Re: NSA back doors in encryption products

At 05:39 AM 5/27/00, Steven M. Bellovin wrote: >That's tricky, too, since the Constitution provides the *defense* with >a guarantee of open trials. At most, there are laws to prevent >"greymail", where the defense threatens to reveal something sensitive. >In that case, the judge reviews its relev

Re: NSA back doors in encryption products

> IIRC, Technically, it won't catch use of Carmichael numbers, but > there aren't a lot of those. In the same sense that there aren't a lot of integers, yes.

Re: NSA back doors in encryption products

Sergio Tabanelli <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; John Young <[EMAIL PROTECTED]> Date: martedì 30 maggio 2000 5.55 Subject: Re: NSA back doors in encryption products > >Sergio Tabanelli wrote: > >> Maybe this is not so important,

Re: NSA back doors in encryption products

Sergio Tabanelli wrote: > Maybe this is not so important, but I have to repeat that in W2K OS the > NSAKEY is still present but not used. All CSPs are verified only with the > primary key and if the verification process fails the CSP module is > discarded without any further verification. T

Re: NSA back doors in encryption products

Message- From: John Young <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: venerdì 26 maggio 2000 14.09 Subject: Re: NSA back doors in encryption products >Duncan Campbell has provided his latest exchanges with >Microsoft on the NSA_key, which Microsoft h

Re: NSA back doors in encryption products

At 05:54 AM 5/27/00 +0100, Ben Laurie wrote: >David Honig wrote: >> >> >> Yes but *once* you've verified the RTL (and from them the masks) >> you don't have to worry about some stray applet hosing your security. >> You do with software. > >Errr ... you do with an FPGA, surely? Yep. By definiti

Re: NSA back doors in encryption products

At 02:39 PM 5/26/00 -0500, Jim Choate wrote: > > >No, you don't. Sign the source and binaries. > And you trust the software that verifies the signatures why?

Re: NSA back doors in encryption products

At 8:39 AM -0400 5/27/2000, Steven M. Bellovin wrote: >In message , "Arnold G. >Reinhold" writes: > >>o There is the proposed legislation I cited earlier to protect these >>methods from being revealed in court. These are not aimed at news >>reports (that wou

Re: NSA back doors in encryption products

In message , "Arnold G. Reinhold" writes: >At 11:17 AM -0500 5/25/2000, Rick Smith wrote: >o There is the proposed legislation I cited earlier to protect these >methods from being revealed in court. These are not aimed at news >reports (that would never g

Re: NSA back doors in encryption products

Jim Choate writes: > No, you don't. Sign the source and binaries. You trust your secure hash reporting you the truth? Duh.

Re: NSA back doors in encryption products

David Honig wrote: > > At 09:54 PM 5/24/00 -0500, Jim Choate wrote: > >As to inserting a trapdoor in an FPGA, I don't see any reason at all that > >a trapdoor can't be inserted with the appropriate understanding of the > >state space and chosing a rare state to trigger your bypass. > > Yes but *

Re: NSA back doors in encryption products

On Fri, 26 May 2000, David Honig wrote: > At 09:54 PM 5/24/00 -0500, Jim Choate wrote: > >As to inserting a trapdoor in an FPGA, I don't see any reason at all that > >a trapdoor can't be inserted with the appropriate understanding of the > >state space and chosing a rare state to trigger your by

Re: NSA back doors in encryption products - "gaming the system"

> ... I cannot conceive that the NSA or some even blacker > agency of the US intelligence community has not obtained a complete set > of source code for all major releases and upgrades of Windows and > NT/2000 and probably many major MS applications. He's right, and not just for Windows... Under

Re: NSA back doors in encryption products

Bill Stewart wrote: > > At 02:08 PM 05/24/2000 +0100, Ben Laurie wrote: > >John Gilmore wrote: > >> Anybody tested the primes in major products lately? > >Interesting point ... of course, these days one can produce checkable > >certificates of primality - but I'm not aware of any free software to

Re: NSA back doors in encryption products

Conspiracy theories are irresistable labor-saving devices in the face of complexity. -- Henry Louis Gates, speaking of OJ Simpson --dan

