less
than a day for about $2500 per solution.  This cost will only drop
in coming years.  A report released about three years ago suggested
that 90-bit keys are the minimum for long-term security.

   Brian Carpenter (IAB Chair)
   Fred Baker (IESG and IETF Chair)

Richard Stallman: Encryption software volunteers needed in countries without export control

[Perry E. Metzger]

[Please re-post this as widely as possible, wherever appropriate]

The US has scored a major victory in the global campaign against
freedom and privacy rights, by persuading 33 major countries to
prohibit export of free encryption software.  These countries are the
ones that are party to the Wassenaar agreement (see list below).

The agreement is not final; putting it into effect would require new
laws or regulations in each country, and in some countries it might be
possible to organize politically to block this.  If you are a citizen
of a country listed below, please talk with your legislators and urge
them to refuse to ratify the agreement.  See www.epic.org for more
information.

However, anticipating the possibility that these laws will go through,
we need to find volunteers in countries which are not signatories to
take over development and distribution of encryption software such as
the GNU Privacy Guard and PSST.  We are looking for (1) an ftp site
from which to distribute the software, and (2) people to carry on
the development work.

If you have contacts in any non-signatory country, please circulate
this message as widely as possible in your country, looking for people
who might want to volunteer for GNU software development.
Non-signatory countries that come to mind as possible places where
free encryption software can be developed include Mexico, India,
Croatia, China, South Africa, and perhaps Israel.  However, any
country is ok if its laws do not prevent the work.

Big Brother has won a battle, but the war is not over.


List of countries signing the Wassenaar agreement:

Argentina, Australia, Austria, Belgium, Bulgaria, Canada, Czech Republic, 
Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, 
Japan, Republic of Korea, Luxembourg, Netherland, New Zealand, Norway,
Poland, Portugal, Romania, Russia, Slovakia, Spain, Sweden, Switzerland, 
Turkey, Ukraine, United Kingdom and United States.

"Black Unicorn": Wassenaar in Switzerland (German)

[Perry E. Metzger]

I'll do a translation when I have time.  (Note that this could be as late as
next week).

Montag, 14. Dezember 1998



Verschleierungstaktik bei Kryptopolitik

Neue Exportbeschränkungen für Verschlüsselungsprodukte

Auf Druck der USA haben letzte Woche in Wien 33 Staaten, darunter auch die
Schweiz, neue Bewilligungspflichten für den Export von
Verschlüsselungssoftware vereinbart. Die Umsetzung bleibt dabei aber den
einzelnen Staaten überlassen. Die Vereinbarung dürfte in der Schweiz und in
Europa kaum Änderungen der bisherigen Praxis bewirken.

Die Meldung, dass die USA europäische Staaten zu verschärften Kontrollen
beim Export von Verschlüsselungssoftware hätten zwingen können, sorgte
letzte Woche für Aufregung. Doch die Vereinbarung, die der Sonderbeauftragte
der Vereinigten Staaten, David Aaron, amerikanischen Journalisten als
grossen Sieg der USA verkaufte und die in der Folge von einigen
Kommentatoren als Niederlage für den Rest der Welt gewertet wurde, ändert
genau betrachtet die Bedingungen beim Verkauf und bei der Nutzung von
Software für die Verschlüsselung von Computerdaten kaum. Nach wie vor ist es
schwierig, leistungsfähige Verschlüsselungssoftware aus den USA zu
exportieren, nach wie vor ist es möglich, dass etwa Schweizer Firmen ihre
leistungsfähigen Kryptoprogramme auch ausserhalb der Schweiz verkaufen. Dass
die Revision der Wassenaar-Vereinbarung in der Öffentlichkeit Aufregung
verursachte, liegt weniger am Inhalt als eher daran, dass der US-Diplomat
die Stimmungslage für eine PR-Aktion zu nutzen suchte. Dies sorgte in
europäischen Regierungskreisen für Kopfschütteln.

