Re: Run a remailer, go to jail?
On Fri, Mar 28, 2003 at 01:10:56PM -0500, Perry E. Metzger wrote: http://www.freedom-to-tinker.com/archives/000336.html Quoting: Here is one example of the far-reaching harmful effects of these bills. Both bills would flatly ban the possession, sale, or use of technologies that conceal from a communication service provider ... the existence or place of origin or destination of any communication. -- Perry E. Metzger [EMAIL PROTECTED] For those on this list in the Boston area there is a hearing scheduled on the Mass Bill at 10 Am in Room 222 of the Mass State House in Boston. It was introduced in Mass by a Rep Stephen Tobin of Boston and listed on the state website as legislation to establish a crime of illegal internet and broadband access -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass 02493 PGP fingerprint 1024D/8074C7AB 094B E58B 4F74 00C2 D8A6 B987 FB7D F8BA 8074 C7AB - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Russia Intercepts US Military Communications?
reusch wrote: Via the Cryptome, http://www.cryptome.org/, RU sure, look at http://www.aeronautics.ru/news/news002/news082.htm. I'm amazed at their claims of radio interception. One would expect that all US military communications, even trivial ones, are strongly encrypted, given the ease of doing this. Someone, more well informed, please reassure me that this is the case. Possibly someone was bribable - presumably the CoW need to share the same frequencies and keys, so - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Russia Intercepts US Military Communications?
Well I am sure most of you would be amazed and/or flabbergasted with how the crypto keys are handed out for the different avionics/communication devices on a daily basis. You will know if you forgot one of them like when you pass over a hawk missile sight at the edge of base, and they lock on and start tracking you. Notice I said daily basis. Might give a hint to how they ran out. Dave _ Dave Kleiman [EMAIL PROTECTED] www.netmedic.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Wayner Sent: Monday, March 31, 2003 13:18 To: reusch; [EMAIL PROTECTED] Subject: Re: Russia Intercepts US Military Communications? At 7:38 PM -0500 3/30/03, reusch wrote: Via the Cryptome, http://www.cryptome.org/, RU sure, look at http://www.aeronautics.ru/news/news002/news082.htm. I showed this link to a friend who fixes helicopters for the Army/Marines. He was incredulous at first, but then said, Oh, they probably just turned off the crypto. There's a switch to do that. Sometimes you have to do that if things screw up. He went on to talk about crypto as if it was something like fuel or food. He said, They probably loaded up 4 or 5 days of crypto at the beginning, but then they had to turn it off after the supply lines got muddled. So this would be consistent with some key management structures but not with others. If you give a unit a good random number source and diffie-hellman, they should be able to go the entire war without running out of crypto. But I don't know if the US military embraces the kind of hierarchy-free key management imagined by cypherpunks. Of course, many of the details from the Russian could be gathered from raw traffic analysis. It's easy to count messages and triangulate to figure out where US troops are massing. It's also easy to tell that an absence of messages from the interior of the city means that the US troops haven't entered yet. The crypto may cloak the details of the messages, but those details may not be too important. (I wouldn't be surprised if they carried some news of the NCAA basketball tournament, for instance.) -Peter - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Run a remailer, go to jail?
to conceal or to assist another to conceal from any communication service provider, or from any lawful authority, the existence or place of origin or destination of any communication. I agree with Peter. Now what are they going to with all that Postal mail without return addresses? Who is liable if you receive it? The Post Office? Will FedEx now require an ID before sending packages? Little electronic ATM like card readers for your ID card at the drop boxes and US mail boxes? If you send it electronically through your ISP and they let it get by, are they now liable if the receiver of the e-mail reports it. They did assist another to conceal. Did they not? If you live in Mass but your ISP is in NY does the law apply? I am thinking if this is one of those laws passes because of ignorant voters and politicians. It will: A) Make a lot of attorneys rich. B) Get torn apart by case law, after making said attorneys rich. But that is just my opinion :) Dave _ Dave Kleiman [EMAIL PROTECTED] www.netmedic.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Trei, Peter Sent: Friday, March 28, 2003 23:55 To: 'Sidney Markowitz '; '[EMAIL PROTECTED] ' Subject: RE: Run a remailer, go to jail? Sidney Markowitz writes: They both require that the use of such technologies be for the purpose of committing a crime. The Massachusetts law defines as a crime: (b) Offense defined.--Any person commits an offense if he knowingly (1) possesses, uses, manufactures, develops, assembles, distributes, transfers, imports into this state, licenses, leases, sells or offers, promotes or advertises for sale, use or distribution any communication device: [ ... ] or; (ii) to conceal or to assist another to conceal from any communication service provider, or from any lawful authority, the existence or place of origin or destination of any communication; [...] (5) Assist others in committing any of the acts prohibited by this section. To heck with remailers, anonymizing proxies, etal. As I read this, the USPO is liable if it accepts a letter without a correct return address. Peter Trei - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Run a remailer, go to jail?
