Re: Anti-snooping operating system close to launch

[Morlock Elloi]

> Anti-snooping operating system close to launch

http://www.m-o-o-t.org/ didn't change much code-wise in the last year or so,
except for the "news" section.



=
end
(of original message)

Y-a*h*o-o (yes, they scan for this) spam follows:
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Key verification schemes...

[Curt Smith]

(in response to a topic mentioned in various threads)

I agree that neither CA-verification nor WoT-verification is as
useful as Key Fingerprint-verification for secure communication
between crypto-aware individuals.  After all, CA's can be
subverted and WoT is probably best used as a back-up option
when direct key verification is not possible.  Key Fingerprints
can be verified in both PGP and S/MIME, but neither system
enforces it.  I would prefer for Key Fingerprint-verification
to be more central to the system.

--- [EMAIL PROTECTED] wrote:
...
> The hierarchical verisign model is useful when one wishes to 
> verify that something comes from a famous and well known 
> name --that this software really is issued by Flash, that 
> this website really does belong to the Bank of America.  In 
> this case, however, only famous and well known names need 
> their keys from verisign.  No one else needs one.
>
> When one wishes to know one is really communicating with Bob,

> it is best to use the same channels to verify this is Bob's 
> key, as one used to verify that Bob is the guy one wishes to 
> talk to.  The web of trust, and Verisign, merely get in the 
> way. 
...

--- Eric Murray <[EMAIL PROTECTED]> wrote:
...
> And to be honest, exactly zero of the PGP exchanges I have 
> had have actually used the web of trust to really verify a 
> PGP key.  I've only done it in testing.  In the real world, I

> either verify out of band (i.e. over the phone) or don't 
> bother if the other party is too clueless to understand what 
> I want to do and getting them to do PGP at all has already 
> exausted my paticnce.
...


=
end
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

ANSI X9.17 STANDARDS

[gfgs pedo]

hi,

I have an idea of what x9.17 standards says
but  no idea behind the mathametcial background of it.
x9.17 standards is a standard but why is it
so.mathametically what makes it a secure key
generator?
Could some 1 pls address the issue.
Thank u very much.

Data.


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

When encryption is also authentication...

[Curt Smith]

I agree that under-the-hood encryption is becoming more and
more prevalent, and that it generally improves security.  Also,
the widespread use of encryption technology helps protect
cryptorights in general as important to the public good.

The fundamental problem with "under-the-hood" is that the user
is not required to have any understanding of the process. 
Furthermore encryption technology is often also authentication
technology.

This includes transparently sending S/MIME documents (encrypted
and/or signed) as a default without requiring additional user
intervention.  In many places this results in legally binding
documents.  Furthermore, anyone with access to a system can
send legally binding e-mail documents on the user's behalf. 

Both legally-binding and authentication technology should not
be completely transparent.  Even "EULA's" require
user-intervention.  Digitally signed messages should require
user-intervention. 

--- Lucky Green <[EMAIL PROTECTED]> wrote:
... 
> I indeed consider passive encryption methods alone to be
> typically insufficient for some of my personal security needs

> and am continuing to utilize encryption that requires me as 
> the user to make that trust decision. But that does not mean 
> that no security benefits are to be had from opportunistic 
> encryption of Internet traffic.
...
> How does the increased use of strong crypto under-the-hood
> help Cypherpunks? The answer reminds me of the response 
> another Cypherpunk gave to my posting statistics about the 
> nature of the USENET traffic seen by a major node. I 
> expressed surprise at these rather revealing statistics, 
> musing that there had to be a lesson to be learned from the
> fact that the bulk of the data is generated in newsgroups
> that one would not initially consider mainstream. His 
> response was illuminating: "Yes, the lesson is: just look at 
> all that cover traffic".
> 
> --Lucky


=
end
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: Government subsidies: our last, best hope for Cryptanarchy?

[Adam Shostack]

Hey, most of your points about crypto going under the hood are well
taken.  I wanted to echo Peter Gutmann's comments about PGP, and add
that I see PGP as a protocol, and most of the protocols I use daily
(TCP, IP, UDP, DNS, HTTP, SMTP) have not changed in the last 10 years
and I don't need to upgrade my software to deal with them.  Looking at
PGP as a protocol gives you a different perspective.  (I also see
.doc, .xls and .ppt as protocols, and bad ones)

