subject:"Re\: Echelon\-like..."

Re: Echelon-like resources...

2002-10-13 Thread Eugen Leitl


On Fri, 11 Oct 2002, Tyler Durden wrote:

 And indeed, in a world where most messages are fairly weakly encrypted, 
 bursts of strongly-encrypted messages will stand out all the more and 
 possibly flag the need for other methods of investigation.

Doesn't figure: while it's easy to screen for high information entropy
(archives have a signature), telling weak encryption from strong is
nontrivial, unless it's conveniently labeled, and you're limiting the
attack to a tiny fraction of the entire traffic, not realtime.

And of course you can package 'strong' encryption into a 'weak' encryption 
envelope, so you will only know that 'strong' encryption has been used 
after you've broken the 'weak' envelope.

Re: Echelon-like resources...

2002-10-13 Thread Tyler Durden


And of course you can package 'strong' encryption into a 'weak' encryption 
envelope, so you will only know that 'strong' encryption has been used after 
you've broken the 'weak' envelope.

Oh yeah. Interesting. Of course, this would be done only if the sender knew 
or supected how mass-scanning might be done. And so the existence of another 
level of heavier encryption (see next paragraph) might be a tip off that 
this is not simply a financial transaction.

But, it occurs to me that in some cases what might be done to determine the 
presence of hard encryption is for hardward to attempt to decrypt it for a 
certain fixed time, and if there's no success with X 
minutes/hours/milliseconds or whatever, then one assigns a certain 
probability that said message has been encrypted using something stronger 
than the International version of Bogus Notes (for instance). But of course, 
I'm willing to concede that at his point I'm talking completely out of my 
arse. (That will change when I get time to do some real homework in this 
area, however.)



From: Eugen Leitl [EMAIL PROTECTED]
To: Tyler Durden [EMAIL PROTECTED]
CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Echelon-like resources...
Date: Sun, 13 Oct 2002 13:32:45 +0200 (CEST)

On Fri, 11 Oct 2002, Tyler Durden wrote:

  And indeed, in a world where most messages are fairly weakly encrypted,
  bursts of strongly-encrypted messages will stand out all the more and
  possibly flag the need for other methods of investigation.

Doesn't figure: while it's easy to screen for high information entropy
(archives have a signature), telling weak encryption from strong is
nontrivial, unless it's conveniently labeled, and you're limiting the
attack to a tiny fraction of the entire traffic, not realtime.

And of course you can package 'strong' encryption into a 'weak' encryption
envelope, so you will only know that 'strong' encryption has been used
after you've broken the 'weak' envelope.




_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx

Re: Echelon-like resources...

2002-10-13 Thread Eugen Leitl


On Sun, 13 Oct 2002, Tyler Durden wrote:

 And of course you can package 'strong' encryption into a 'weak' encryption 
 envelope, so you will only know that 'strong' encryption has been used after 
 you've broken the 'weak' envelope.
 
 Oh yeah. Interesting. Of course, this would be done only if the sender knew 
 or supected how mass-scanning might be done. And so the existence of another 

Come on, do the math. There's a lot of traffic travelling all over the
world right now. The volume still grows, albeit not at the projected
hyperexponential rate. Assuming you don't tap decentrally (because that
amount of hardware is a bit hard to hide, and thus hampered by such silly
things like warrants (even rubberstamped), and feds installing boxes in
ISPs racks and issuing gagging orders to abovementioned), you use the fact
that the network topology is mostly a tree (so make it a mesh, then), and
tap high speed lines (fiber). While I assume that there you can screen and
filter if it's cleartext with lots of dedicated hardware, you're
absolutely screwed if it's even 'weak' encryption. At these data rates
you'll have trouble even computing the entropy of the data stream as it
streams through your FIFO. Storing all of it is impractical, so you have
to restrict yourself to extremely targeted (by source/origin, or the tag,
assuming there is one).

 level of heavier encryption (see next paragraph) might be a tip off that 
 this is not simply a financial transaction.

1) while I haven't done the numbers I would say there's maybe 10-20% of 
   all traffic that is 'weak' encryption vs. 90-80% 'strong' encryption.
   Even if it's as bad as 50%/50% it is still completely irrelevant.

2) to tell whether there's something inside you have to break it. That's 
   why I consistenly say 'weak' instead of weak.
 
 But, it occurs to me that in some cases what might be done to determine the 
 presence of hard encryption is for hardward to attempt to decrypt it for a 
 certain fixed time, and if there's no success with X 
 minutes/hours/milliseconds or whatever, then one assigns a certain 

Or days, months, years, centuries, or whatever. On several megabucks worth
of hardware.

 probability that said message has been encrypted using something stronger 
 than the International version of Bogus Notes (for instance). But of course, 

Why should we concern ourselves with users of broken crypto? It's their
problem, not ours. Since they're but a fraction, the use of strong crypto
all by itself (assuming, you can tell, which is a high threhold) is not
incriminating.

