Re: What email encryption is actually in use?
-BEGIN PGP SIGNED MESSAGE-
If you signed your messages on a regular basis, it would let me know
whether or not you're the same Tim May, I've been reading since back
when toad.com was the only server for the list.
If you're key was signed by anyone I've dealt with, who I know will
actually check your id, it would increase my confidence that you
really are Tim May, and not just a net persona.
It doen't make one iota of difference, whether you choose to
distribute your key or not. Your ideas are usually thought
provoking,
and consistent enough to form a persona in the minds of the list
readers. Or at least, in mine.
I know you know (whether or not you agree) with the above. It just
struck me as humourous that you'd sign the post, with the comment
to the effect that there isn't much point in doing so, with a key
that isn't on the servers.
Do you see the PGP web of trust as completly useless?
As to who I am, well...
I'm a programmer, living in London, Ont. Canada.
I've been lurking, off and on, since 94 or so. I don't think I've
actually posted anything to the list since back in 96, when I
wrote a freeware program to simplify using PGP with dos based
offline mail readers (MPI.ZIP).
While I normally promote privacy issues, only with those I meet
face to face, I still consider myself a cypherpunk. I normally
only post to the list, when my point of view isn't being
expressed by any of the regular posters.
Regards, Dave Hodgins.
Tim May wrote:
>
> On Sunday, November 3, 2002, at 06:14 PM, David W. Hodgins wrote:
>
> >
> > -BEGIN PGP SIGNED MESSAGE-
> >
> > The advantages really disappear, when the key used to sign the
> > message
> > isn't sent to the key servers {:.
> >
>
> Those who need to know, know.
>
> You, I've never seen before. Even if you found my key at the
> Liberal Institution of Technology, what would it mean?
>
> Parts of the PGP model are ideologically brain-dead. I attribute
> this to left-wing peacenik politics of some of the early folks.
>
- --Tim May
-BEGIN PGP SIGNATURE-
Version: PGPfreeware 7.0.3 for non-commercial use
iQEVAwUBPcXu94s+asmeZwNpAQFQuAf+LbwrdQV8CPAc/lw2AF5HPvKLGopHCj3i
tFR+drfFAYDDA6UHMPJOFxzDdhFYrRbhQ3c3cSkExSSoI7Mce389KPdGimWQZTJZ
rCYyvnXtG+S//ya8yCELXC3SSwwra0+laPpoSz6lseIU6YJUYFyMLnnXaH5gpxHi
O7TtK8kfPFQVVdbBuJC4mp9SjNO3DqIM29UbPSrf9KZ1w2zPXA4eov9GL9jjU808
CzT+wncCYaE1EU8cT3C+TFJyd8r8B1S6CLbjX9hC71kIt5bVUt1EHMHUx8u2YaXZ
i4o2kKQGePbJvIIiOuwngIUOuwnbgLlGO7+zhsL4y2UuXeJ1/W5NVQ==
=8BJt
-END PGP SIGNATURE-
Re: What email encryption is actually in use?
at Monday, November 04, 2002 2:28 AM, Tim May <[EMAIL PROTECTED]> was seen to say: > Those who need to know, know. Which of course is a viable model, provided you are only using your key for private email to "those who need to know" if you are using it for signatures posted to a mailing list though, it just looks silly. > You, I've never seen before. Even if you found my key at the Liberal > Institution of Technology, what would it mean? it would at least give us a chance to check the integrity of your post (what a sig is for after all) and anyone faking your key on the servers would have to prevent you ever seeing one of your own posts (so that you can't check the signature yourself) > Parts of the PGP model are ideologically brain-dead. I attribute this > to left-wing peacenik politics of some of the early folks. The Web-of-Trust model is mildly broken - all you can really say about it is that it is better than the alternatives (X509 is not only badly broken, but badly broken for the purpose of hierachical control and/or profit) In the current case, one reason to sign important posts is to establish a pattern of ownership for posts, independent of real-world identity. If I know that posts a,b & c sent from nym x are all signed, I will be reasonably confident that key y is owned by the normal poster of nym x. that I don't know who that is in meatspace is pretty irrelevant. Where both systems break down is when trying to assert that key y is tied to anything but an email address (or possibly a static IP). There is little to bind a key to anything or anyone in the real world, unless you meet in person, know each other reasonably well (if only via third parties that can identify you both) and exchange fingerprints. in fact, WoT is simply an attempt to automate this process offline, so that you can be "introduced" to someone by a third party without all three of you having to meet; you still have to make a value judgement based on how sure you are about the third party's reliability and how confident they seem about the identity of x - however in the real world, both of those are vague, hard-to-define values and in the WoT they are rigid (you have a choice of two levels of trust for an introducer, and no way to encode how much third parties should rely on your identification)
Re: What email encryption is actually in use?