Re: NSA back doors in encryption products

At 12:39 AM 5/25/00 -0700, Eugene Leitl wrote: >less bits to look at than your average Unix box. Can one prove >behaviour of small VHDL circuits these days, anyone knows? You can prove that two descriptions (e.g., C & RTL & gates) are functionally equivalent; harder to prove they don't do anythin

Re: NSA back doors in encryption products

At 02:08 PM 05/24/2000 +0100, Ben Laurie wrote: >John Gilmore wrote: >> Anybody tested the primes in major products lately? >Interesting point ... of course, these days one can produce checkable >certificates of primality - but I'm not aware of any free software to do >it ... is there any? There'

Re: NSA back doors in encryption products

At 11:17 AM -0500 5/25/2000, Rick Smith wrote: > >As usual with such discussions, lots of traffic hides substantial amounts >of agreement with touches of disagreement. Agreed. Let me summarize what I am trying to say. Then maybe it is time to move on. 1. I think citizen access to strong crypt

Re: NSA back doors in encryption products

Jim Choate writes: > > Also, it is hard to insert a trapdoor into an FPGA. OpenSource hardware. > > All of it using software. You're aware of of difficulties repeating the compiler/login trojaning trick when you're doing metacompiling, are you? It's not that it can't be done, but it is so m

Re: NSA back doors in encryption products

At 09:54 PM 5/24/00 -0500, Jim Choate wrote: >As to inserting a trapdoor in an FPGA, I don't see any reason at all that >a trapdoor can't be inserted with the appropriate understanding of the >state space and chosing a rare state to trigger your bypass. Yes but *once* you've verified the RTL (and

RE: NSA back doors in encryption products

From: "Minow, Martin" <[EMAIL PROTECTED]> Jim Choate writes: > Bull, the hardware companies aren't any more trustworthy. I've been recommending the Dallas Semiconductor "iButton" for secure storage. The Java version also lets you implement your own on-chip algorithms

Re: NSA back doors in encryption products

Rick Smith wrote: > What if we examine the RNG's binary implementation as well as its output? > Consider what happened to the weak Netscape RNG. > > Given that, how would one go about constructing a broken RNG that would > resist detection? I'm not saying it's impossible, but the strategy isn't >

Re: NSA back doors in encryption products

At 09:12 AM 05/25/2000 -0700, David Honig wrote: >Your data still goes through an operating system, etc., so the >real issue is a closed system: encrypt on a PDA which is under your >close personal control and does not download new executables. Let your >untrustworthy networked-PC be merely its

Re: NSA back doors in encryption products

At 06:42 PM 5/24/00 -0500, Jim Choate wrote: > >On Wed, 24 May 2000, Eugene Leitl wrote: >>The prudent assumption is hence: your online system >> can't be completely trusted, whether OpenSource, or not. Encryption >> should be done in hardware. > >Bull, the hardware companies aren't any more trus

Re: NSA back doors in encryption products

At 05:41 PM 5/24/00 -0700, Eugene Leitl wrote: > >True. You can always validate a few from a batch by plasma etching the >device, and trace the structures on an electromicrograph (some EMs >allow you to observe the device in operation). NB: IBM has a way of viewing IR emitted by switching transis

Re: NSA back doors in encryption products

At 10:10 PM 05/24/2000 -0400, Arnold G. Reinhold wrote: >Maybe this is where our outlooks differ the most. I view a >"localized thing with limited effects" as *more* sophisticated than >some big lump of snuck-in code that searches your hard drive and >sends periodic e-mail to [EMAIL PROTECTED

Re: NSA back doors in encryption products

Duncan Campbell has provided his latest exchanges with Microsoft on the NSA_key, which Microsoft has now refused to continue (see letter below): http://cryptome.org/nsakey-ms-dc.htm I have mentioned this thread to him and he welcomes comments/critique on the Microsoft exchange: [EMAIL PRO

