Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #13 Mon, 5 Mar 01 00:13:01 EST
Contents:
Why do people continue to reply to Szopa? (Paul Crowley)
Re: sci.crypt? (David A Molnar)
Re: OverWrite freeware completely removes unwanted files fromharddrive (Benjamin
Goldberg)
How 'bout Borg whore Yelena Perhunkova? She's a Internet Cock Huntress - ask Igor
Chudov {Re: Is BORG mental patient Linda Gore SSRIHater?? Re: Fake SSRIHATER ("--"
-alexplore@alexplore-)
Re: super strong crypto, phase 3 (John Savard)
Re: Monty Hall problem (was Re: philosophical question?) (Adam Stephanides)
Re: The Big Breach (book) available for download (Fogbottom)
Re: "RSA vs. One-time-pad" or "the perfect enryption" (Steve Meyer)
Re: super strong crypto, phase 3 (Steve Portly)
Re: The Foolish Dozen or so in This News Group (Crypto Neophyte)
Crossposted-To: alt.hacker
Subject: Why do people continue to reply to Szopa?
From: Paul Crowley [EMAIL PROTECTED]
Date: Mon, 05 Mar 2001 01:54:54 GMT
William Hugh Murray [EMAIL PROTECTED] writes:
Dan Beale wrote:
"Anthony Stephen Szopa" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
snip everything
Having cleared my kill-filter i am _amazed_ to find you still trolling the
crypto groups Anthony. Have you learnt any math yet?
No, but not because we have not tried to teach him.
Would you leave if you were getting the attention he gets?
Can someone explain this to me? I've never written an article that
addressed Szopa directly, and I never plan to; he's clearly a loon who
will never learn anything. The only reason to post a followup to
something he's written is to warn off newcomers who might otherwise
believe some outlandish claim or other. Yet many highly intelligent
and knowledgable people waste a great deal of effort trying to explain
basic facts about computer security to a man who is clearly unable to
grasp them. Why?
If you think he's a troll then don't feed him. If you think (as I do)
that he's sincerely clue-resistant, what's the point?
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
--
From: David A Molnar [EMAIL PROTECTED]
Subject: Re: sci.crypt?
Date: 5 Mar 2001 02:09:54 GMT
Tom St Denis [EMAIL PROTECTED] wrote:
Does anyone know the exact date sci.crypt was last a discussion forum about
"scientific cryptography"?
there's some discussion here which is of scientific merit. it comes and goes.
most recently, I've been skimming the discussion of Rabin's new scheme.
almost all of it is civil, and most of it is thoughtful. I haven't had the
time to read other threads.
I want to make a head stone for the group... hehehe
I'm not sure that it's worse here than elsewhere on Usenet.
Can we come to a consensus of "on topic" traffic please? I see cross posts
from alt.kkk, alt.2600, alt.pedophile.looky.here, etc... seriously...
who's "we" ? I doubt that any of the "regulars" are crossposting to these
groups, and I also doubt that others will pay much attention to a followup
scolding them for being off-topic.
-David
--
From: Benjamin Goldberg [EMAIL PROTECTED]
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Mon, 05 Mar 2001 02:33:06 GMT
Anthony Stephen Szopa wrote:
Benjamin Goldberg wrote:
Szopa, you are an utter moron. Didn't you read what I wrote?
A sucessful close operation merely means that the entry in the list
of open files is removed.
Sure, your program "closes" sucessfully.
What does that have to do with disk writes?
You call the fclose() instructioction, which in turn calls close()
on the file descriptor. It's removed from the list of open files.
The dirty pages remain in cache. (The OS will write them out,
eventually, but nothing has yet happened to make this urgent.) You
open the file again. This creates a new entry in the list of open
files, and returns an index to that list (the file descriptor).
IIRC, This becomes the _fildes element of the (FILE*) struct. You
write to the file. The OS says to itself, hey, I still have some
dirty pages in cache for that file, and so your write() operation
modifies the contents of those pages. You call close again. It
successfully removes the entry from the list of open files. It
therefor returns a 'sucess' value. etc, etc.
At no point is close returning sucess when it actually failed;
however, at no point does sucess imply an actual hardware write
operation.
Check this out.