 I'm willing to concede that at his point I'm talking completely out of my 
 arse. (That will change when I get time to do some real homework in this 
 area, however.)

Re: Echelon-like resources...

2002-10-13 Thread Bill Stewart


packaging strong crypto inside weak crypto
At 01:06 PM 10/13/2002 -0400, Tyler Durden wrote:
Oh yeah. Interesting. Of course, this would be done only.
if the sender knew or supected how mass-scanning might be done.
And so the existence of another level of heavier encryption ...
might be a tip off that this is not simply a financial transaction.

Back when the Feds were trying to tell us that we should be
patriotic loyal Americans and use weak crypto because it
helps in the fight against Communism and other spies,
they were making it clear that they *wanted* mass-scanning,
and were busy lobbying Congress to give them money for it
and also trying to get laws forcing phone companies to
make things easy for them to do much higher volumes of scanning
than the relatively limited amount they do now.

Also, financial transactions are the ones that most need strong crypto,
and have been most successful in getting permission to use it,
because everybody understands that bank robbery is Bad,
and credit card theft is Bad, and if banks and internet
credit card transactions were forced to use weak crypto,
Bad Guys could afford to build cracker machines on spec
and pay for them with what they steal.

This was especially the case after the EFF's DES cracker
demonstrated that $250,000 was enough for a couple-day crack.
But the Feds have been letting banks use DES for decades,
and triple-DES for a while, and Netscape's inclusion of
SSL in their browser was really the beginning of the end
for the crypto bans, and a brave move on their part,
especially since the difference between 40-bit and 128-bit RC4
is just how many of the bits you use in the key setup.
(You may not remember, but there was a program from fortify.net
that fixed 40-bit implementations of Netscape,
and there was even a one-liner Javascript signature-line program
that let you set Netscape to use 128 bits...

Re: Echelon-like resources...

2002-10-13 Thread R. A. Hettinga


At 10:52 AM -0700 on 10/13/02, Bill Stewart wrote:


 (You may not remember, but there was a program from fortify.net
 that fixed 40-bit implementations of Netscape,
 and there was even a one-liner Javascript signature-line program
 that let you set Netscape to use 128 bits...

Not to mention the plaintext settings imbedded in the Netscape *executable*.

...it took you long enough, said a Netscape cypherpunk at the time of its
discovery...

Cheers,
RAH
Who saw them making the t-shirts, with pasted text from the file itself at
FC97, complete with cypherpunks policy on it...

-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Echelon-like resources...

2002-10-11 Thread Harmon Seaver


On Fri, Oct 11, 2002 at 10:29:53AM -0400, Tyler Durden wrote:
 Harmon Seaver wrote...
 
Why the hell would anyone use lotus notes encryption for anything 
 whatsoever?
 
 Lotus Notes or whatever, of course. The point here is that larger 

   Or whatever? What makes you think that anyone can crack any of the strong
encryption? 


-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

War is just a racket ... something that is not what it seems to the
majority of people. Only a small group knows what its about. It is
conducted for the benefit of the very few at the expense of the
masses.  --- Major General Smedley Butler, 1933

Our overriding purpose, from the beginning through to the present
day, has been world domination - that is, to build and maintain the
capacity to coerce everybody else on the planet: nonviolently, if
possible, and violently, if necessary. But the purpose of US foreign
policy of domination is not just to make the rest of the world jump
through hoops; the purpose is to faciliate our exploitation of
resources.
- Ramsey Clark, former US Attorney General

Re: Echelon-like resources...

2002-10-11 Thread Tyler Durden


Harmon Seaver wrote...

Why the hell would anyone use lotus notes encryption for anything 
whatsoever?

Lotus Notes or whatever, of course. The point here is that larger 
organizations with decryption capabilities probably do not think on the 
message-by-message level very often, just like credit card companies and 
insurance agencies deal with their customers in statistical buckets.

It's also conceivable that a large variety of individuals, of varying levels 
of sophistication and education, catch wind of information the government 
may be interested in. Some of them may not feel or know that their message 
is of enough importance to go outside ofLotus Notes or whatever if they have 
it.






On Fri, Oct 11, 2002 at 09:37:52AM -0400, Tyler Durden wrote:
  OK, let's assume for the same of argument that it takes about 1 minute 
for
  Echelon/NSA-like resources to break a weakly encypted lotus notes 
message.
  And then let's assume that there's a whole LOT of these machines sitting
  somewhere.
 
  And as the grumpy Tim May has suggested, perhaps only a small fraction 
of
  encrypted messages are (or can be) sent for decryption.
 
  Then the expenditure of such resources is going to be a big statistical
  optimization problem, akin to that faced in the credit card industry 
(eg,
  in approving or declining a POS transaction).
 