Re: NSA back doors in encryption products

On Thu, 25 May 2000, Eugene Leitl wrote: > Jim Choate writes: > > > Trying to avoid software compromises by using hardware is impossible since > > you can't build the hardware without software. > > The point is to put the sensitive area (key ring, crypto engine) into > a small, isolated syst

Re: NSA back doors in encryption products

At 06:42 PM 05/24/2000 -0500, Jim Choate wrote: > >On Wed, 24 May 2000, Eugene Leitl wrote: > >> Rick Smith writes: >> >> If NSA/MS are not doing it, they must be pretty stupid, because I'd do >> it in their place. The prudent assumption is hence: your online system >> can't be completely truste

Re: NSA back doors in encryption products

Enzo Michelangeli writes: > And why should we trust hardware implementations, which are even more opaque > to analysis than binary-only software? It is harder to analyze (mostly, because you can't look at it easily, and can't trust what it tells about its inner state), but it has much less bits

Re: NSA back doors in encryption products

Jim Choate writes: > Trying to avoid software compromises by using hardware is impossible since > you can't build the hardware without software. The point is to put the sensitive area (key ring, crypto engine) into a small, isolated system which can't be easily compromised by a remote exploit.

Re: NSA back doors in encryption products

In article <[EMAIL PROTECTED]>, John Gilmore <[EMAIL PROTECTED]> wrote: > I have a well-founded rumor that a major Silicon Valley company was > approached by NSA in the '90s with a proposal to insert a deliberate > security bug into their products. They declined when they realized > that an alle

Re: NSA back doors in encryption products

On Wed, May 24, 2000 at 04:09:45PM -0500, Rick Smith wrote: > Before continuing, let me state my three opinions that this is based on: > > 1) There is a non-zero risk of backdoors in commercial software, but the > perpetrators are as likely (IMHO more likely) to be outside parties and not > US ag

Re: NSA back doors in encryption products

On Wed, May 24, 2000 at 04:09:45PM -0500, Rick Smith wrote: > The problem is that you're talking about finding some people with top-notch > software development skills that can believably be inserted into Microsoft > under deep cover. They'd have to be able to pursue their backdoor > installation

Re: NSA back doors in encryption products

On Wed, 24 May 2000, Eugene Leitl wrote: > Jim Choate writes: > > > Bull, the hardware companies aren't any more trustworthy. > > True. You can always validate a few from a batch by plasma etching the > device, and trace the structures on an electromicrograph (some EMs > allow you to observe

Re: NSA back doors in encryption products

At 4:09 PM -0500 5/24/2000, Rick Smith wrote: >Before continuing, let me state my three opinions that this is based on: > >1) There is a non-zero risk of backdoors in commercial software, but the >perpetrators are as likely (IMHO more likely) to be outside parties and not >US agencies like NSA. G

Re: NSA back doors in encryption products

On Wed, 24 May 2000, Eugene Leitl wrote: > Rick Smith writes: > > If NSA/MS are not doing it, they must be pretty stupid, because I'd do > it in their place. The prudent assumption is hence: your online system > can't be completely trusted, whether OpenSource, or not. Encryption > should be do

Re: NSA back doors in encryption products

d" <[EMAIL PROTECTED]>; "John Gilmore" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, May 25, 2000 7:41 Subject: Re: NSA back doors in encryption products > Rick Smith writes: > > > 3) A more sophisticated backdoor

Re: NSA back doors in encryption products

Jim Choate writes: > Bull, the hardware companies aren't any more trustworthy. True. You can always validate a few from a batch by plasma etching the device, and trace the structures on an electromicrograph (some EMs allow you to observe the device in operation). Also, it is hard to insert a t

Re: NSA back doors in encryption products

Rick Smith writes: > 3) A more sophisticated backdoor in Windows would involve a lot of people > who can't be covered by government secrecy agreements. It would be > extremely difficult to keep such a thing both functioning and secret for > more than a few years. The canonical way to install

Re: NSA back doors in encryption products

- Original Message - From: Steven M. Bellovin <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, May 25, 2000 1:32 AM Subject: Re: NSA back doors in encryption products [...] > > http://www.znz.freesurf.fr/files/certifix.zip (300 Kb) > > >

