Re: NSA abandons some cool stuff
At 01:27 PM 1/7/01 -0500, Arnold G. Reinhold wrote: "Every inch of floor in more than four buildings was covered with two-by-two-foot squares of bleak brown carpet. When the astronomers tried to replace it, they discovered it was welded with tiny metal fibers to the floor. The result, they eventually realized, is that the rugs prevent the buildings from conducting static electricity. Even the regular lighting looks different, covered by sleek metal grids that prevent the light bulbs from giving off static interference. " Sounds more like TEMPEST shielding. It resembles TEMPEST, but shielding works both ways. The spooks chose the site because it was RF quiet, but had to run their computers in the same area as sensitive dishes. It makes sense that the shielding was to quiet their own emissions to help their receiving. After all, fluorescent bulbs don't leak much intelligence :-) but they sure cause electrical noise. You may be right about their concern being to prevent interference with their listening equipment, but I don't agree with your last point. As I understand it, all electrical wiring coming out of a TEMPEST enclosure has to be carefully (and expensively) filtered. The power wiring to lighting fixtures can pick up and re-radiate compromising signals. By shielding the fixtures, they effectively place the lights outside of the enclosure. I'll bet the wiring to those fixtures is within carefully grounded conduit. It would be fun to take a tour! Arnold Reinhold
Digital Money Forum Programme
--- begin forwarded text User-Agent: Microsoft-Entourage/9.0.2509 Date: Mon, 08 Jan 2001 22:26:31 + Subject: Digital Money Forum Programme From: "David G.W. Birch" [EMAIL PROTECTED] To: Bob Hettinga [EMAIL PROTECTED] Bob, Can you post this in all of the relevant places: thanks... . the fourth annual Consult Hyperion forum . .. D I G I T A L ... M O N E Y . ... Kensington Park Hotel London April 25th/26th, 2000 sponsored by GlobeID in association with E-Finance Forum Day One. Benjamin Sahel Tim Jones European Central Bank Purseus Dominique Hautain Jon Prideaux ProtonWorld International Visa International Herve Kergoat Hugh Kingdon Europay Barclaycard Mike Hendry Dan Isamann Payment Systems Consultant Smart Prepay Day Two. Bob HettingaJack Selby Internet Bearer Underwriting Corp. PayPal Viktor Rostov Charles Cohen Paycash Beenz Amir Herzberg Phil Curtis NewGenPay Oberthur Paavi Helanto David Birch Sonera Mobile Pay Consult Hyperion .Administration. The detailed programme is on line at http://www.consult.hyperion.co.uk/forum/digmon4.htm Thanks to the generosity of our sponsors, this year the seminar costs only 495 pounds Sterling per person excluding VAT. The fee includes the seminar, documentation, meals, cocktails and drinks around the champagne tables.. For further information or to reserve a place please contact Gloria Benson [EMAIL PROTECTED] Telephone +44 1483 301793Fax +44 1483 561657 --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Perfect compression and true randomness
Paul Crowley wrote: This supports your main point: perfect compression is a *much* less realistic idea than true randomness! Yeah. Now that you mention it, it's not entirely clear what perfect compression means, but it seems that it would at a minimum require ability to break every cryptosystem in existence. In other words, perfect compression is apparently utterly unrealistic, unless cryptography is impossible. Consider a very long file which contains AES_k(0), AES_k(1), AES_k(2), AES_k(3), ... for some random key k that is not mentioned in the file. Of course, the optimal compression of this file is just 128 bits for the key k, plus a brief description of the algorithm (AES in counter mode). However, finding k is infeasible unless AES is insecure. In other words, perfect compression of this file requires breaking the AES! A similar example shows that if there is any secure cryptosystem at all, then perfect compression is infeasible. Hence, perfect compression seems to be entirely unrealistic, unless cryptography is impossible.