  The gub'mint or whatever doing such monitoring will therefore probably 
look
  for certain signs that will kick off decryption. For instance, the 
sporadic
  use of cryptography in cetain demogrpahic areas might cause a % of those 
to
  be sent over for routine check, particularly if there is no encryption 
used
  by that populace, and then all of a sudden there are bursts.
 
  Also, changing the strength of encryption might be a kickoff, but again 
I
  reveal I am a newbie with this question: Is it possible to determine (at
  least approximately) the strength of encryption of an intercepted 
message?
 
  Then, if someone from, say, the b'Arbes neighborhood of Paris moves
  suddenly from weak to strong encryption in his messaging, that would 
kick
  off a flag somewhere sending that message for cracking.
 
  So if a bin Laden were smart, he should routinely use encryption for all 
of
  his messages, even the most trivial, because the change in pattern would 
be
  a tipoff to send his encrypted messages for hacking.
 
  And the there are probably less obvious, large-scale statistical 
patterns
  indicating something's up, and causing a % of such messages to be hacked
  and then sent for routine check for key words.
 
 
 
 
 
  From: Adam Back [EMAIL PROTECTED]
  To: Tyler Durden [EMAIL PROTECTED]
  CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
  Subject: Re: Echelon-like...
  Date: Thu, 10 Oct 2002 20:41:21 +0100
  
  Sounds about right.  64 bit crypto in the strong version (which is
  not that strong -- the distributed.net challenge recently broke a 64
  bit key), and in the export version 24 of those 64 bits were encrypted
  with an NSA backdoor key, leaving only 40 bits of key space for the
  NSA to bruteforce to recover messages.
  
  The NSA's backdoor public key is at the URL below.
  
 http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html
  
  (The public key had an Organization name of MiniTruth, and a Common
  Name of Big Brother -- both Orwell 1984 references, presumably by
  a lotus programmer).
  
  Adam
  
  On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote:
   I assume everyone knows the little arrangement that lotus
   reached with the NSA over its encrypted secure email?
  
   I'm new here, so do tell if I am wrong. Are you referring to the two
  levels
   of Encryption available in Bogus Notes? (ie, the North American and 
the
   International, the International being legal for export.)
   At one of my previous employers, we were told the (apocryphal?) story 
of
   some dude who got arrested on an airplane for having the more secure
  version
   of Notes on his laptop.
  
  
  
   From: David Howe [EMAIL PROTECTED]
   To: Email List: Cypherpunks [EMAIL PROTECTED]
   Subject: Re: Echelon-like...
   Date: Thu, 10 Oct 2002 18:38:36 +0100
   
   On Wednesday, October 9, 2002, at 07:28  PM, anonimo arancio wrote:
 The basic argument is that, if good encryption is available 
overseas
 or easily downloadable, it doesn't make sense to make export of 
it
 illegal.
   Nope. The biggest name in software right now is Microsoft, who 
wasn't
   willing to face down the government on this. no export version of a
   Microsoft product had decent crypto while the export regulations 
were
  in
   force - and the situation is pretty poor even now. If microsoft were
   free to compete in this area (and lotus, of notes fame) then decent
   security *built into* the operating system, the desktop document 
suite
   or the email package - and life would get a lot, lot worse for the
   spooks.  I assume everyone knows the little arrangement that lotus

Re: Echelon-like...

2002-10-11 Thread David Howe


Trei, Peter [EMAIL PROTECTED] wrote:
 It was Sweden. They didn't really have an excuse - over a year
earlier,
 Lotus announced their International version with details of the
Work
 Factor Reduction Field at the RSA Conference. I immediately invented
 the term 'espionage enabled' to describe this feature, a term which
has
 entered the crypto lexicon.
Indeed so, yes - If my memory isn't failing me though, their excuse
was that the lotus salesdroid they had awarded the contract to hadn't
disclosed it to them in his bid and in fact, the original tender had
specified *secure* encryption, not *secure, except for the american spy
industry*. I don't know enough sweedish to even attempt a google on it
though :)

RE: Echelon-like...

2002-10-11 Thread Trei, Peter


 David Howe[SMTP:[EMAIL PROTECTED]]
 
  I assume everyone knows the little arrangement that lotus
  reached with the NSA over its encrypted secure email?
  I'm new here, so do tell if I am wrong. Are you referring to the two
 levels
  of Encryption available in Bogus Notes?
 More or less, yes. Lotus knew nobody would buy a 40 bit version of their
 crypto, so there is a two-level encryption all right, but not along
 those lines - in the export version, some of the session key is
 encrypted using a PKI work reduction factor key in the message header;
 this section of header is important, as lotus gateways won't accept
 messages that have had it disturbed. by decoding this block, the NSA
 have the actual keysize they need to block reduced to the legal export
 level of 40 bits; one government found this out *after* rolling it out
 to all their billing and contract negotiation departments... belgum or
 sweden by memory . Lotus thought it would be ok if only the NSA (and
 other US government orgs) could break the key, rather than letting
 everyone have an equal chance (and indeed, letting their customers know
 their crypto was still only 40 bit vs USA intel agencies)
 Still, even the domestic version was only 64 bits, which is painfully
 small even by the standards of the day. certainly, even strong lotus
 could have been crackable by the NSA, who after all own their own fab
 plant to make custom VLSI cracking chips.
 