"Closes a stream.
fclose closes the named stream. All buffers associated with the
stream are flushed before closing. System-allocated buffers are
freed upon closing. Buffers assigned with setbuf
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #12 Sat, 30 Sep 00 09:13:01 EDT
Contents:
Re: Deadline for AES... ("Brian Gladman")
Re: IBM analysis secret. ("Brian Gladman")
Re: Carnivore article in October CACM _Inside_Risks (Nemo psj)
Re: AES annoucement due Monday 2nd October ("Brian Gladman")
Re: Deadline for AES... (Mok-Kong Shen)
Re: AES annoucement due Monday 2nd October (Mok-Kong Shen)
Re: NIST Statistical Test Suite (Mok-Kong Shen)
Re: Chaos theory (Mok-Kong Shen)
Re: Deadline for AES... (Mok-Kong Shen)
Re: Chaos theory (Tim Tyler)
Re: Chaos theory (Tim Tyler)
Re: Chaos theory (Tim Tyler)
Re: Question on biases in random-numbers decompression (Tim Tyler)
Re: AES annoucement due Monday 2nd October ("Brian Gladman")
Re: RSA and Chinese Reminder Theorem (Paul Schlyter)
Re: NIST Statistical Test Suite (Mathew Hendry)
Re: NIST Statistical Test Suite (Mark Carroll)
From: "Brian Gladman" [EMAIL PROTECTED]
Subject: Re: Deadline for AES...
Date: Sat, 30 Sep 2000 08:24:42 +0100
"John Myre" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Brian Gladman wrote:
snip
In my view the purpose of the comment period will be to make the
specifications of the algotihm(s) and the modes of operation as precise
as
possible in order to help ensure that different implementations can
interoperate effectively whenever necessary.
snip more
I agree with all the points (including the snipped ones), except
to point out that it is possible (likely in my opinion) that
the modes of operation will be addressed in a separate document.
That is the way they did it for DES; FIPS 46 for the algorithm
and FIPS 81 for the modes of operation. It doesn't look like
they've kept 81 up; all the latest stuff is in "special publications"
now (e.g. 800-20).
I agree that there are likely to be two documents.
Brian Gladman
--
From: "Brian Gladman" [EMAIL PROTECTED]
Subject: Re: IBM analysis secret.
Date: Sat, 30 Sep 2000 08:30:33 +0100
"Sundial Services" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Brian Gladman wrote:
"Douglas A. Gwyn" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Brian Gladman wrote:
"SCOTT19U.ZIP_GUY" [EMAIL PROTECTED] wrote:
Having worked in the government for 26 years. I would take
anything
a corporation says with a grain of salt. Numberous times govenment
employess did all the work and then later the BIG CORPARATIONS
with
money acted like they did something. My view is that the boys at
IBM
never where given the reasons for DES and just went along with the
NSA
just as they most likely were never given an honest reason why it
was
56 bytes instead of 64.
bits, not bytes, if you are referring to the DES key length.
And the earlier statement is about what Don Coppersmith has said,
not
about
what IBM has said.
Not only that, but he has the wrong idea of how the work
was done, by whom, and under what conditions.
Agreed.
Brian Gladman
NSA and CIA have been called "the real RD department of the
technological world," because they are willing and able to spend for
[only] the latest and greatest -- provided you can keep it all secret,
even to the point of acting like no secret exists. Far from being an
enemy of "big corporations," they work quite closely with them.
And DoD too. However, this is a different point to the one I was
supporting.
Brian Gladman
--
From: [EMAIL PROTECTED] (Nemo psj)
Subject: Re: Carnivore article in October CACM _Inside_Risks
Date: 30 Sep 2000 07:53:18 GMT
Ge and all my elders say 1984 will never be upon us... hmm i'd beg to differ it
isnt already here and growing.
--
From: "Brian Gladman" [EMAIL PROTECTED]
Subject: Re: AES annoucement due Monday 2nd October
Date: Sat, 30 Sep 2000 09:21:45 +0100
"John Savard" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
On Fri, 29 Sep 2000 17:09:27 -0600, John Myre [EMAIL PROTECTED]
wrote, in part:
John Savard wrote:
snip
This is the *first* time they have, to my knowledge, laid claim to
such an option.
Is that a troll, or did you really fail to notice what they said?
I notice what they said now. I'm unaware that they ever previously
hinted that they might choose more than one algorithm, despite many
suggestions that they do so.
In fact the NIST team have made it clear that this was an option for a
considerable time. Moreover, there was a whole panel session covering the
topic at AES3 that was led by Miles Smid, the retired previous leader of the
AES effort at NIST.