Re: Historical PKI resources
Here's the BibTeX entry for the paper that apparently "started it all".. The D-H paper is the public start of public-key crypto. The scientific American article by Gardner explained, pre-patent-issuance, RSA to the world. The start of PKI is an MIT Master's Thesis that created certificates. Sorry, no references to any of the above. Should not be hard to find. The adoption by X.509 for use as authentication in X.500 got us common technology, and is probably the only reason anyone will ever have to learn ASN.1 and DER. :) The old IETF PEM project gave us "---BEGIN" lines :) and showed empirically that global X.500 deployment is a non-starter. RSA's version, which became the IETF's S/MIME showed how to do it practically. I'll stop now before I get too cynical. :) /r$
Re: NSA abandons some cool stuff
At 07:51 PM 1/8/01 -0500, Arnold G. Reinhold wrote: After all, fluorescent bulbs don't leak much intelligence :-) but they sure cause electrical noise. You may be right about their concern being to prevent interference with their listening equipment, but I don't agree with your last point. As I understand it, all electrical wiring coming out of a TEMPEST enclosure has to be carefully (and expensively) filtered. The power wiring to lighting fixtures can pick up and re-radiate compromising signals. Yes. By shielding the fixtures, they effectively place the lights outside of the enclosure. Yes. But 1. you'd still want a filter the power mains inside your physically secured zone 2. The site had a generator... and presumably a guarded perimeter (think 1/R^2) so emissions were probably less important than listening sensitivity... I'll bet the wiring to those fixtures is within carefully grounded conduit. Building codes often require this, anyway, though probably not grounded to the extent of someone concerned with emissions. Again, it makes much more sense (cost, number of items to check periodically) to put isolation centrally. It would be fun to take a tour! It looks like those RF astronomers would be willing, if you shut your cell phone off while visiting :-), though likely miffed that you're more interested in the facility than in the astronomy... - Another possibility is that they were so freaked by the static sensitivity of early MOS devices that they grounded the carpets...
Update on NIST crypto standards (fwd)
Forwarded with permission. There is also going to be an announcement on modes of operation; http://csrc.nist.gov/encryption/tkmodes.html should have the information within the next month or thereabouts. --- Forwarded Message X-Sender: [EMAIL PROTECTED] X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Mon, 08 Jan 2001 13:20:18 -0500 To: [EMAIL PROTECTED] From: Jim Foti [EMAIL PROTECTED] Subject: Update on NIST crypto standards Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-UIDL: 70f288237482be01d5331b60aec89937 Hello- Here is a brief update on NIST's crypto standards efforts: 1. On January 5, 2001, we announced a Draft FIPS for HMAC (Keyed-Hash Message Authentication Code) that is a generalization of HMAC as specified in Internet RFC 2104 and ANSI X9.71. A 90-day public comment period ends April 5, 2001. Details are available at http://www.nist.gov/hmac. 2. On January 2, 2001, we posted a white paper that discusses our plans for developing standards and recommendations for public key-based key management. This will be a two-part process, involving the development of 1) a scheme definition document, and 2) a key management guideline. This paper is available at http://www.nist.gov/kms. 3. The Draft FIPS for the AES is anticipated for release for public review in the very near future. Final approvals for the release of this document are pending. When an announcement is made, information on the draft and for providing public comments will be available at http://www.nist.gov/aes. Best regards and Happy New Year, Jim [This note is being sent to those people who have attended any of NIST's AES conferences, the Key Management Standard (KMS) workshop in February 2000, the Modes of Operation workshop in October 2000, or who have expressed other interest in our efforts. If you would not like to receive similar notices in the future (which should be infrequent), please let me know, and we will remove you from our email distribution list.] *** Jim Foti Computer Security Division Information Technology Laboratory National Institute of Standards and Technology (NIST) 100 Bureau Drive, Mail Stop 8930 Gaithersburg, MD 20899-8930 USA TEL: (301) 975-5237 FAX: (301) 948-1233 [EMAIL PROTECTED] *** --- End of Forwarded Message --Steve Bellovin
Review of History Channel's NSA documentary
[The documentary aired again twice this morning on the History Channel, and it's a fair bet it'll show again later this week. --Declan http://www.wired.com/news/politics/0,1283,41063,00.html History Looks at the NSA by Declan McCullagh ([EMAIL PROTECTED]) 2:00 a.m. Jan. 9, 2001 PST WASHINGTON -- As anyone who watched Enemy of the State knows, the National Security Agency is a rapacious beast with an appetite for data surpassed only by its disregard for Americans' privacy. Or is the opposite true, and the ex-No Such Agency staffed by ardent civil libertarians? To the NSA, of course, its devilish reputation is merely an unfortunate Hollywood fiction. Its director, Lt. Gen. Michael Hayden, has taken every opportunity to say so, most recently on a History Channel documentary that aired for the first time Monday evening. "It's absolutely critical that (Americans) don't fear the power that we have," Hayden said on the show. He dismissed concerns about eavesdropping over-eagerness and all but said the NSA, far from being one of the most feared agencies, has become one of the most handicapped. One reason, long cited by agency officials: Encryption. The show's producers obligingly included stock footage of Saddam Hussein, saying that the dictator-for-life has been spotted chatting on a 900-channel encrypted cell phone. That's no surprise. The NSA, as Steven Levy documents in his new Crypto book (which the documentary overlooks), has spent the last 30 years trying to suppress data-scrambling technology through export regulations, court battles, and even personal threats. Instead of exploring that controversial and timely subject that's tied to the ongoing debate over privacy online, "America's Most Secret Agency" instead spends the bulk of an hour on a history of cryptography starting in World War II. Most of the documentary could have aired two decades ago, and no critics are interviewed. One of the few surprises in the otherwise bland show is the NSA's new raison d'etre -- infowar. [...]