It was Sweden. They didn't really have an excuse - over a year earlier,
Lotus announced their International version with details of the Work
Factor Reduction Field at the RSA Conference. I immediately invented
the term 'espionage enabled' to describe this feature, a term which has
entered the crypto lexicon.

Peter Trei

Re: Echelon-like...

2002-10-11 Thread Tyler Durden


So as a follow on question...what kind of hardware does it take to break the 
weak and strong versions of Bogus Notes? Is it possible that NSA or Echelon 
have the ability to decode a large number of such messages?

And if the amount of hardware needed to break the strong version is 
significantly greater than that required to break the weak version, then the 
government's attempts to restrict any proliferation or use of the stronger 
version could make sense, from their standpoint.

But as was said before, this may have been discussed here previously.






From: David Howe [EMAIL PROTECTED]
To: Email List: Cypherpunks [EMAIL PROTECTED]
Subject: Re: Echelon-like...
Date: Thu, 10 Oct 2002 20:01:12 +0100

  I assume everyone knows the little arrangement that lotus
  reached with the NSA over its encrypted secure email?
  I'm new here, so do tell if I am wrong. Are you referring to the two
levels
  of Encryption available in Bogus Notes?
More or less, yes. Lotus knew nobody would buy a 40 bit version of their
crypto, so there is a two-level encryption all right, but not along
those lines - in the export version, some of the session key is
encrypted using a PKI work reduction factor key in the message header;
this section of header is important, as lotus gateways won't accept
messages that have had it disturbed. by decoding this block, the NSA
have the actual keysize they need to block reduced to the legal export
level of 40 bits; one government found this out *after* rolling it out
to all their billing and contract negotiation departments... belgum or
sweden by memory . Lotus thought it would be ok if only the NSA (and
other US government orgs) could break the key, rather than letting
everyone have an equal chance (and indeed, letting their customers know
their crypto was still only 40 bit vs USA intel agencies)
Still, even the domestic version was only 64 bits, which is painfully
small even by the standards of the day. certainly, even strong lotus
could have been crackable by the NSA, who after all own their own fab
plant to make custom VLSI cracking chips.




_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx

Re: Echelon-like resources...

2002-10-11 Thread Tyler Durden


Or whatever? What makes you think that anyone can crack any of the strong 
encryption?

I don't think they can. But your point seems to miss my own point. There 
will certainly be a certain number of uncrackable mesages out there (as a 
trained physicist I am fairly certain that even military quantum computing 
efforts are nowhere near theability to crack strongly encrypted messages). 
But there will also be a large number of less-strongly and even weakly 
encrypted messages being sent out there. Various agencies with large amounts 
of hardware will be looking at this as a statisitcal/logistic issue...I 
strongly doubt they only attempt cracking on a message-by-message basis.

And indeed, in a world where most messages are fairly weakly encrypted, 
bursts of strongly-encrypted messages will stand out all the more and 
possibly flag the need for other methods of investigation.

Which returns to my original point: the easy availability of strong crypto 
products does not mean it is unprofitable for an agency to continue to push 
populations towards lighter forms of encryption.





From: Harmon Seaver [EMAIL PROTECTED]
To: Tyler Durden [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Echelon-like resources...
Date: Fri, 11 Oct 2002 09:39:01 -0500

On Fri, Oct 11, 2002 at 10:29:53AM -0400, Tyler Durden wrote:
  Harmon Seaver wrote...
 
 Why the hell would anyone use lotus notes encryption for anything
  whatsoever?
 
  Lotus Notes or whatever, of course. The point here is that larger

Or whatever? What makes you think that anyone can crack any of the 
strong
encryption?


--
Harmon Seaver
CyberShamanix
http://www.cybershamanix.com

War is just a racket ... something that is not what it seems to the
majority of people. Only a small group knows what its about. It is
conducted for the benefit of the very few at the expense of the
masses.  --- Major General Smedley Butler, 1933

Our overriding purpose, from the beginning through to the present
day, has been world domination - that is, to build and maintain the
capacity to coerce everybody else on the planet: nonviolently, if
possible, and violently, if necessary. But the purpose of US foreign
policy of domination is not just to make the rest of the world jump
through hoops; the purpose is to faciliate our exploitation of
resources.
- Ramsey Clark, former US Attorney General




_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com

Re: Echelon-like...