On Saturday November 2 2002 11:09, Adam Shostack wrote: > I'd be interested to hear how often email content is protected by any > form of crypto, including IPsec, Starttls, ssh delivery, or PGP or > SMIME. There's probably an interesting paper in going out and > looking at this. I use GnuPG to the people I know that have it. Admittedly that number is rather low but I am working on raising it. My e-mail client will do SSL and TLS so most if not all of my messages are protected at least to and from the ISP's servers. I would like to use GnuPG (my OpenPGP application of choice) more often. Unfortunately the number of people that have it is too low to make this practical and providers like AOL making it very difficult to use encryption with their proprietary e-mail clients pushes the number even lower than it should be. Part of the problem is too many people not realizing that one sending e-mail in the clear means that one trusts their ISP's admins, the receiving ISP's admins, and anyone with root (or possibly even just physical access) on a network between them. All it takes is one untrustworthy person snooping on the wire and there goes your privacy. Granted, yes, it's a violation of laws like the ECPA (in the US) to do so, but when there are potentially dozens of people who could have divulged a message, how does one know who to prosecute? -- Shawn K. Quinn
Re: Katy, bar the door
At 09:32 PM 10/31/2002 -0800, Tim May wrote: I'm missing the gist of this scenario. If the attackers/hijackers cannot get into the cockpit and gain control of the plane, then the most they can do with disabling/lethal/nerve gases is to cause the plane to essentially crash randomly...which kills a few hundred people, but probably not many more. Which is yet another reason why securing the cockpit door very, very well is the single most important, and cheapest, solution. It won't stop the Tom Clancy scenario (copilot kills pilot, crashes into Congress during State of the Union speech.) But then it won't stop them from shooting down planes with repurposed Stinger missiles, either.
RE: Intel's LaGrab
Tim wrote: > Microsoft calls its technology "Palladium." Intel dubs it > "LaGrande." " > > I say we call it "LaGrab." Has anybody on the list seen any official specs, datasheets, etc. for Intel's LaGrande feature set? Any documents that could be donated to Cryptome's collection? So far, all I have been able to locate are vague press releases, marketing blather, and wild-eyed promises of hack-proofing computers. TIA, --Lucky
Re: What email encryption is actually in use?
At 12:41 PM 11/02/2002 -0500, Steve Furlong wrote: The only business environment I've ever worked in which successfully used encrypted email mandated specific versions of mail client (Outlook, ecch) and PGP (integrated into Outlook), had a jackbooted thug to make sure everyone's keyring was up to date, and had a fairly small (couple dozen), mostly technically proficient, user base. And even there, half the time the encrypted message wasn't sensitive enough to be worth encrypting nor important enough to be worth decrypting. All of the business email I send from home is encrypted - not by the mail user agent or mail transfer agent, but by the VPN I use to reach my work intranet. If it goes outside the company, it's normally not encrypted. (Also, non-business email I send when VPN-connected is encrypted, on the dialup portions, but not past that.) What would be really nice, and would encrypt a large chunk of the US's business email, would be for MS Exchange / Outlook mail servers to adopt STARTTLS for their SMTP services.
RE: What email encryption is actually in use?