Sturm im Wasserglas

In der Praxis dürften die letzte Woche an einer Plenartagung in Wien
getroffenen Änderungen der Wassenaar-Vereinbarung - des 1996 geschaffenen
Nachfolgers der Technologie-Ostexportkontrollbehörde COCOM - vorerst wenig
Auswirkungen zeigen. Der Wassenaar-Vereinbarung gehören neben den USA
weitere 32 Industrienationen, darunter die Schweiz und auch die meisten
osteuropäischen Staaten und Russland, an. Die Vereinbarung ist weder
«self-executing» noch rechtlich verbindlich, muss also von den einzelnen
Staaten national umgesetzt werden. Schon bisher sah sie im Rahmen der
Exportkontrollen eine Bewilligungspflicht für die Ausfuhr von
Verschlüsselungstechnik in Nichtmitgliedstaaten vor, da solche Produkte
meist als «Dual Use»-Produkte betrachtet werden, weil sie sich auch
militärisch einsetzen lassen. Software, die wie etwa Web-Browser oder
E-Commerce-Server als sogenannte «mass market products» vertrieben wurden,
war davon aber ausgenommen.

Neu soll auf Druck der USA auch die Ausfuhr solcher Software einer
Bewilligungspflicht unterliegen, sofern sie Schlüssel verwendet, die länger
sind als 64 Bit. Für den Export in die Unterzeichnerstaaten der Vereinbarung
sind aber weiterhin keine Exportkontrollen vorgeschrieben; in vielen Fällen
ändert sich also schon deswegen nichts. Hinzu kommt, dass für Software, die
wie die Freeware-Version von Pretty Good Privacy (PGP) im Internet kostenlos
und frei erhältlich ist («in the public domain»), gegen den Willen der USA
nach wie vor keinerlei Restriktionen vorgeschrieben werden. Die Vereinbarung
erlaubt es den einzelnen Staaten aber auch, eigene, schärfere
Exportbeschränkungen einzuführen, wie sie etwa die USA kennen.
Computerbenutzer, die aus den USA Internet-Software mit starken
Verschlüsselungsfunktionen beziehen wollen, können also nach wie vor
Probleme haben. Für Verschlüsselungshardware, wie sie auch hierzulande
hergestellt wird, sieht die revidierte Vereinbarung von Wassenaar zwar eine
Lockerung vor: für solche Produkte wie auch für Nichtmassenmarkt- Software
sind bei Schlüsseln bis 56 Bit künftig keine Exportbewilligungen mehr nötig.
Da sichere Verschlüsselungssysteme heute aber mit 128 Bit oder mehr arbeiten
müssen, ist diese Lockerung in der Praxis de facto irrelevant.

Keine Auswirkungen für die Schweiz

«Für die Schweiz wird die Anpassung der Vereinbarung praktisch keine
Auswirkungen haben», versichert Othmar Wyss vom zuständigen Bundesamt für
Aussenwirtschaft (Bawi) auf Anfrage. Bruno Wildhaber, bei der
US-Kryptospezialistin Entrust für Strategien in Europa verantwortlich,
rechnet für Schweizer Firmen sogar mit einer «noch besseren Marktposition im
Inland». Die Stellung der US-Anbieter sei «einmal mehr» geschwächt worden.
Die USA hätten zwar massiv Druck ausgeübt, damit Massenmarktsoftware in der
Zukunft Exportkontrollen unterstellt würde. Es sei aber anzunehmen, «dass
die europäischen Länder und Kanada diesem Druck nicht oder nur sehr
beschränkt nachgeben werden», sagt Wildhaber. Der Entscheid über die
Erteilung einer Exportbewilligung liegt denn auch bei den einzelnen Staaten
und kann eine reine Formsache sein. Das Bawi denkt bereits über weltweit
gültige Generalausfuhrlizenzen für Massenmarktsoftware nach.

Zwar trifft es zu, dass die USA in der jüngsten Fassung der Vereinbarung
einige zentrale Anliegen ihrer Kryptopolitik international einbringen
konnten.