Miles put up the options as:
'1 from 5', '2 from 5', '3
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #11 Wed, 17 May 00 16:13:01 EDT
Contents:
Re: Chosen plaintext attack, isn't it absurd? ("C. Prichard")
Re: NIST releases final AES comments (David Crick)
Re: Theoretical question (Mok-Kong Shen)
Re: Jobs at Cloakware (David A Molnar)
Re: Crypto UNICODE??? (Mok-Kong Shen)
Re: QUESTIONS About ALGOS !! (Eric Lee Green)
Re: Diffie's Randomized Stream Cipher (Tim Tyler)
Re: AES final comment deadline is May 15 ("Michael Scott")
Re: Key generation (Eric Lee Green)
Re: AES final comment deadline is May 15 (Roger Schlafly)
Re: Turing's Treatise on Enigma (pink aka Chr. Boesgaard)
Re: problem solving ("Axel Lindholm")
From: "C. Prichard" [EMAIL PROTECTED]
Subject: Re: Chosen plaintext attack, isn't it absurd?
Date: Wed, 17 May 2000 15:53:23 GMT
I don't think your decryption process is criticized.
Message security has much to do with the perceived integrity of your =
encryption, not your decryption process. The message actually contains =
all the essence assuming you have done everything properly in your =
algorithm.
Key domain is important. This and the desire to compress data for =
transmission were two of the biggest reasons to move to 'blocking' =
ciphers with mapped output a few years ago. I'm still learning a few of =
the peculiar seeming things about the reasons for believing that the =
block ciphers are better.
As for my own work I has developed a cipher that uses a restricted =
domain in creating ciphered output that can be transmitted in the =
default protocol. The problem with a restricted domain of input =
characters is that the number of key combinations are reduced =
proportionate to your restriction. I new about it but have been =
demonstrating the performance of the cipher anyway looking for someone =
to give me advice more positive than the "Why not use one that works?"=20
I come back to the cipher when there is time for it. Recently I learned =
that security analysis is based on many things, but there is a nearly =
universal expression for the relative strength assuming only a brute =
force attack can convincingly deliver the plaintext message and key.
Apparently a double cipher is considered a little silly, because if you =
do can the job properly in one pass, why bother to do it over again? =
This is one of the problems I have with CipherText in the community =
because it was largely developed by an ignorant person and wreaks of it =
with the atrocious double pass cipher.=20
Because I truly believed that there should be more analysis done than =
merely calculating the extent of the possible key domain, I parlayed the =
work. Its not difficult to do and will give you insight on the relative =
strength of your encryption if you examine the key domain.
For example 56 bit DES uses 7 keys all having 256 possible ordinate =
values. 256 ^ 7 =3D 7.205 E + 16 is a relative indication that will tell =
you how strong the encryption is. The calculation assumes a purely =
random cipher and set of keys (theoretically possible but hardly ever =
the case.) 128 bit DES gives you 3.402 E +38 for a strength index based =
on the cipher key combinations.
I took these numbers in and then I calculated the strength of my =
CipherText cipher with the restricted key domain. With 8 key characters =
each having 10 possible ordinate values, the calculation is 10 ^ 8 =3D 1 =
E +8. This is the strength when using numeric values only for key =
elements.
To put things in perspective, there is quickly an assumption that the =
DES cipher is superior to CipherText giving hundreds of millions of =
times greater message diversity because of the key combinations. This is =
where most cryptologists lose interest real fast in YOUR so called =
'work'.
I used my algorithm to develop demonstrations of various uses within the =
default protocol sending encrypted text back and forth at lightning =
speed and giving myself all the credit in the world for a job well done =
proving that it can still be done.
You are aware that the US government is looking at 512 bit ciphers that =
deliver E +300 possible encryption keys aren't you? Its mind boggling to =
think that its even necessary, but the experts say it is.