2002-10-11 Thread Adam Back


Sounds about right.  64 bit crypto in the strong version (which is
not that strong -- the distributed.net challenge recently broke a 64
bit key), and in the export version 24 of those 64 bits were encrypted
with an NSA backdoor key, leaving only 40 bits of key space for the
NSA to bruteforce to recover messages.

The NSA's backdoor public key is at the URL below.

http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html

(The public key had an Organization name of MiniTruth, and a Common
Name of Big Brother -- both Orwell 1984 references, presumably by
a lotus programmer).

Adam

On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote:
 I assume everyone knows the little arrangement that lotus
 reached with the NSA over its encrypted secure email?
 
 I'm new here, so do tell if I am wrong. Are you referring to the two levels 
 of Encryption available in Bogus Notes? (ie, the North American and the 
 International, the International being legal for export.)
 At one of my previous employers, we were told the (apocryphal?) story of 
 some dude who got arrested on an airplane for having the more secure version 
 of Notes on his laptop.
 
 
 
 From: David Howe [EMAIL PROTECTED]
 To: Email List: Cypherpunks [EMAIL PROTECTED]
 Subject: Re: Echelon-like...
 Date: Thu, 10 Oct 2002 18:38:36 +0100
 
 On Wednesday, October 9, 2002, at 07:28  PM, anonimo arancio wrote:
   The basic argument is that, if good encryption is available overseas
   or easily downloadable, it doesn't make sense to make export of it
   illegal.
 Nope. The biggest name in software right now is Microsoft, who wasn't
 willing to face down the government on this. no export version of a
 Microsoft product had decent crypto while the export regulations were in
 force - and the situation is pretty poor even now. If microsoft were
 free to compete in this area (and lotus, of notes fame) then decent
 security *built into* the operating system, the desktop document suite
 or the email package - and life would get a lot, lot worse for the
 spooks.  I assume everyone knows the little arrangement that lotus
 reached with the NSA over its encrypted secure email?

Re: Echelon-like resources...

2002-10-11 Thread Harmon Seaver


   Why the hell would anyone use lotus notes encryption for anything whatsoever?


On Fri, Oct 11, 2002 at 09:37:52AM -0400, Tyler Durden wrote:
 OK, let's assume for the same of argument that it takes about 1 minute for 
 Echelon/NSA-like resources to break a weakly encypted lotus notes message. 
 And then let's assume that there's a whole LOT of these machines sitting 
 somewhere.
 
 And as the grumpy Tim May has suggested, perhaps only a small fraction of 
 encrypted messages are (or can be) sent for decryption.
 
 Then the expenditure of such resources is going to be a big statistical 
 optimization problem, akin to that faced in the credit card industry (eg, 
 in approving or declining a POS transaction).
 
 The gub'mint or whatever doing such monitoring will therefore probably look 
 for certain signs that will kick off decryption. For instance, the sporadic 
 use of cryptography in cetain demogrpahic areas might cause a % of those to 
 be sent over for routine check, particularly if there is no encryption used 
 by that populace, and then all of a sudden there are bursts.
 
 Also, changing the strength of encryption might be a kickoff, but again I 
 reveal I am a newbie with this question: Is it possible to determine (at 
 least approximately) the strength of encryption of an intercepted message?
 
 Then, if someone from, say, the b'Arbes neighborhood of Paris moves 
 suddenly from weak to strong encryption in his messaging, that would kick 
 off a flag somewhere sending that message for cracking.
 
 So if a bin Laden were smart, he should routinely use encryption for all of 
 his messages, even the most trivial, because the change in pattern would be 
 a tipoff to send his encrypted messages for hacking.
 
 And the there are probably less obvious, large-scale statistical patterns 
 indicating something's up, and causing a % of such messages to be hacked 
 and then sent for routine check for key words.
 
 
 
 
 
 From: Adam Back [EMAIL PROTECTED]
 To: Tyler Durden [EMAIL PROTECTED]
 CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
 Subject: Re: Echelon-like...
 Date: Thu, 10 Oct 2002 20:41:21 +0100
 
 Sounds about right.  64 bit crypto in the strong version (which is
 not that strong -- the distributed.net challenge recently broke a 64
 bit key), and in the export version 24 of those 64 bits were encrypted
 with an NSA backdoor key, leaving only 40 bits of key space for the
 NSA to bruteforce to recover messages.
 
 The NSA's backdoor public key is at the URL below.
 
  http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html
 
 (The public key had an Organization name of MiniTruth, and a Common
 Name of Big Brother -- both Orwell 1984 references, presumably by
 a lotus programmer).
 
 Adam
 
 On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote:
  I assume everyone knows the little arrangement that lotus
  reached with the NSA over its encrypted secure email?
 