> Tim May[SMTP:[EMAIL PROTECTED]] > > > On Saturday, November 2, 2002, at 08:01 PM, Tyler Durden wrote: > > > "Prior to that, the encrypted email I've sent in the past year or so > > has almost always failed, because of version incompatibilities," > > > > While in Telecom I was auditing optical transport gear, and we adopted > > the practice of encrypting all of our audit reports to vendors. Of > > course, the chance of there being an eavesdropper (uh...other than > > NSA, that is) was a plank energy above zero, but it gave the vendors > > the imporession we really cared a lot about their intellectual > > property (if we determined a problem with their equipment, and if that > > info ever leaked, it could have a major impact on them). > > When I was at Intel we sent our designs for microprocessors to European > branches and/or partners. One set of designs sent to MATRA/Harris, a > partner in the 80C86, was stolen in transit. (The box of tapes arrived > in Paris, but the tapes had been replaced by the suitable weight of > bricks.) > I suspect that there is a fair amount of encrypted mail flowing over the net which is not obvious to ISPs. It's internal mail of large corporations. Many corps maintain VPNs between their offices, with encryption handled at the firewall. A great deal of highly sensitive internal email flows over these links, with the encryption totally transparent to the end-users. Of course, this is just internal stuff. The external mail is as open as everyone's been saying. Peter Trei
RE: Katy, bar the door
> Major Variola (ret)[SMTP:[EMAIL PROTECTED]] > > When that trucker kamakazi'd into the state capital in Sacramento last > year, they decided to put Jersey barriers > up. Hard to do that in the air (Blimps with nets?) > The name for these is 'barrage balloons'. They were widely deployed during WW2 against dive bombers and ground-attack fighters. I suspect they are less useful today for this purpose, due to the increased distances of attack, but they might make life harder for cruise missiles and other UAVs. Plan to see them over Baghdad. Peter Trei
RE: Intel's LaGrab
On Sun, 3 Nov 2002, Lucky Green wrote: > Tim wrote: > > Microsoft calls its technology "Palladium." Intel dubs it > > "LaGrande." " > > > > I say we call it "LaGrab." > > Has anybody on the list seen any official specs, datasheets, etc. for > Intel's LaGrande feature set? Any documents that could be donated to > Cryptome's collection? So far, all I have been able to locate are vague > press releases, marketing blather, and wild-eyed promises of > hack-proofing computers. I didn't think any of it was near finalized yet. Even the comments here from people working close to it indicate it isn't finished. I suggest "LaGrande Screw". Once in place, it will be pretty easy for Microsoft to screw everyone who owns a Paladium machine! Patience, persistence, truth, Dr. mike
Re: What email encryption is actually in use?
at Monday, November 04, 2002 3:13 PM, Tyler Durden > This is an interesting issue...how much information can be gleaned > from encrypted "payloads"? Usually, the VPN is an encrypted tunnel from a specified IP (individual pc or lan) to another specified IP (the outer marker of the lan, usually the firewall/vpn combo box but of course that function can be split if needs be) sniffers can usually catch at least some of the initial login - normally a host name or user name is passed unencrypted as part of the setup - but any actual mail traffic will be indistinguishable from any other traffic; it is encapsulation of IP packets in an outer encrypted wrapper. similar statements can usually be made for Zeb, SSH and other similar tunnels - each encapsulates a low level (almost raw in the case of strict tunnels like zeb or ssh) packet passing tunnel in a crypto skin.
RE: Sending bricks through the mail
At 11:17 PM 11/3/02 +0100, Thoenen, Peter Mr. EPS wrote: >Tried emailing direct but bounced so apologize to the list for the OT >content :) > >You don't happen to have the url do you? Think it would make an amusing >read. Sorry, no. BTW, my nym is for humor value, and spam-avoidance, not replies.