On Fri, Mar 28, 2003 at 01:10:56PM -0500, Perry E. Metzger wrote: http://www.freedom-to-tinker.com/archives/000336.html Quoting: Here is one example of the far-reaching harmful effects of these bills. Both bills would flatly ban the possession, sale, or use of technologies that conceal from a communication service provider ... the existence or place of origin or destination of any communication. -- Perry E. Metzger [EMAIL PROTECTED] I find another thread of concern to some of us who are hams and radio and satellite TVRO hobbyists. Quoting from the Mass version of the bill... (b) Offense defined.--Any person commits an offense if he knowingly: (1) possesses, uses, manufactures, develops, assembles, distributes, transfers, imports into this state, licenses, leases, sells or offers, promotes or advertises for sale, use or distribution any communication device: (i) for the commission of a theft of a communication service or to receive, intercept, disrupt, transmit, re-transmits, decrypt, acquire or facilitate the receipt, interception, disruption, transmission, re-transmission, decryption or acquisition of any communication service without the express consent or express authorization of the communication service provider; or (2) Communication service. Any service lawfully provided for a charge or compensation to facilitate the lawful origination, transmission, emission or reception of signs, signals, data, writings, images and sounds or intelligence of any nature by telephone, including cellular or other wireless telephones, wire, wireless, radio, electromagnetic, photoelectronic or photo- optical systems, networks or facilities; and any service lawfully provided by any radio, telephone, fiber optic, photo-optical, electromagnetic, photoelectric, cable television, satellite, microwave, data transmission, wireless or Internet-based distribution system, network or facility, including, but not limited to, any and all electronic, data, video, audio, Internet access, telephonic, microwave and radio communications, transmissions, signals and services, and any such communications, transmissions, signals and services ^^ lawfully provided directly or indirectly by or through any of the aforementioned systems, networks or facilities. --- end of quote Whilst I am no lawyer, this would seem to possibly render illegal radio and satellite TV receivers that could be used or are used to lawfully receive those radio communications the public is explicitly permitted to listen to under the ECPA (18 USC 2510 and 2511) if the originator of the communication does not provide explicit permission to listen and the transmission involves use of facilities for which a fee is paid (such as space on a leased tower). Included in this category are unencrypted public safety communications such as police and fire calls, aircraft, ships, trains and the like all of which can be picked up on the ubiquitous police scanners (and more sophisticated radios that some of us own as well). And obtaining explicit permission from all the parties involved in such communications is not always easy, nor in many cases do local agencies want to grant it. And also much more likely to be included under the rubric of at at least this very broad Mass language are unencrypted non-scrambled back hauls, news feeds, and free to air MPFG and analog services available from TVRO satellite dishes. These are pretty clearly communications services and watching them in the privacy of one's home for private non-commercial purposes has been legal under the provisions of the late 80s Satellite Viewers Rights Act (provided they weren't scrambled). Of course compared to the larger issues raised by the DMCA language and the apparent prohibition of NAT and anonymous mailers this may seem minor... But it is worrisome to some of us working on software defined radio code in Mass... which might or could be used in ways that might be found illegal under this bill. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass 02493 PGP fingerprint 1024D/8074C7AB 094B E58B 4F74 00C2 D8A6 B987 FB7D F8BA 8074 C7AB - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
CTKS?