Re: NSA back doors in encryption products

At 10:01 PM 05/24/2000 +0100, Ben Laurie wrote: >Amusing though the MS/NSA speculations are, I'm more interested in the >general point: i.e. proving that primes are prime. Having a black box >that claims to do that doesn't really light my fire. The most interesting thing I find about the discuss

Re: NSA back doors in encryption products

Before continuing, let me state my three opinions that this is based on: 1) There is a non-zero risk of backdoors in commercial software, but the perpetrators are as likely (IMHO more likely) to be outside parties and not US agencies like NSA. 2) A persistent backdoor in Windows would have to be

Re: NSA back doors in encryption products

Rick Smith wrote: > > >Enzo Michelangeli noted some primality checking software: > > >> CERTIFIX is an executable for Win95, Win98, NT (hardware Intel > >> compatible). > > And Ben Laurie wrote: > > >'nuff said! > > Of course, this increases the size of the conspiracy at Microsoft -- if you >

Re: NSA back doors in encryption products

John Gillmore wrote: > Turning down the offer on verifiability grounds left them wondering > whether they really would have done it if it'd been possible to keep > the whole thing secret. The quid pro quo offered by NSA would be that > their products would have no trouble getting through the (at

Re: NSA back doors in encryption products

At 10:43 AM -0500 5/24/2000, Rick Smith wrote: >At 03:48 PM 05/23/2000 -0700, John Gilmore wrote: >>Rick Smith wrote: >>> If the NSA approaches Microsoft to acquire their support of NSA's >>> surveillance mission, then the information will have to be shared >>> with a bunch of people inside Micros

Re: NSA back doors in encryption products

>Enzo Michelangeli noted some primality checking software: >> CERTIFIX is an executable for Win95, Win98, NT (hardware Intel >> compatible). And Ben Laurie wrote: >'nuff said! Of course, this increases the size of the conspiracy at Microsoft -- if you have anti-backdoor code, then Microsoft ne

Re: NSA back doors in encryption products

In message <001a01bfc599$355fc440$31cf54ca@emnb>, "Enzo Michelangeli" writes: > > >> John Gilmore wrote: >> > Anybody tested the primes in major products lately? >> >> Interesting point ... of course, these days one can produce checkable >> certificates of primality - but I'm not aware of any free

Re: NSA back doors in encryption products

At 03:48 PM 5/23/00 -0700, John Gilmore wrote: >... I have a well-founded rumor that a major Silicon Valley company was >approached by NSA in the '90s with a proposal to insert a deliberate >security bug into their products. They declined when they realized >that an allegation of the bug NSA want

Re: NSA back doors in encryption products

Enzo Michelangeli wrote: > > - Original Message - > From: Ben Laurie <[EMAIL PROTECTED]> > To: John Gilmore <[EMAIL PROTECTED]> > Cc: Rick Smith <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Wednesday, Ma

Re: NSA back doors in encryption products

At 03:48 PM 05/23/2000 -0700, John Gilmore wrote: >Rick Smith wrote: >> If the NSA approaches Microsoft to acquire their support of NSA's >> surveillance mission, then the information will have to be shared >> with a bunch of people inside Microsoft, and they're not all going >> to keep it secret.

Re: NSA back doors in encryption products

- Original Message - From: Ben Laurie <[EMAIL PROTECTED]> To: John Gilmore <[EMAIL PROTECTED]> Cc: Rick Smith <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, May 24, 2000 9:08 PM Subject: Re: NSA back doors in encryption p

Re: NSA back doors in encryption products

John Gilmore wrote: > Anybody tested the primes in major products lately? Interesting point ... of course, these days one can produce checkable certificates of primality - but I'm not aware of any free software to do it ... is there any? Is it time for the Campaign for Real Primes[1]? Cheers,

Re: NSA back doors in encryption products

Rick Smith wrote: > If the NSA approaches Microsoft to acquire their support of NSA's > surveillance mission, then the information will have to be shared > with a bunch of people inside Microsoft, and they're not all going > to keep it secret. Two people in Microsoft would need to know. Bill Gat