RE: Flight security analysis (was Re: Confiscation of Anti-War Vi deo)
> -- > From: Major Variola (ret)[SMTP:[EMAIL PROTECTED]] > Sent: Friday, November 01, 2002 6:02 PM > To: [EMAIL PROTECTED] > Subject: Re: Flight security analysis (was Re: Confiscation of > Anti-War Video) > > At 05:16 PM 11/1/02 -0500, Steve Furlong wrote: > >But Maj Variola made a questionable point, too: > > > >> At 30K feet, you have about half a minute before you pass out > > > >I just tested that, sort of. I emptied my lungs, then lifted weights > for > >30 seconds. It was a little painful toward the end, but I didn't grey > >out or anything. > > I was unable to find my ref. But I also know that muscles > can work anaerobically; also that asphyxiation-feeling is from > too much CO2, not a lack of O2. Also, you can't really > empty your lungs. > > I once saw a show about medicine. In it, an M.D. rebreathed > his own CO2-scrubbed air as he wrote the alphabet, on camera. > Halfway through he started scribbling incoherently and fell over, > unawares. > (There were assistants to save him.) > > FWIW > I did this something similar once myself, in high school biology (this was in Britain, so there were no bullshit concerns over liability). Two students, one rebreathing scrubbed air, the other (me) unscrubbed (ie, I was rebreathing my own CO2). I kept going about 2 minutes before I started to black out. Analysis of the air showed that it still had substantial oxygen content, but the CO2 level had tripled. My partner, who rebreathed CO2 scrubbed air, kept going for 7 or 8 minutes before stopping, and had used a much higher fraction of the O2. It turns out that CO2 has substantially higher affinity for haemoglobin than does O2, so the CO2 was suffocating me even in the presence of ample oxygen. Carbon monoxide has an even higher affinity, which is why it's so poisonous. Peter Trei
RE: What email encryption is actually in use?
The ever-though-provoking Peter Trei wrote... "A great deal of highly sensitive internal email flows over these links, with the encryption totally transparent to the end-users." This is an interesting issue...how much information can be gleaned from encrypted "payloads"? Is it possible for a switch or whatever that has visibility up to layers 4/5/6 to determine (at least) what type of file is being sent? Can it determine at what layer encryption was performed? (These may be obvious to many of you, but I can only claim expertise in layers 0/1, and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible for hardware that examines large numbers of communiques to pre-determine that much is of no interest. From: "Trei, Peter" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], "'Tim May'" <[EMAIL PROTECTED]> Subject: RE: What email encryption is actually in use? Date: Mon, 4 Nov 2002 09:37:59 -0500 > Tim May[SMTP:[EMAIL PROTECTED]] > > > On Saturday, November 2, 2002, at 08:01 PM, Tyler Durden wrote: > > > "Prior to that, the encrypted email I've sent in the past year or so > > has almost always failed, because of version incompatibilities," > > > > While in Telecom I was auditing optical transport gear, and we adopted > > the practice of encrypting all of our audit reports to vendors. Of > > course, the chance of there being an eavesdropper (uh...other than > > NSA, that is) was a plank energy above zero, but it gave the vendors > > the imporession we really cared a lot about their intellectual > > property (if we determined a problem with their equipment, and if that > > info ever leaked, it could have a major impact on them). > > When I was at Intel we sent our designs for microprocessors to European > branches and/or partners. One set of designs sent to MATRA/Harris, a > partner in the 80C86, was stolen in transit. (The box of tapes arrived > in Paris, but the tapes had been replaced by the suitable weight of > bricks.) > I suspect that there is a fair amount of encrypted mail flowing over the net which is not obvious to ISPs. It's internal mail of large corporations. Many corps maintain VPNs between their offices, with encryption handled at the firewall. A great deal of highly sensitive internal email flows over these links, with the encryption totally transparent to the end-users. Of course, this is just internal stuff. The external mail is as open as everyone's been saying. Peter Trei _ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp
RE: What email encryption is actually in use?
> -- > From: Tyler Durden[SMTP:[EMAIL PROTECTED]] > Sent: Monday, November 04, 2002 10:13 AM > To: [EMAIL PROTECTED] > Subject: RE: What email encryption is actually in use? > > The ever-though-provoking Peter Trei wrote... > > "A great deal of highly sensitive internal > email flows over these links, with the encryption totally transparent > to the end-users." > > This is an interesting issue...how much information can be gleaned from > encrypted "payloads"? Is it possible for a switch or whatever that has > visibility up to layers 4/5/6 to determine (at least) what type of file is > > being sent? Can it determine at what layer encryption was performed? > (These > may be obvious to many of you, but I can only claim expertise in layers > 0/1, > and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible > for hardware that examines large numbers of communiques to pre-determine > that much is of no interest. > > Most the ones I've seen are IPSEC over IPv4. You might be able to glean some info from packet size, timing, and ordering, but not much. IPSEC takes a plaintext IP packet and treats the whole thing as a data block to be encrypted.