Change the Key Stupid ? Just a nice simple question. I have previously implemented a process to generate new dsa/rsa keys for ssh and transfer them over the existing encrypted session with time interval t, the following connection will use the new keys so forth.. The reason behind this was, if anyone robbed the private key and knew the passphrase ( in fact I had no passphrase above, and allowed any of the last 3 keys pairs to be used ), it would only be valid for a short time interval... The benefit is simple for ssh, blank passphrase private keys are useful for time interval t and no longer, gaining access to these via backups, temporary root, temporary contract etc, are of little use if time internal is sufficiently short. I have not seen this technique documented/ mentioned for ssh or any other protocols ? links references ? or is this a case of CTKSS! ( Change the key Stupid, Stupid ) ? ..surely where there is risk of keys being copied and allowing either access, future decryption or MITM attacks with private key, it makes sense to automate the key exchange when possible ? and also to continue to have the 1-3 month manual key exchange over alternate channel. Thoughts / criticisms welcome - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Cryptoprocessors compliant with FIPS 140-2
There are only about 310 fips-140-1/2 total validation certificates since 1995. http://csrc.nist.gov/cryptval/ Since the FIPS-140-2 was not signed in until mid-2001 there where very few in 2002 - see the 2 links below. http://csrc.nist.gov/cryptval/140-1/1401val2002.htm http://csrc.nist.gov/cryptval/140-1/1401val2003.htm _ Dave Kleiman [EMAIL PROTECTED] www.netmedic.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Damien O'Rourke Sent: Friday, March 21, 2003 11:14 To: [EMAIL PROTECTED] Subject: Cryptoprocessors compliant with FIPS 140-2 Hi, I was wondering if anyone could list a number of cryptographic processors that are compliant with the Federal information processing standard (FIPS) 140-2 Security Requirements for cryptographic modules. I know that the IBM-4758 was compliant with FIPS 140-1 up to level 4 but I don't think it has been tested under the newer version of the standard (correct me if I'm wrong). Specifically I am wondering about section 4.11 on page 39 entitled Mitigation of Other Attacks which discusses, power analysis, timing attacks, TEMPEST and fault induction. If you could tell me what level they have been certified to and where I might find some more information on them that would be great. In fact, any relevant information would be greatly appreciated. Thanks for your time. Best Regards, Damien. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Active Countermeasures Against Tempest Attacks
On Fri, Mar 07, 2003 at 10:46:06PM -0800, Bill Frantz wrote: The next more complex version sends the same random screen over and over in sync with the monitor. Even more complex versions change the random screen every-so-often to try to frustrate recovering the differences between screens of data on the monitor. Five or six years ago I floated the suggestion that one could do worse than phase lock all the video dot clock oscillators in a computer room or office to the same master timing source. This would make it significantly harder to recover one specific monitor's image by averaging techniques as the interference from nearby monitors would have exactly the same timing and would not average out as it does in the more typical case where each monitor is driven from a video board with a slightly different frequency dot clock (due to aging and manufacturing tolerances). Modifying existing video boards to support such master timing references is possible, but not completely trivial - but would cost manufacturers very little if it was designed in in the first place. And of course one could improve the shielding on the monitor with the dummy unimportant data so it radiated 10 or 20 db more energy than the sensitive information monitor next to it. In many cases this might involve little more than scraping off some conductive paint or removing the ground on a cable shield. I am sure that it would take little effort with a spectrum analyzer and some hand tools to defeat most of the EMI suppression in many monitors and whilst this would not be entirely legal under FCC rules (at least for a manufacturer or dealer) it probably would be closer to legal than deliberately creating rf interference with an intentionally radiating jammer. I imagine, however, that the usefulness of the RF radiated by a modern TFT flat panel display fed with DVI digital video is already much less as there is no serial stream of analog pixel by pixel video energy at any point in such an environment. Most TFTs do one entire row or column of the display at a time in parallel which does not yield an easily separated stream of individual pixel energy. Thus extracting anything resembling an image would seem very difficult. So perhaps the era of the simplest to exploit TEMPEST threats is ending as both optical and rf TEMPEST is much easier with raster scan pixel at a time CRT displays than it is with modern more parallel flat panel display designs. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Columbia crypto box
On Sun, Mar 02, 2003 at 11:32:36AM -0800, [EMAIL PROTECTED] wrote: Interestingly enough, the public references long ago published the shuttle comm frequencies. Summarizing from: The frequencies have never been secret, but in recent years some or perhaps even almost all of the Ku band TDRSS relayed telemetry and TV and a good bit of the S band relayed traffic has been encrypted. This was, I have been given to understand, part of the upgrades to the comms and TV systems on the shuttle completed in the last few years which converted analog TV transmission to digital TV. This encryption was originally publicly justified in part on the grounds that medical information was passed between crew and physicians on the ground and that federal privacy laws required protection of this information. And as far as I know, NASA while publishing link frequencies (which I have no particular reason to believe are wrong), has never released full details of modulation, multiplexing, error correction coding, randomization, interleaving, frame sync formats, channel assignments and scale factors for the data even for those links and modes that aren't encrypted. And actual link frequencies are but a small part of the data base of information one would need to successfully intercept useful information from the shuttle links - even 1980s to early-90s era digital telemetry signals are pretty complex and non trivial to deal with even if you know the frequency. Finally, the TDRSS spacecraft are also used for relaying information from NRO spacecraft and other classified military missions, and there is a significant chance that at least some of the details of the access protocols and signal formats used with these spacecraft are classified in order to protect sensitive military links. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: AES-128 keys unique for fixed plaintext/ciphertext pair?