Review of Steven Levy's Crypto
http://www.wired.com/news/politics/0,1283,41071,00.html Crypto: Three Decades in Review by Declan McCullagh ([EMAIL PROTECTED]) 8:20 a.m. Jan. 9, 2001 PST WASHINGTON --It took only a year or two for a pair of computer and math geeks to discover modern encryption technology in the 1970s. But it's taken three decades for the full story to be told. Transforming what is an unavoidably nerdy tale into the stuff of passion and politics is not a trivial business, but Steven Levy, the author of Crypto, proves himself more than up to the task. Crypto (Viking Penguin, $25.95), is Levy's compelling history of the personalities behind the development of data encryption, privacy and authentication: The mathematicians who thought up the idea, the businessmen who tried to sell it to an unsure public and the bureaucrats who tried to control it. Levy, a Newsweek writer and author of well-received technology histories such as Hackers and Insanely Great, begins his book in 1969 with a profile of Whit Diffie, the tortured, quirky co-discoverer of public key cryptography. Other characters soon populate the stage: The MIT mathematicians eager to sign documents digitally; Jim Bidzos, the Greek-born dealmaker who led RSA Data Security from ruin to success; and Phil Zimmermann, the peace-activist-turned-programmer who gave the world Pretty Good Privacy. Until their contributions, the United States and other countries suffered from a virtual crypto-embargo, under which the technology to perform secure communications was carefully regulated as a munition and used primarily by soldiers and spies. But what about privacy and security? "On one side of the battle were relative nobodies: computer hackers, academics and wonky civil libertarians. On the other were some of the most powerful people in the world: spies, generals and even presidents. Guess who won," Levy writes. (Full disclosure: A few years ago, Levy asked this writer to help him research portions of the book. For whatever reason -- perhaps he found what he needed elsewhere -- discussions ceased.) Throughout Crypto's 356 pages, Levy takes the perspective of the outsiders -- and, in some cases, rebels -- who popularized the technology. Although he provides ample space for the U.S. government's views, he casts the struggle between crypto-buffs and their federal adversaries in terms familiar to foes of government control. [...]
Re: Historical PKI resources
as an aside ... note X9.59 which can be implemented with public/private key digital signature ... but doesn't dictate certificates (it is possible to implement with or without certificates; x.509 or not). W/o certificates, do public key management using existing business processes in place for passwords and PINs ... i.e. in conjunction with the database/file that is also referenced for authorization (either logging-on or financial transactions). random refs: http://www.garlic.com/~lynn/ from x9a10 mailing list The X9.59 DSTU period starts Feb. 1, 2001 and runs through Jan. 31, 2003 The X9.59 DSTU standards document should appear in the next standards publication catalogue: DSTU X9.59-2001, Electronic Commerce For the Financial Services Industry: Account-Based Secure Payment Objects X9.59 defines a secure payment object for use in authenticated financial transactions. It relies on existing X9F security standards for payment object authentication. It supports secure payments involving virtual (e.g. Internet) or face-to-face transactions. It applies to card-based (e.g. smart card) financial transactions as well as other forms of electronic financial transactions (e.g. e-check). Rich Salz [EMAIL PROTECTED] on 01/08/2001 05:39:22 PM To: [EMAIL PROTECTED] cc:(bcc: Lynn Wheeler/CA/FDMS/FDC) Subject: Re: Historical PKI resources Here's the BibTeX entry for the paper that apparently "started it all".. The D-H paper is the public start of public-key crypto. The scientific American article by Gardner explained, pre-patent-issuance, RSA to the world. The start of PKI is an MIT Master's Thesis that created certificates. Sorry, no references to any of the above. Should not be hard to find. The adoption by X.509 for use as authentication in X.500 got us common technology, and is probably the only reason anyone will ever have to learn ASN.1 and DER. :) The old IETF PEM project gave us "---BEGIN" lines :) and showed empirically that global X.500 deployment is a non-starter. RSA's version, which became the IETF's S/MIME showed how to do it practically. I'll stop now before I get too cynical. :) /r$
Re: Digital Money Forum Programme