Blacknet hits the trade press
EWeek 21 Oct 2002 p 58, "High-tech products invite tech crimes" P. Coffee Writing about a consultant who tried to sell a client's software, and got busted: "Next time, a code theif may use a "BlackNet" brokerage (as envisioned in the widely circulated essay by Timothy May) to avoid such traps." [He is commenting on whereas stolen chips are valuable to many, stolen software is valuable only to a few...]
RE: What email encryption is actually in use?
At 10:13 AM 11/4/02 -0500, Tyler Durden wrote: >This is an interesting issue...how much information can be gleaned from >encrypted "payloads"? Traffic analysis (who, how frequently, temporal patterns) Size of payload Is it possible for a switch or whatever that has >visibility up to layers 4/5/6 to determine (at least) what type of file is >being sent? Yes. Modern network equiptment can examine all the way up to "layer 7". Can tell that you're sending an .mp3 and will cut your QoS, if that's the policy. > Can it determine at what layer encryption was performed? Various "packet classification" hardware companies [1] make chips to find fields in headers. (The classification chips pass this info to the NPU) IPsec, SSL are trivial. App-level crypto is easy if the crypto has signatures, like "-BEGIN PGP MESSAGE-". Steganography + encryption, however, is pretty tough. The S/N ratio can become useless due to false alarms. The Feds probably have an enormous collection of intercepted arab baby pictures... [1] Here's a blurb from http://solidum.com/products/index.cfm Based on programmable state machine technology and a powerful, openly-distributed pattern description language, our scalable, forward-compatible, and field-upgradable classification processors can be configured to closely inspect packets for vital information up to and including Layer 7. The information collected can then be used to make intelligent routing and switching decisions for service, application, and QoS requirements. This improves the speed, power and efficiency of next generation network processing architectures, facilitates the delivery of content-based services and enables true QoS for differentiated services. --- CALEA: What did you think layer 7 awareness meant?
RE: What email encryption is actually in use?
"Most the ones I've seen are IPSEC over IPv4. You might be able to glean some info from packet size, timing, and ordering, but not much. IPSEC takes a plaintext IP packet and treats the whole thing as a data block to be encrypted." SO this would indicate that IPSEC creates a sort of blockage from seeing up to Layers 4/5/6. Now when you say it takes the IP packet, is this just the datagram or is it also he procotol bytes? (I'm assuming the layer-2 information remains intact.) If the protocol bytes are unencrypted, then there's a LOT that can probably be determined about any IP session. If the protocol bytes are encrypted, then this will ot be a very flexible session, no? (More of a secure pipe I guess.) And then, does IPSEC include specification for MPLS? I would assume that the MPLS header information is not encrypted, simply because the headers have no global significance... From: "Trei, Peter" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], "'Tyler Durden'" <[EMAIL PROTECTED]> Subject: RE: What email encryption is actually in use? Date: Mon, 4 Nov 2002 11:00:56 -0500 > -- > From: Tyler Durden[SMTP:[EMAIL PROTECTED]] > Sent: Monday, November 04, 2002 10:13 AM > To: [EMAIL PROTECTED] > Subject: RE: What email encryption is actually in use? > > The ever-though-provoking Peter Trei wrote... > > "A great deal of highly sensitive internal > email flows over these links, with the encryption totally transparent > to the end-users." > > This is an interesting issue...how much information can be gleaned from > encrypted "payloads"? Is it possible for a switch or whatever that has > visibility up to layers 4/5/6 to determine (at least) what type of file is > > being sent? Can it determine at what layer encryption was performed? > (These > may be obvious to many of you, but I can only claim expertise in layers > 0/1, > and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible > for hardware that examines large numbers of communiques to pre-determine > that much is of no interest. > > Most the ones I've seen are IPSEC over IPv4. You might be able to glean some info from packet size, timing, and ordering, but not much. IPSEC takes a plaintext IP packet and treats the whole thing as a data block to be encrypted. _ Surf the Web without missing calls! Get MSN Broadband. http://resourcecenter.msn.com/access/plans/freeactivation.asp
RE: What email encryption is actually in use?