  I'm new here, so do tell if I am wrong. Are you referring to the two 
 levels
  of Encryption available in Bogus Notes? (ie, the North American and the
  International, the International being legal for export.)
  At one of my previous employers, we were told the (apocryphal?) story of
  some dude who got arrested on an airplane for having the more secure 
 version
  of Notes on his laptop.
 
 
 
  From: David Howe [EMAIL PROTECTED]
  To: Email List: Cypherpunks [EMAIL PROTECTED]
  Subject: Re: Echelon-like...
  Date: Thu, 10 Oct 2002 18:38:36 +0100
  
  On Wednesday, October 9, 2002, at 07:28  PM, anonimo arancio wrote:
The basic argument is that, if good encryption is available overseas
or easily downloadable, it doesn't make sense to make export of it
illegal.
  Nope. The biggest name in software right now is Microsoft, who wasn't
  willing to face down the government on this. no export version of a
  Microsoft product had decent crypto while the export regulations were 
 in
  force - and the situation is pretty poor even now. If microsoft were
  free to compete in this area (and lotus, of notes fame) then decent
  security *built into* the operating system, the desktop document suite
  or the email package - and life would get a lot, lot worse for the
  spooks.  I assume everyone knows the little arrangement that lotus
  reached with the NSA over its encrypted secure email?
 
 
 
 
 _
 MSN Photos is the easiest way to share and print your photos: 
 http://photos.msn.com/support/worldwide.aspx

-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

War is just a racket ... something that is not what it seems to the
majority of people. Only a small group knows what its about. It is
conducted for the benefit of the very few at the expense of the
masses.  --- Major General Smedley Butler, 1933

Our overriding purpose, from the beginning through to the present
day, has been world domination - that is, to build and maintain the
capacity to coerce

Re: Echelon-like resources...

2002-10-11 Thread Tyler Durden


OK, let's assume for the same of argument that it takes about 1 minute for 
Echelon/NSA-like resources to break a weakly encypted lotus notes message. 
And then let's assume that there's a whole LOT of these machines sitting 
somewhere.

And as the grumpy Tim May has suggested, perhaps only a small fraction of 
encrypted messages are (or can be) sent for decryption.

Then the expenditure of such resources is going to be a big statistical 
optimization problem, akin to that faced in the credit card industry (eg, in 
approving or declining a POS transaction).

The gub'mint or whatever doing such monitoring will therefore probably look 
for certain signs that will kick off decryption. For instance, the sporadic 
use of cryptography in cetain demogrpahic areas might cause a % of those to 
be sent over for routine check, particularly if there is no encryption used 
by that populace, and then all of a sudden there are bursts.

Also, changing the strength of encryption might be a kickoff, but again I 
reveal I am a newbie with this question: Is it possible to determine (at 
least approximately) the strength of encryption of an intercepted message?

Then, if someone from, say, the b'Arbes neighborhood of Paris moves suddenly 
from weak to strong encryption in his messaging, that would kick off a flag 
somewhere sending that message for cracking.

So if a bin Laden were smart, he should routinely use encryption for all of 
his messages, even the most trivial, because the change in pattern would be 
a tipoff to send his encrypted messages for hacking.

And the there are probably less obvious, large-scale statistical patterns 
indicating something's up, and causing a % of such messages to be hacked and 
then sent for routine check for key words.





From: Adam Back [EMAIL PROTECTED]
To: Tyler Durden [EMAIL PROTECTED]
CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Echelon-like...
Date: Thu, 10 Oct 2002 20:41:21 +0100

Sounds about right.  64 bit crypto in the strong version (which is
not that strong -- the distributed.net challenge recently broke a 64
bit key), and in the export version 24 of those 64 bits were encrypted
with an NSA backdoor key, leaving only 40 bits of key space for the
NSA to bruteforce to recover messages.

The NSA's backdoor public key is at the URL below.

   http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html

(The public key had an Organization name of MiniTruth, and a Common
Name of Big Brother -- both Orwell 1984 references, presumably by
a lotus programmer).

Adam

On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote:
  I assume everyone knows the little arrangement that lotus
  reached with the NSA over its encrypted secure email?
 
  I'm new here, so do tell if I am wrong. Are you referring to the two 
levels
  of Encryption available in Bogus Notes? (ie, the North American and the
  International, the International being legal for export.)
  At one of my previous employers, we were told the (apocryphal?) story of
  some dude who got arrested on an airplane for having the more secure 
version
  of Notes on his laptop.
 