Hmm. another simpler theory to remove Shannon from the discussion. assume that the original assertion is correct - that for each plaintext p and each cyphertext c there exists only one key k that is valid to map encrypt(p,k)=c. In this case, for each possible cyphertext c, *every* possible plaintext p is a valid translation given a unique key k. for that reason, the uniary distance for encrypt() must be larger than one block - as it is self evidently not possible to map *any* c to a unique p without knowledge of the key. For that reason, Shannon cannot be applied to a single block of encrypt(), and can be safely ignored :) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: A talk on Intellectual Property and National Defense
Sorry that is not what I said. Where did you get that from the above? On 2/4/03 11:28 AM, Trei, Peter [EMAIL PROTECTED] wrote: Adam Shostack[SMTP:[EMAIL PROTECTED]] writes: I believe that DRM systems will require not just an authorized boot sequence, but a secure remote attestation that that boot sequence was followed, and a secure attestation as to the versions of the software on your system. So, while a secure system is needed for AT/DRM, its not enough. Let me get this straight - in order to make the RIAA and MPAA richer, we're going to ban off-net computer use? If you're not near a WiFi hotspot you won't be able to boot your laptop? Peter Trei - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Effective and ineffective technological measures
on 7/29/01 5:20 AM, Alan Barrett at [EMAIL PROTECTED] wrote: The DMCA said: 1201(a)(1)(A): No person shall circumvent a technological measure that effectively controls access to a work protected under this title. What does effectively mean here? If it has its plain english meaning, then one could argue that ROT13, CSS (and anything else that can easily be broken) are *ineffective* technological measures[...] Or does the clause really mean No person shall circumvent a technological measure that *purports to control* access to a work protected under this title? Depending on what plain english meaning your prosecutor wants to use, you can end up with an interesting result here. The meaning I see in my dictionary says Having an expected or intended effect. Thus, it goes to expectations and intentions. If the intention of the IP owner was to use ROT13 to make it difficult for unauthorized users to view the data, it would generally be agreed this was ineffective. However, if the intention of the IP owner was to use ROT13 to make unauthorized viewing of the data subject to the DMCA, then it is effective. This may seem somewhat silly, but access does not need to be controlled by making unauthorized viewing difficult, it can also be controlled by making unauthorized viewing (and/or assistance with such) a criminal act. Perhaps it helps to think of the new war on piracy in terms of the war on drugs (aka controlled substances): From the Controlled Substances Act (CSA) 21 USCS Section 802: (5) The term control means to add a drug or other substance, or immediate precursor, to a schedule under part B of this title, whether by transfer from another schedule or otherwise. If you apply this sense of control with DMCA, instead of there being a list of controlled IPs, there's a virtual list where an IP owner just needs to add some (any!) technological measure (aka ROT13) to get on the list to be protected by DMCA. Again, using the CSA to explain the DMCA may seem silly, but try to look at it from the perspectives of government prosecutors and judges. They've been working with the CSA for some time now and think in those terms. It's human nature to try and apply what you're already familiar with to something new. There's a striking number of parallels between the CSA and the DMCA and I suggest reading them both together to get a sense of what the DMCA will mean in reality. Why, the CSA even begins with an acknowledgement of fair use almost as if they mention it to get it out of the way before they completely ignore it in practice. Dave - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]