> Tyler Durden[SMTP:[EMAIL PROTECTED]] writes: > > > "Most the ones I've seen are IPSEC over IPv4. You might be able to glean > some info from packet size, timing, and ordering, but not much. IPSEC > takes a plaintext IP packet and treats the whole thing as a data block > to be encrypted." > > SO this would indicate that IPSEC creates a sort of blockage from seeing > up > to Layers 4/5/6. Now when you say it takes the IP packet, is this just the > > datagram or is it also he procotol bytes? (I'm assuming the layer-2 > information remains intact.) If the protocol bytes are unencrypted, then > there's a LOT that can probably be determined about any IP session. If the > > protocol bytes are encrypted, then this will ot be a very flexible > session, > no? (More of a secure pipe I guess.) > > And then, does IPSEC include specification for MPLS? I would assume that > the > MPLS header information is not encrypted, simply because the headers have > no > global significance... > It's a pipe. The whole plaintext IP packet, from start to finish, including headers and checksum, gets treated as data, and encrypted. The encrypted packet is the data for a new packet, which goes from one firewall to another (and has only the firewall IP addresses exposed). The packets visible on the outside only tell Eve that firewall A sent firewall B an IPSEC packet of a certain size, with a particular Security Association. (ie, the protocol field says 'this is an IPSEC packet'). A single SA can be used for many, many, internal connections. Check the IPSEC RFCs for more info. Peter Trei
RE: What email encryption is actually in use?
> Major Variola (ret)[SMTP:[EMAIL PROTECTED]] > > > At 10:13 AM 11/4/02 -0500, Tyler Durden wrote: > >This is an interesting issue...how much information can be gleaned from > > >encrypted "payloads"? > > Traffic analysis (who, how frequently, temporal patterns) > Size of payload > > Is it possible for a switch or whatever that has > >visibility up to layers 4/5/6 to determine (at least) what type of file > is > >being sent? > > Yes. > > Modern network equiptment can examine all the way up to "layer 7". > Can tell that you're sending an .mp3 and will cut your QoS, if that's > the policy. > Durden's question was whether a snooper on an IPSEC VPN can tell (for example) an encrypted email packet from an encrypted HTTP request. The answer is no. All Eve can tell is the FW1 sent FW2 a packet of a certain size. The protocol of the encapsulated IP packet, it's true source behind FW1, it's true destination behind FW2, and the true destination port are all hidden. Peter
RE: What email encryption is actually in use?