At 5:35 PM -0500 on 1/8/01, R. A. Hettinga wrote: April 25th/26th, 2000 ...I think David meant 2001, here... -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Ted Byfield; ICANN, Intellectual Property, and Digital Commerce
--- begin forwarded text Date: Tue, 9 Jan 2001 14:58:50 -0500 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Ted Byfield; ICANN, Intellectual Property, and Digital Commerce Cc: Ted Byfield [EMAIL PROTECTED], Scott Moskowitz [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- [Note that the Harvard Club is now "business casual". No more jackets and ties... --RAH] The Digital Commerce Society of Boston Presents Ted Byfield, Moderator, Nettime (among other things...) ICANN, Intellectual Property, and Digital Commerce Tuesday, February 6th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA Through an erratic process intended to "lessen the burdens of government," the Clinton administration transferred governance of the Internet's essential functions to the Internet Corporation for Assigned Names and Numbers. In trying to cement its status, ICANN has sought to transform the net's cooperative structures into a hierarchical contractual regime geared toward expanding and enforcing intellectual property claims. The result of ICANN's deviation from its technical coordination mandate into a captured policy-making proxy for an absent-minded US government is a centralized namespace that privileges the demands of late-adopters over innovative expansions of DNS. This talk will provide a survey of ICANN's activities to date and how they may advance alternative models and extensions of DNS as a decentralized, cooperative system that is more secure and less subject to political whim. After working for over a decade as decade as an editor focusing on intellectual and cultural history, Ted Byfield joined the faculty of Parsons School of Design in New York City, where he teaches about the social and political aspects of design. In addition to writing and lecturing about areas where the technical and cultural collide, he is a member of the rump Boston Working Group, co-moderates the Nettime mailing list, and serves as an boardmember and advisor for various New York-area cultural organizations. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, February 6th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, January 3rd, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (we've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: March 6 TBA April 3 Scott Moskowitz Watermarking and Bluespike As you can see, :-), we are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, are a principal in digital commerce, and would like to make a presentation to the Society, please send e-mail to the DCSB Program Committee, care of Robert Hettinga, mailto: [EMAIL PROTECTED]. -BEGIN PGP SIGNATURE- Version: PGP 7.0 iQEVAwUBOlttV8UCGwxmWcHhAQHyQgf9EFME11YN9QQUHfMidGJW/Jl4JYS4kz+c O+aS217xG7jrHhSzcobImq4Be16XkSz90hNEGfPEikOhOjbv0MHDQue5nOnJy9dN 5TCydlsSbD3Sz2f29FdpU+yV0MM2/puGDFGzZ3mdLFJJENGmAUdmy4FJGZbyLuSI PWeOikiuRYfuJlsQrzGNT+v6AzvB0DbzufCgGN2nNFRVXdHJny/p3HYj2ZH+53ZR e4pR1fhRzsK0xA3aQrMBErdGZcOR7iWrDj5va0DMjhw8ZdXQhQDNcQWigdCOnNx6 heY6pvuvSJDLMWb0sV+1QB6NKagKdiYP8U1S6iU1/49/lXToJH2LLw== =zbvY -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon,
Re: Historical PKI resources
the x9.59 standard is authentication as well as certificate neurtral. aads is pki no certificate ... i.e. it has a public key infrastructure with respect to public key management ... it just that its public key management attempts to take advantage of extensive existing "binding" business processes rather than inventing new ones. Now it may not be PKI, for PKI==X.509, but it is not "no infrastructure" (although they have been some claims that no "new" infrastructure is equated to "no infrastructure", aka existing password, PIN, mother-maiden-name, SSN, etc infrastructures don't actually exist). Rich Salz [EMAIL PROTECTED] on 01/09/2001 04:20:44 PM To: Lynn Wheeler/CA/FDMS/FDC@FDC cc: [EMAIL PROTECTED] Subject: Re: Historical PKI resources Well gee, thanks I guess, but since your baby is explicitly PK no I, it's pretty irrelevant, no? (Anyone else reminded of the old turk/armenian 'bot on Usenet? :) /r$
Re: Historical PKI resources
R sent me a nice note pointing out that it was actually a bachelor's
thesis, supervised by A. Apparently unpublished.
/r$ (not S, and certainly not *that* S :)
@unpublished{Kohnfelder78,
author = {Kohnfelder, Loren M.},
title ={Towards a Practical Public-Key Cryptosystem},
year = 1978,
month =May,
note = {B.S. Thesis, supervised by L. Adleman}
}