 
 
  From: David Howe [EMAIL PROTECTED]
  To: Email List: Cypherpunks [EMAIL PROTECTED]
  Subject: Re: Echelon-like...
  Date: Thu, 10 Oct 2002 18:38:36 +0100
  
  On Wednesday, October 9, 2002, at 07:28  PM, anonimo arancio wrote:
The basic argument is that, if good encryption is available overseas
or easily downloadable, it doesn't make sense to make export of it
illegal.
  Nope. The biggest name in software right now is Microsoft, who wasn't
  willing to face down the government on this. no export version of a
  Microsoft product had decent crypto while the export regulations were 
in
  force - and the situation is pretty poor even now. If microsoft were
  free to compete in this area (and lotus, of notes fame) then decent
  security *built into* the operating system, the desktop document suite
  or the email package - and life would get a lot, lot worse for the
  spooks.  I assume everyone knows the little arrangement that lotus
  reached with the NSA over its encrypted secure email?




_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx

Re: Echelon-like resources...

2002-10-11 Thread Greg Broiles

At 10:54 AM 10/11/2002 -0400, Tyler Durden wrote:


Which returns to my original point: the easy availability of strong 
crypto products does not mean it is unprofitable for an agency to continue 
to push populations towards lighter forms of encryption.

Assuming that the agency's goal is to maximize surveillance returns and 
that they're unconcerned with security generally, yes, you're right.

So?


--
Greg Broiles -- [EMAIL PROTECTED] -- PGP 0x26E4488c or 0x94245961

Re: Echelon-like...

2002-10-10 Thread David Howe


 I assume everyone knows the little arrangement that lotus
 reached with the NSA over its encrypted secure email?
 I'm new here, so do tell if I am wrong. Are you referring to the two
levels
 of Encryption available in Bogus Notes?
More or less, yes. Lotus knew nobody would buy a 40 bit version of their
crypto, so there is a two-level encryption all right, but not along
those lines - in the export version, some of the session key is
encrypted using a PKI work reduction factor key in the message header;
this section of header is important, as lotus gateways won't accept
messages that have had it disturbed. by decoding this block, the NSA
have the actual keysize they need to block reduced to the legal export
level of 40 bits; one government found this out *after* rolling it out
to all their billing and contract negotiation departments... belgum or
sweden by memory . Lotus thought it would be ok if only the NSA (and
other US government orgs) could break the key, rather than letting
everyone have an equal chance (and indeed, letting their customers know
their crypto was still only 40 bit vs USA intel agencies)
Still, even the domestic version was only 64 bits, which is painfully
small even by the standards of the day. certainly, even strong lotus
could have been crackable by the NSA, who after all own their own fab
plant to make custom VLSI cracking chips.

Re: Echelon-like...

2002-10-10 Thread Sunder


B

--Kaos-Keraunos-Kybernetos---
 + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\
  \|/  :and didn't stop 9-11|share them, you don't hang them on your/\|/\
--*--:Instead of rewarding|monitor, or under your keyboard, you   \/|\/
  /|\  :their failures, we  |don't email them, or put them on a web  \|/
 + v + :should get refunds! |site, and you must change them very often.
[EMAIL PROTECTED] http://www.sunder.net 

On 10 Oct 2002, anonimo arancio wrote:

 This relates to an issue I've wanted to discuss with Cypherpunks for several years.
 Over the years, I've seen several commentators (including Timothy May) appear 
suprised when discussing the US's encryption export policies.
 The basic argument is that, if good encryption is available overseas or easily 
downloadable, it doesn't make sense to make export of it illegal.
 
 Is the above statement a) wrong, b) obvious c) mentioned previously on the 
cypherpunks boards, or d)hey! We never thought of that

Re: Echelon-like...

2002-10-10 Thread Tyler Durden


I assume everyone knows the little arrangement that lotus
reached with the NSA over its encrypted secure email?

I'm new here, so do tell if I am wrong. Are you referring to the two levels 
of Encryption available in Bogus Notes? (ie, the North American and the 
International, the International being legal for export.)
At one of my previous employers, we were told the (apocryphal?) story of 
some dude who got arrested on an airplane for having the more secure version 
of Notes on his laptop.



From: David Howe [EMAIL PROTECTED]
To: Email List: Cypherpunks [EMAIL PROTECTED]
Subject: Re: Echelon-like...
Date: Thu, 10 Oct 2002 18:38:36 +0100

On Wednesday, October 9, 2002, at 07:28  PM, anonimo arancio wrote:
  The basic argument is that, if good encryption is available overseas
  or easily downloadable, it doesn't make sense to make export of it
  illegal.
Nope. The biggest name in software right now is Microsoft, who wasn't
willing to face down the government on this. no export version of a
Microsoft product had decent crypto while the export regulations were in
force - and the situation is pretty poor even now. If microsoft were
free to compete in this area (and lotus, of notes fame) then decent
security *built into* the operating system, the desktop document suite
or the email package - and life would get a lot, lot worse for the
spooks.  I assume everyone knows the little arrangement that lotus
reached with the NSA over its encrypted secure email?




_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com

Re: Echelon-like...