Peter Trei wrote... "Durden's question was whether a snooper on an IPSEC VPN can tell (for example) an encrypted email packet from an encrypted HTTP request. The answer is no. All Eve can tell is the FW1 sent FW2 a packet of a certain size. The protocol of the encapsulated IP packet, it's true source behind FW1, it's true destination behind FW2, and the true destination port are all hidden." Yes, this was indeed the gist of my question. I was aware that there are actually hard and soft switches that are aware all the way up to the application layer, apparently (I also know that some softswiches have actually been deployed in RBOC/Baby Bell territory.) But from your previous email, you indicated that the secure IPSEC tunnel is created by taking the packets, encrypting S/A, D/A, payload and protocol fields (ie, pretty much everything) and then dumping them into the payload of another packet, and setting the Protocol field of the parent-packet to "IPSEC". All that is now visible are the firewall addresses. That's a lot, methinks! In other words, there's practically a bright red flag sticking up saying "I'm encrypted! Look over here!"...it's child's play (well, if you consider making an ASIC child's play!) to then look at the S/A and D/a to see if they are interesting. If they belong to the IP spaces of two large companies, for instance, then look elsewhere (though I hear rumors that the NSAs of the world are branching out into industrial eavesdropping for their parent companies, ehr, for their parent countries). If a secure VPN tunnel forms between al-Jazeera's firewall and, say, some ISP near Atlantic Avenue in Brooklyn (heavy Arab community), then all sorts of spyglasses could pop up. Thus, I suspect a lot can be gleaned (and is) from communiques without actually de-encrypting...the philosohpy probably is, "why violate civil rights unless we really, really have to? Extract as much as we can without actually de-encrypting, and if the probably of something being "interesting" is high enough, then we'll send it downstairs to be opened" (and even then, determining how hard it is to open the communique might also be of interest...is it legal to open somebody else's email but not read it?) Here's a little quote for ya, since it seems to be the in-thing to do... "The revolution is right where we want it: out of our control." (Royal Family and the Poor) From: "Trei, Peter" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], "'Major Variola (ret)'" <[EMAIL PROTECTED]> Subject: RE: What email encryption is actually in use? Date: Mon, 4 Nov 2002 12:58:55 -0500 > Major Variola (ret)[SMTP:[EMAIL PROTECTED]] > > > At 10:13 AM 11/4/02 -0500, Tyler Durden wrote: > >This is an interesting issue...how much information can be gleaned from > > >encrypted "payloads"? > > Traffic analysis (who, how frequently, temporal patterns) > Size of payload > > Is it possible for a switch or whatever that has > >visibility up to layers 4/5/6 to determine (at least) what type of file > is > >being sent? > > Yes. > > Modern network equiptment can examine all the way up to "layer 7". > Can tell that you're sending an .mp3 and will cut your QoS, if that's > the policy. > Durden's question was whether a snooper on an IPSEC VPN can tell (for example) an encrypted email packet from an encrypted HTTP request. The answer is no. All Eve can tell is the FW1 sent FW2 a packet of a certain size. The protocol of the encapsulated IP packet, it's true source behind FW1, it's true destination behind FW2, and the true destination port are all hidden. Peter _ Unlimited Internet access -- and 2 months free! Try MSN. http://resourcecenter.msn.com/access/plans/2monthsfree.asp
RE: What email encryption is actually in use?
> Tyler Durden[SMTP:[EMAIL PROTECTED]] wrote > > > But from your previous email, you indicated that the secure IPSEC tunnel > is > created by taking the packets, encrypting S/A, D/A, payload and protocol > fields (ie, pretty much everything) and then dumping them into the payload > > of another packet, and setting the Protocol field of the parent-packet to > "IPSEC". All that is now visible are the firewall addresses. > > That's a lot, methinks! In other words, there's practically a bright red > flag sticking up saying "I'm encrypted! Look over here!"...it's child's > play > (well, if you consider making an ASIC child's play!) to then look at the > S/A > and D/a to see if they are interesting. If they belong to the IP spaces of > > two large companies, for instance, then look elsewhere (though I hear > rumors > that the NSAs of the world are branching out into industrial eavesdropping > > for their parent companies, ehr, for their parent countries). > > If a secure VPN tunnel forms between al-Jazeera's firewall and, say, some > ISP near Atlantic Avenue in Brooklyn (heavy Arab community), then all > sorts > of spyglasses could pop up. > The title of this thread is "What email encryption is actually in use?". I posted that a lot intra-company email often goes over encrypted VPNs between worksites, and that this should be considered in trying to figure out how much email is encrypted. After some back and forth to educate you on how IPSEC tunneling works, you now understand, but it turns out that that was not what you were interested in. VPNs no more raise a red flag than does any other form of encrypted communication without steganography. If your threat model includes end-point identification, then use alt.anonymous.messages. If traffic analysis is also a worry, use stego. VPNs are probably responsible for more encrypted traffic than anything else on the net, and meet corporate threat models very well. If your threat model is different, you may need a different solution. Peter Trei
Re: What email encryption is actually in use?
On Sun, Nov 03, 2002 at 11:23:36AM -0800, Tim May wrote: > - -- treat text as text, to be sent via whichever mail program one uses, > or whichever chatroom software (not that encrypted chat rooms are > likely...but who knows?), or whichever news reader software http://www.invisible.net is sort of an encrypted chatroom. -- Windows, Icons, Mice and Pointers. A jedi craves not these things.