Anyway, I learned recently of an Old technique called 'the whitening' of =
ciphered messages. Apparently in the days before block ciphers, someone =
figured out that they could use numeric keys, and then use a set of =
random ordinates to MASK the first message giving it a 'whiter' (more =
random I assume) domain. The idea occurred plausible to me after =
thinking about an analogy to creating a set of values called a number =
and them articulating a change to its BASE. The result of course being a =
different-looking number. In my mind I had to justify how it would be =
done, using a large random mask to 'whiten' Ci
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #10 Tue, 28 Dec 99 13:13:01 EST
Contents:
Re: More idiot "security problems" (CLSV)
Re: Economic Espionage Act of 1996 and the U.S.A. government's violations (Eric
Chomko)
Re: Secure Delete Not Smart ("Trevor Jackson, III")
Re: More idiot "security problems" ("Brian Gladman")
Re: Employing digits of pi (James Felling)
Re: unbreakable? (Keith Monahan)
Re: Encryption: Do Not Be Complacent (Steve K)
Re: unbreakable? (John Savard)
Re: Secure Delete Not Smart (John Savard)
Re: Employing digits of pi (Mok-Kong Shen)
Re: Employing digits of pi (Mok-Kong Shen)
Re: Secure Delete Not Smart (Steve K)
From: CLSV [EMAIL PROTECTED]
Subject: Re: More idiot "security problems"
Date: Tue, 28 Dec 1999 15:27:38 +
"Terry Ritter" [EMAIL PROTECTED] wrote:
Just to keep things honest, I would say the real situation is even
more general:
*Any* *group* can create an encryption algorithm that no-one in the
group can break.
[ * rule 1 * ]
Here "group" includes individuals, academics, AES participants, etc.
Brian Gladman wrote:
Including the group of 'all human beings'.
"CLSV" [EMAIL PROTECTED] wrote:
A cipher designed by all human beings,
what is that supposed to mean?
Brian Gladman wrote:
[...] The group of 'all human beings' has created
a large number of ciphers already and will continue to do so.
Hence the rule implies that it is possible for human beings
to produce ciphers that human beings cannot break.
This really doesn't sound right from a logical
point of view. You say: ciphers are created by the group
consisting of 'all human beings' (*). As far as I know aliens
nor dolphins have contributed anything yet to the crypto field
so I agree. Then you go on and say that by applying rule 1 you
can conclude that it is possible for human beings (**) to produce
ciphers that human beings (***) cannot break. So you are
identifying (*) with (**) and (***). But the group (*) = (***)
is larger than (**) because it consists of all human beings
that have ever existed, are existing, and will exist in the future
while (**) consists of all the human beings existing up to the
point of the creation of the 'unbreakable' cipher.
I wouldn't generalize Terry Ritter's statement any further.
Regards,
CLSV
--
From: Eric Chomko [EMAIL PROTECTED]
Crossposted-To: alt.politics.org.cia
Subject: Re: Economic Espionage Act of 1996 and the U.S.A. government's violations
Date: 28 Dec 1999 15:48:06 GMT
In alt.politics.org.cia Jim [EMAIL PROTECTED] wrote:
: On 22 Dec 1999 18:20:50 GMT, Eric Chomko [EMAIL PROTECTED] wrote:
: One world economy and that many more lawyers. Man, to think how much
: litigation we have in the US over corporate squabbles and now its going
: worldwide. I shutter to think about needing more lawyers and on a global
: scale. shutter
: Just how do you do that? Shutter.
Ah yes, another Americanism of the English language: shutter. It would
mean to writhe in disgust. Sort of like drinking a shot of really lousy
whiskey.
Eric
--
Date: Tue, 28 Dec 1999 11:04:52 -0500
From: "Trevor Jackson, III" [EMAIL PROTECTED]
Subject: Re: Secure Delete Not Smart
UBCHI2 wrote:
Data has been recovered after 9 overwriting wipes according to the PGP manual.
It seems foolish to secure delete something without encrypting it first. Why
isn't this ever suggested in the manuals?
It you already have a plain copy stored, encrypting it will not prevent someone
from recovering the plain copy, because the encryption does not replace the plain
copy. The encrypted file is a separate representaiton of the information in the
plain file.So the plain file still exists to be recovered.
Even if the excrypted copy replaced the plain copy sector for sector it would not
hide the plain version of the file because the replacement would only write each
sector once. To fully erase the plain version of the file you need many writes to
each sector.
The best answer is to never store plaintext. The information must be encrypted as
it is stored. Disk encryption software does this for you.
--
From: "Brian Gladman" [EMAIL PROTECTED]
Subject: Re: More idiot "security problems"
Date: Tue, 28 Dec 1999 16:07:20 -
"CLSV" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]...
"Terry Ritter" [EMAIL PROTECTED] wrote:
Just to keep things honest, I would say the real situation is even
more general:
*Any* *group* can create an encryption algorithm that no-one in the
group can break.
[ * rule 1 * ]
Here "group" includes individuals, academics, AES participants,
etc.