Adam


On Fri, May 24, 2002 at 01:44:53AM -0700, Lucky Green wrote:
| You may be asking yourself: where, oh where, has all the crypto gone?
| Where are the BlackNet's? Where is the untraceable Ecash? Where is the
| Cryptanarchy that we've been waiting for? For that matter...where is the
| crypto?
| 
| The staunchest Cypherpunk will by now have noticed that PGP/GPG usage
| even amongst list members, once the bellwether indicator of Cypherpunks
| crypto adoption success, is in decline.
| 
| NAI has pulled PGP off the shelves. Conspiracy theories as to what may
| have been driving this business decision abound. The fact of the matter
| is that the usage of PGP by businesses, the sole significant source of
| NAI PGP revenue, had long passed its peek. How many business do you know
| that rolled out PGP in the last year? How many do you know that quietly
| stopped using PGP after formally adopting its use with big fanfare a few
| years ago? The facts are that there are more of the latter than of the
| former. Did NAI receive The Briefing? I don't know. Nor does it really
| matter. There wasn't enough money to be made with PGP.
| 
| A well-respected Cypherpunk recently expressed hope that if NAI's PGP
| were to disappear for good, perhaps compatibility problems amongst
| versions of PGP would diminish. A plausible sounding theory, if one were
| to assume that the compatibility problems amongst versions of PGP are
| between versions produced by different vendors. Presumably, the theory
| would go, with only one major supplier left standing, that being GPG
| (yes, I am aware there are others), interop problems with other vendors'
| implementations would pretty much disappear by definition.
| 
| However, a closer inspection of the PGP interoperability problems, which
| have been at one of the issues coming up in just about every single
| discussion I've had with anybody about PGP over the last year, shows
| that the interop problems are not between current versions by multiple
| vendors, but between versions, in some cases by the same vendor, that
| were released over time. The current version of NAI-PGP will
| interoperate just fine with the current version of GPG.
| 
| So why is PGP interoperability such a frequently raised issue? And why
| does the importance of this topic seem to diminish the further away you
| stray from Cypherpunks into the realms of the casual PGP users? The
| answer to the second question is straight-forward. Even the most casual
| user of software tends to be familiar with and acceptant of the need for
| occasional software upgrades. It appears that those that are
| experiencing interop problems are those that are insisting on using up
| to 5-year old versions of PGP. It is true and should come as no surprise
| that those 5-year old versions do indeed have interop problems with
| newer versions of PGP.
| 
| Some may say: I shouldn't need to keep on upgrading my software to be
| able to send encrypted email. Does anybody seriously believe that those
| that insist on using 5-year old versions of PGP have not upgraded their
| operating systems in those 5 years? Indeed, upgraded more their
| operating systems more than once? Or does anybody seriously believe that
| those that insist on using old versions of PGP still run the exact same
| version of their MUA and text editor as they did 5 years ago? Of course
| they don't. If they did, their boxes would long have become unusable due
| to the warez traffic taking place on the machines as a result of the
| countless remote exploits discovered over these last 5 years.
| 
| The reluctance to upgrade to a newer version of PGP does not appear to
| be driven by a refusal or inability to upgrade software in general. This
| reluctance to upgrade appears PGP specific. Why this is the case I do
| not know. (And don't greatly care. I am running the latest version of
| NAI PGP and I can make my copy talk to any version of PGP 2.x or
| higher).
| 
| Now perhaps there may be the rare case of a PGP user that is still
| running PGP 2.x on the same DOS box, using the same mailer and the same
| text editor as they did 5 years ago. I don't know of any such users, but
| that doesn't mean no such users exists within the vastness of the
| Internet. What I do know is that those that I am aware of that are
| complaining about PGP version interoperability problems do not fall into
| the rare category of users who have not upgraded any software at all for
| the last 5 years.
| 
| Since the existence of multiple PGP sof

Re: When encryption is also authentication...

[Graham Lally]

Mike Rosing wrote:
 > If digital crypto, signatures or e-cash are going to get into mass appeal,
 > then their operations will be "magic" to the majority.  And it all has to
 > work, to 1 part in 10^8th or better, without user comprehension.
 >
> It may well take "user intervention" to create a signature, but they
> shouldn't have to know what they are doing.

Agreed, the mechanics of a system are unimportant from a user's point of view, 
so long as it works and they can work it. What magic crypto should strive for, 
though, is an understanding in users of the effects its presence promotes, and 
the ramifications involved when it is lacking.

SSL for commerce is readily in place without batting an eyelid these days. 
However, I'd be interested to know just how many users out there would enter 
their card details on an unprotected site, despite the unclosed padlocks and the 
alert boxes. Have security fears and paranoia been abated by widespread crypto 
to the point whereby users will happily transmit private data, whether encrypted 
or nay, just because they *perceive* the threat to now be minimal? Now that the 
media has grown tired of yet-another-credit-card-hack story?