CARDIS '02 - 5th Smart Card Research and Advanced Application Conference
Dear colleague - I'd like to invite you to attend the 5th Smart Card Research and Advanced Application Conference, November 21-22 in San Jose, CA. http://www.usenix.org/events/cardis02/ CARDIS '02, the joint IFIP/USENIX International Conference on Smart Card Research and Advanced Applications, will bring together researchers and practitioners in the development and deployment of smart card systems and technologies. This two-day conference features: Keynote speaker Vincent Cordonnier, LIFL; 14 refereed papers; panel discussions; Work-In-Progress reports as well as ample opportunities to informally interact with fellow attendees and speakers. Unlike events devoted to commercial and application aspects of smart cards, the CARDIS conferences bring together researchers who are active in all aspects of the design, validation, and application of smart cards. The breadth of smart card research stimulates a synergy among disparate research communities, making CARDIS an ideal opportunity to explore and learn from the latest research advances. We hope you will join us in San Jose. On behalf of the program committee - Peter Honeyman, CITI, University of Michigan CARDIS '02 Program Chair -- Alex Walker Production Editor USENIX Association 2560 Ninth Street, Suite 215 Berkeley, CA 94710 510/528-8649 x33
RE: Sending bricks through the mail
I think this is what you're looking for: http://www.improb.com/airchives/paperair/volume6/v6i4/postal-6-4.html At 11:17 PM 11/3/02 +0100, Thoenen, Peter Mr. EPS wrote: >Tried emailing direct but bounced so apologize to the list for the OT >content :) > >You don't happen to have the url do you? Think it would make an amusing >read.
traffic analysis of VPN/secure tunnels (Re: What email encryption is actually in use?)
On Mon, Nov 04, 2002 at 12:58:55PM -0500, Trei, Peter wrote: > Durden's question was whether a snooper on an IPSEC VPN can > tell (for example) an encrypted email packet from an encrypted > HTTP request. > > The answer is no. > > All Eve can tell is the FW1 sent FW2 a packet of a certain size. > The protocol of the encapsulated IP packet, it's true source > behind FW1, it's true destination behind FW2, and the true > destination port are all hidden. An external obseverer being able to tell the time of exchange or percentage of traffic which is email vs http through a VPN probably isn't a big deal to most people. But if someone did care, it may be that you could have some probabilistic indication of whether the traffic is email or http (or other distinctions) based on the size of the packets, the timing that kind of thing. As there are different internal originating-points (mail hub, vs desktop/desktop+proxy cache), probably aspects of the hardware, TCP stack and application performance and behavior would leave some still recognizable performance and IP packet size signature. A more direct traffic-analysis type of risk is interactive session protocols like telnet, perhaps some chat programs where the characters are sent as they are typed. In this scenario it may be that an attacker could reconstruct the plaintext by analysing typing characteristics. (There was a paper about this risk for interactive sessions over SSH published a while back -- don't have the reference handy, probably google could find it). Another related type of risk is that SSL does not necessarily obsecure the page requested as the request and/or response may have unique, predictable and publicly measurable size uniquely identifying the document requested. Adam -- http://www.cypherspace.org/adam/
Re: Sending bricks through the mail
I sent the link to Peter direct yesterday, but if anyone else is interested-- http://www.improb.com/airchives/paperair/volume6/v6i4/postal-6-4.html ~~SAM > From: "Major Variola (ret)" <[EMAIL PROTECTED]> > Date: Mon, 04 Nov 2002 08:26:17 -0800 > To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > Subject: RE: Sending bricks through the mail > > At 11:17 PM 11/3/02 +0100, Thoenen, Peter Mr. EPS wrote: >> Tried emailing direct but bounced so apologize to the list for the OT >> content :) >> >> You don't happen to have the url do you? Think it would make an > amusing >> read. > > Sorry, no. BTW, my nym is for humor value, and spam-avoidance, not > replies.