Brian Gladman wrote:
Including the group of 'all human b
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #9 Tue, 29 Jun 99 16:13:04 EDT
Contents:
Re: MP3 Piracy Prevention is Impossible ("Else")
Re: PIII Random Number Generator? ([EMAIL PROTECTED])
Re: Tough crypt question: how to break ATT's monopoly??? (Bill Unruh)
Re: Tough crypt question: how to break ATT's monopoly??? (Bill Unruh)
Re: Windows9x Crypt Function (David A Molnar)
Re: Tough crypt question: how to break ATT's monopoly??? (JPeschel)
Re: Tough crypt question: how to break ATT's monopoly??? (Bill Unruh)
Re: How do you make RSA symmetrical? (Bill Unruh)
Re: Hamming Weight (Mok-Kong Shen)
Re: Can Anyone Help Me Crack A Simple Code? (William Tanksley)
Re: MP3 Piracy Prevention is Impossible (Bill Unruh)
Re: Tough crypt question: how to break ATT's monopoly??? (David A Molnar)
Re: trapdoor one way functions (Medical Electronics Lab)
Re: Secure link over Inet if ISP is compromized. ("Else")
Re: MP3 Piracy Prevention is Impossible (John Savard)
Re: trapdoor one way functions (Jonathan Katz)
Re: MP3 Piracy Prevention is Impossible (Vernon Schryver)
Re: The One-Time Pad Paradox (Patrick Juola)
Re: Secure link over Inet if ISP is compromized. (Jim Felling)
Re: trapdoor one way functions (David A Molnar)
Re: Secure link over Inet if ISP is compromized. (Thomas Wu)
Re: one time pad (William Tanksley)
From: "Else" [EMAIL PROTECTED]
Subject: Re: MP3 Piracy Prevention is Impossible
Date: Tue, 29 Jun 1999 22:08:17 +0400
[EMAIL PROTECTED] wrote in message 7lapgp$ok4$[EMAIL PROTECTED]...
It's completely impossible to make sure that somebody can't share
the plaintext of a document with somebody else. Why try?
It does not have to be "completely impossible". "Too expensive" would do
just fine.
--
Date: Tue, 29 Jun 1999 00:52:59 -0400
From: [EMAIL PROTECTED]
Subject: Re: PIII Random Number Generator?
[EMAIL PROTECTED] wrote:
In article [EMAIL PROTECTED],
Ed Yang [EMAIL PROTECTED] wrote:
How 'random' are these? Do you have a standard unit of meausre of
'randomness'?
M. K. Shen
Yes, the unit of measure is the "knauer", which dimensionless,
since it measures non-deterministic bits per bits available.
The imaginary part of the knauer is called "true" and the real
part is called "written". The complex conjugate of the knauer,
when multiplied by the measured knauer value is called the
size of the random string.
I like 'entropy' or H(M) myself... I have never heard of a 'Knauer'.
Are there any good online links/papers on it (sounds a bit vague to me).
You post via Deja.com, so use their archives. Look up Knauer in the
sci.crypt archives. As Author: not as Subject:.
--
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Tough crypt question: how to break ATT's monopoly???
Date: 29 Jun 1999 17:06:26 GMT
In [EMAIL PROTECTED] [EMAIL PROTECTED] (JPeschel)
writes:
in Canada. I am pretty sure Canada's export restrictions are the same
those in the US by mutual agreement. John Savard might speak to this.
No they are not the same. Canada has much more lenient regulations. In
particular the General Software exemption is valid in Canada, while EAR
specifically overrules it in th eUSA. This means that any software which
is generally available "over the counter" is free for export without a
license. Unfortunately as is so often the case in Canada, there is a
secrtion of the Export Control List which means it is required to get a
license to export ANYTHING (including that Pen in your pocket) which
originates in the USA.
--
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Tough crypt question: how to break ATT's monopoly???
Date: 29 Jun 1999 17:08:36 GMT
In [EMAIL PROTECTED] [EMAIL PROTECTED] (Christopher)
writes:
For a twist, what if the ciphertext were part of the binary itself. If
there is no separation of program and data, would that be restricted? It
certainly isn't a general purpose cipher program anymore, and is arguably
more message than program.