Pointers to any evidence/research into this much appreciated... ta.

.g

Re: When encryption is also authentication...

[Mike Rosing]

On Wed, 29 May 2002, Curt Smith wrote:

> A digital signatures must involve a conscious decision by the
> signer to keep their part of an agreement.  I maintain that
> this requires user intervention to verify that the signer knew
> that they making an agreement - a "click of understanding" or
> pass phrase.

Yes of course - the point of signing something is a promise.  The act of
signing by pen is just being transformed into a different kind of act.
I think typing a pass phrase is better than a click, but we'll see what
the market develops.

Graham, there are many university profs interested in security on the net,
and the medical field is just starting to get into this in a big way.  I'm
not sure they are following consumers, but a web search on "medical
crypto" may find you a lot of interesting tidbits.

Patience, persistence, truth,
Dr. mike

Re: When encryption is also authentication...

[Curt Smith]

I agree that the signer does not need to understand the
mathematics or underlying technology for digital signatures to
be viable.  However, what good is an agreement when the parties
do not know what the terms of the agreement are?  A signature
(digital or otherwise) generally indicates that the signer not
only made an agreement, but also understood the agreement.

A digital signatures must involve a conscious decision by the
signer to keep their part of an agreement.  I maintain that
this requires user intervention to verify that the signer knew
that they making an agreement - a "click of understanding" or
pass phrase.

Curt

--- Mike Rosing <[EMAIL PROTECTED]> wrote:
...
> Having it be "transparent" where the user doesn't need to
know
> anything about how it works does not have to destroy the
> effectiveness of digital signatures or crypto.  When people 
> sign a document they don't know all the ramifications because

> few bother to read all of any document they sign - most of it

> won't apply as long as you keep your part of the bargin,
> so why bother?
> 
> The same thing should be true of digital signatures.  The
> user shouldn't have to know a thing, other than they've made 
> a promise they better keep or all the bad clauses really do 
> apply, and the proof of their signature will come to haunt 
> them.  The way the digital signature works does not
> matter to them, and it shouldn't need to.
> 
> If digital crypto, signatures or e-cash are going to get into
> mass appeal, then their operations will be "magic" to the 
> majority.  And it all has to work, to 1 part in 10^8th or 
> better, without user comprehension.
> 
> It may well take "user intervention" to create a signature,
> but they shouldn't have to know what they are doing.
> 
> Patience, persistence, truth,
> Dr. mike


=
end
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: When encryption is also authentication...

[Mike Rosing]

On Wed, 29 May 2002, Curt Smith wrote:

> I agree that under-the-hood encryption is becoming more and
> more prevalent, and that it generally improves security.  Also,
> the widespread use of encryption technology helps protect
> cryptorights in general as important to the public good.

This is kinda the opposite of...

> Both legally-binding and authentication technology should not
> be completely transparent.  Even "EULA's" require
> user-intervention.  Digitally signed messages should require
> user-intervention.

this.  Having it be "transparent" where the user doesn't need to know
anything about how it works does not have to destroy the effectiveness of
digital signatures or crypto.  When people sign a document they don't know
all the ramifications because few bother to read all of any document they
sign - most of it won't apply as long as you keep your part of the bargin,
so why bother?

The same thing should be true of digital signatures.  The user shouldn't
have to know a thing, other than they've made a promise they better keep
or all the bad clauses really do apply, and the proof of their signature
will come to haunt them.  The way the digital signature works does not
matter to them, and it shouldn't need to.

If digital crypto, signatures or e-cash are going to get into mass appeal,
then their operations will be "magic" to the majority.  And it all has to
work, to 1 part in 10^8th or better, without user comprehension.

It may well take "user intervention" to create a signature, but they
shouldn't have to know what they are doing.

Patience, persistence, truth,
Dr. mike

Why asymmetrical warefare practitioners have nothing to fear from the FBI (and probably the rest of U.S. intelligence/law enforcement)

[keyser-soze]

[An edited copy of "Who Let the Terrorists Succeed?" 
http://www.msnbc.com/news/758330.asp]

The now-famous memo Minneapolis agent Coleen Rowley sent to Robert Mueller, director 
of the FBI, now widely known as the Federal Bureau of Incompetence. The May 21, 2002 
memo, obtained by Time, is one scary document. It suggests [SURPRISE!] that we have a 
bunch of time-servers protecting our security, which no one is in charge of anything. 
If any of this changed after September 11, Rowley, a highly regarded veteran of the 
bureau, does not say so.