2002-10-10 Thread David Howe


On Wednesday, October 9, 2002, at 07:28  PM, anonimo arancio wrote:
 The basic argument is that, if good encryption is available overseas
 or easily downloadable, it doesn't make sense to make export of it
 illegal.
Nope. The biggest name in software right now is Microsoft, who wasn't
willing to face down the government on this. no export version of a
Microsoft product had decent crypto while the export regulations were in
force - and the situation is pretty poor even now. If microsoft were
free to compete in this area (and lotus, of notes fame) then decent
security *built into* the operating system, the desktop document suite
or the email package - and life would get a lot, lot worse for the
spooks.  I assume everyone knows the little arrangement that lotus
reached with the NSA over its encrypted secure email?

Re: Echelon-like...

2002-10-10 Thread Eric Murray


On Thu, Oct 10, 2002 at 02:28:26AM -, anonimo arancio wrote:
[..]

 But I am wondering if Cypherpunks have mentioned the 'obvious'.
 
 The government knows exactly what it's doing. It wants to discourage the use of 
encryption by any means necessary, because of sheer numbers.
 Basically, the more messages that are encypted, the more hardware (and therefore 
$$$) will be needed to decrypt them.
 Therefore, the only way they can stay ahead of the game is to keep the numbers as 
low as possible, so they can continue to outspend the problem.
 This is, from their perspective, a perfectly reasonable approach to decrypting large 
numbers of messages, a small fraction of which may contain interesting information.
 
 Is the above statement a) wrong, b) obvious c) mentioned previously on the 
cypherpunks boards, or d)hey! We never thought of that


B and C, extensively.

The US Government has pretty much given up on restricting crypto
exports.  There is just enough of a vestigial restriction there to
maintain the illusion that the government has a right to control crypto
exports.  If there was anything more, it would be challenged in court
and most likely get thrown out.  The government backed off on
previous challenges (Bernstein, Zimmerman) to avoid that.

Eric

Re: Echelon-like...

2002-10-10 Thread Major Variola (ret)


Not only is EM correct, but:
* many attacks are possible without worrying about keylength.  Got
Scarfo?
* NIST/NSA picked the lamest AES.  If I told you what lame meant, I'd
have to kill you.
* (Lack of) User motivation (related to man-machine issues) is still the
spooks' best friend.  As
well as legacy systems, and inadequately designed total systems.  Got
Redmond?

However, stego and decent opsec and cash and leo buffoonery still let
you coordinate the occasional urban skyline
reconstruction, poking holes in boats, etc.  Got Dead Drops?  Mr.
Hanssen?  Mr Ames?



At 08:09 AM 10/10/02 -0700, Eric Murray wrote:
On Thu, Oct 10, 2002 at 02:28:26AM -, anonimo arancio wrote:
 The government knows exactly what it's doing. It wants to discourage
the use of encryption by any means necessary, because of sheer numbers.
 Basically, the more messages that are encypted, the more hardware
(and therefore $$$) will be needed to decrypt them.
 Therefore, the only way they can stay ahead of the game is to keep
the numbers as low as possible, so they can continue to outspend the
problem.
 This is, from their perspective, a perfectly reasonable approach to
decrypting large numbers of messages, a small fraction of which may
contain interesting information.

 Is the above statement a) wrong, b) obvious c) mentioned previously
on the cypherpunks boards, or d)hey! We never thought of that


B and C, extensively.

The US Government has pretty much given up on restricting crypto
exports.  There is just enough of a vestigial restriction there to
maintain the illusion that the government has a right to control crypto

exports.  If there was anything more, it would be challenged in court
and most likely get thrown out.  The government backed off on
previous challenges (Bernstein, Zimmerman) to avoid that.

Eric

Re: Echelon-like...

2002-10-10 Thread Sarad AV


hi,

  The government knows exactly what it's doing. It
 wants to discourage the use of encryption by any
 means necessary, because of sheer numbers.

Does n't govt intervension always increase the
numbers?

  Basically, the more messages that are encypted,
 the more hardware (and therefore $$$) will be needed
 to decrypt them.
  Therefore, the only way they can stay ahead of the
 game is to keep the numbers as low as possible, so
 they can continue to outspend the problem.

Why don't we have encrypted spams over the internet
rather than plain text spam ?Thats one way we can all
benefit frm spam.

 


 The US Government has pretty much given up on
 restricting crypto
 exports. 

Why did that happen?


Regards Sarath.

__
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos  More
http://faith.yahoo.com

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like...

RE: Echelon-like...

Re: Echelon-like...

Re: Echelon-like resources...

Re: Echelon-like...

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like resources...

Re: Echelon-like...

Re: Echelon-like...

Re: Echelon-like...

Re: Echelon-like...

Re: Echelon-like...

Re: Echelon-like...

Re: Echelon-like...

22 matches

Site Navigation

Mail list logo

Footer information