Probably yes. If it were solely for purposes of validation, then if the
user were unable to get at and use the decryption program it would
probably be OK. But if the purpose is hiding communications, then it
would not be OK, at least as I as a non-lawyer read the EAR
--
From: David A Molnar [EMAIL PROTECTED]
Subject: Re: Windows9x Crypt Function
Date: 29 Jun 1999 16:59:51 GMT
Andrew Whalan [EMAIL PROTECTED] wrote:
I am looking to doing some research on some distributed networking and it
has come up that it would be an ideal situation to implement a brute force
cryptanalysis engine. Other ideas include proving/disproving various
Please see distributed.net for an implementation. Very much fun.
ma
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #8 Sun, 27 Dec 98 05:13:04 EST
Contents:
U.S. Spying On Friend And Foe (Mark Adkins)
Date: Sun, 27 Dec 1998 04:24:49 -0500 (EST)
From: Mark Adkins [EMAIL PROTECTED]
Subject: U.S. Spying On Friend And Foe
You know, I wasn't going to post this, but I've just caught part of a
debate on C-SPAN regarding whether Jonathan Pollard should be released
early, and I was offended by the sanctimonious bleating of people like
David Klinghoffer of National Review, who have the audacity to compare
the revelation of technical intelligence to a foreign ally by Pollard
to the case of Aldrich Ames. The United States has some nerve! (For
those who may be interested, I am neither Jewish nor pro-Israel. I
simply find the hypocrisy of the United States Government appalling.)
It's also enlightening to bear in mind what follows when considering
U.S. Government proposals for cryptological systems and standards for
domestic and export use. There is also some information regarding
intelligence intercepts of Iranian (not Libyan) communications about
the bombing of PanAm Flight 103.
The article is particularly interesting since the United States spies
on every country in the world except for Great Britain, Australia, and
Canada -- see Ronald Kessler, _Inside The CIA_ (NY: Pocket Books,
1992) -- and quite frankly I'd be surprised if we abide even by those
agreements. The position of the U.S. intelligence community has always
been that since governments and leadership change, what is today a
cooperative ally may tommorrow become obstructionist if not hostile
("obstructionism" being judged by the compliance of foreign leaders with
the values and priorities of U.S. foreign policy) and that therefore it
is a good idea to spy on allies as well as enemies since one cannot set
up an espionage infrastructure in a foreign country overnight. We also
spy on economic competitors like Japan. (Kessler, pp. 9-12) Generally
speaking, these countries spy on us as well.
What follows is the full text, including a sidebar article (which I
have placed at the end of the main article) and footnotes, of an
article by Wayne Madsen, an Arlington, VA based journalist specializing
in computer security, privacy, and intelligence, who is also the author
of _Handbook of Personal Data Protection_ (NY: Stockton, 1992). The
article appeared in the Winter 1998 issue of CovertAction Quarterly,
pp. 36-42. CAQ can be reached at (202) 331-9763 (voice), (202) 331-9751
(fax), or [EMAIL PROTECTED] Their snail mail address is 1500 Massachusetts
Avenue, N.W., #732, Washington, D.C. 20005. By way of disclosure to
readers of this newsgroup, CAQ is an unabashedly left-wing periodical
which sometimes produces intelligence-related articles of some interest
and validity (and occasionally some embarrassing stinkers). As for this
article, read it and decide for yourself.
* * *
CRYPTO AG: THE NSA's TROJAN WHORE?
by Wayne Madsen
copyright 1998 by CovertAction Quarterly
It may be the greatest intelligence scam of the century. For decades
the U.S. has routinely intercepted and deciphered top secret messages
of 120 countries. These nations had bought the world's most sophisticated
and supposedly secure commercial encryption technology from Crypto AG,
a Swiss company that staked its reputation and the security concerns of
its clients on its neutrality. The purchasing nations, confident that
their communications were protected, sent messages from their capitals
to embassies, military missions, trade offices, and espionage dens around
the world, via telex, radio, teletype, and facsimile. They not only
conducted sensitive albeit legal business and diplomacy, but sometimes
strayed into criminal matters, issuing orders to assassinate political
leaders, bomb commercial buildings, and engage in drug and arms smuggling.
All the while, because of a secret agreement between the National Security
Agency (NSA) and Crypto AG, they might as well have been hand-delivering
the messages to Washington. Their Crypto AG machines had been rigged so
that when customers used them, the random encryption key could be auto-
matically and clandestinely transmitted with the enciphered message. (1)
NSA analysts could read the message traffic as easily as they could the
morning paper.
The cover shielding the NSA-Crypto AG relationship was torn in March, 1992
when the Iranian military counterintelligence service arrested Hans
Buehler, Crypto AG's marketing representative in Tehran. The Iranian
government charged the tall, 50ish businessman with spying for "the
intelligence services of the Federal Republic of Germany and the United
States of America." (2) "I was questioned for five hours a day for nine
months," Buehler says. "I was never beaten, b