Without mentioning names, Rowley basically fingers a mid-level FBI supervisory 
agent in the Hoover Building (in Washington) named Dave Frasca, who was supposed to be 
running the task force on religious fanatics. After the Minneapolis office took 
flight-student and hijacker-wannabe Zacarias Moussaoui into custody and obtained 
intelligence from the French indicating that he had terrorist ties, alert Minnesota 
agents didnt just passively push the case up the chain of command. They became, in 
Rowleys words, desperate to search his computer laptop. So desperate that they 
risked the wrath of higher ups by committing a real pre-9-11 no-no: contacting the CIA.

Headquarters personnel didnt just deny the request to probe Moussaoui 
further. Even though they were privy to many more sources of intelligence information 
than field agents, as Rowley plaintively put it, they continued to, almost 
inexplicably, throw up roadblocks and undermine Minneapolis by-now desperate attempts 
to obtain a search warrant.

Because Frascas not commenting publicly, we havent heard the other side of 
the story. But as anyone who has ever worked in an office knows, HQ always has its own 
take on events, and sometimes its even right. In this case a federal judge in 
Washington, Royce C. Lambreth, grew annoyed at the poor documentation involved in 
requests from federal prosecutors for search warrants and wiretaps. One prosecutor so 
angered Lambreth that he was actually barred from seeking any more approvals from 
judges, a move that sent a chilling career message down through the ranks of the 
Justice Department. So Frasca, knowing which way the wind was blowing in Washington, 
wasnt just going to rubber stamp the Minneapolis request.

[Does this mean the complaints by civil libertarians that FESA were being heard?]

Moreover, the very fact that HQ is, in Rowleys words, privy to many more 
sources of intelligence is actually a hindrance, not necessarily a sign of 
negligence. The more intelligence chaff that comes in, the harder it is to find the 
wheat. Frasca should have the chance to explain that, and Judge Lambreth should 
explain why he thought the warrant process was being abused.  
 
 But Rowleys certainly correct when she tells Mueller that the problem with 
chalking this all up to the 20/20 hindsight is perfect problem  is that this is not 
a case of everyone in the FBI failing to appreciate the potential consequences. It is 
obvious that the agents in Minneapolis who were closest to the action and in the best 
position to gauge the situation locally did fully appreciate the terrorist risk/danger 
posed by Moussaoui.
 
Doesnt that sound familiar in your company? The branch offices never think 
headquarters knows whats really going on, while the home office VPs think the branch 
guys are a bunch of whiners without the chops to make it in the big time at HQ. 

But in this evergreen of bureaucratic in-fighting, one of HQs best arguments 
is usually that unlike the branch offices, it sees the big picture. This time, as 
Rowley notes, Frasca and company not only failed to see the big picture, they worked 
actively to keep others from trying to see it. Thats quite an indictment.

And thats only part of her bombshell. Rowley, who is, fortunately for her, 
close to retirement, also goes after Mueller himself. I have deep concerns that a 
delicate and subtle shading/skewering of facts by you and others at the highest levels 
of the FBI has occurred and is occurring. She argues that Muellers reorganization, 
which would further empower the FBIs Washington headquarters, is exactly the wrong 
approach to preventing terrorism.
 
As if to confirm Rowleys harsh judgment, Mueller last week classified her 
memo, though we learned after it was leaked that there is nothing even vaguely 
compromising about FBI sources and methods contained in it. He classified it for the 
same reason Bush and Cheney dont want an independent commission to investigate what 
happened: Its embarrassing.

Now its up to the rest of us to decide. 

[Unfortunately its not.  If it were the problem would have been addresses decades ago.]

Is embarrassment a proper standard for classifying documents and sweeping poor 
performance under the carpet? Or is it perhaps more patrioticand better for 
preventing a futu

sources on steganography

[Hector Rosario]

I am writing my dissertation on steganography. Basically I'm writing a
technical monograph that would be of use to undergraduate instructors.
What do you think are the best sources on steganography on
the Web? What about books other than Johnson, Katzenbeiser & Peticolas,
and the volumes covering the four international workshops on information
hiding.

I am also interested in the history of the subject. One major problem with
the available sources covering the history (like Kahn) is that they
completely disregard China, India, and Arab countries. Any pointers?

thanks,
hector

Re: sources on steganography

[Morlock Elloi]

> I am writing my dissertation on steganography. Basically I'm writing a
    ^ ^   ^  ^ ^

You can't fool us.



=
end
(of original message)

Y-a*h*o-o (yes, they scan for this) spam follows:
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com