FC01 E-Voting Panel Description
--- begin forwarded text Resent-Date: Mon, 12 Feb 2001 15:03:52 -0400 Date: Mon, 12 Feb 2001 14:02:42 -0500 (EST) From: Paul Syverson [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: FC01 E-Voting Panel Description Resent-From: [EMAIL PROTECTED] Resent-Sender: [EMAIL PROTECTED] Panel: The Business of Electronic Voting Place: Financial Cryptography 2001, Grand Cayman, Feb 21st, 2001 10:40 AM. Panel Chair: Moti Yung, CertCo Panelists: Ed Gerck, safevote.com Andy Neff, VoteHere.net Ron Rivest, MIT Avi Rubin, ATT research Abstract: This panel will concentrate on the emerging business of e-voting. The problems associated with traditional voting machines in a national election---their unreliability, inaccuracy and other potential hazards---were placed in an international limelight by the last US presidential election. At the same time, but less conspicuously, an industry centered around e-voting has started to emerge, offering various solutions for national, boardroom, company-wide, and other sorts of elections. Indeed, the cryptographic research community has dealt with issues related to security and robustness of e-voting as a fundamental protocol problem. In contrast, this panel will discuss issues regarding the real-life aspects of actual implementations of voting systems. We will discuss basic requirements and problems associated with the reality of election technology and the business built around it, covering issues of reliability, fairness, and scalability, and asking such questions as: Does one solution fit all situations? How much security is actually required? Is e-voting for real? How far are we from ``real'' voting? Is the Internet the right arena for voting? What is the interaction between the technology and its quality and the business? Is it a business at all? (Is there money to be made, and how? Alternatively: does e-voting really belong in ``financial cryptography''?) What are the social and legal implications of e-voting? We hope to learn about new angles to examine voting problems, to learn about related burning issues of all kinds (social, business, technology), and to learn about new questions for further basic, systems, market, legal or social research. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Steven Levy; How the Crypto Rebels Won
--- begin forwarded text Date: Wed, 14 Feb 2001 09:52:21 + To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Steven Levy; How the Crypto Rebels Won Cc: Steven Levy [EMAIL PROTECTED], Scott Moskowitz [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- [Note that the Harvard Club is now "business casual". No more jackets and ties -- while it lasts, anyway :-)... --RAH] The Digital Commerce Society of Boston Presents Steven Levy, Author, Senior Editor, _Newsweek_ Magazine "How the Crypto Rebels Won" Tuesday, March 6th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA How a group of outsiders envisioned a need for wide-spread cryptography and then took on two daunting missions: providing unprecedented tools to make this happen, and fighting the government for the right to distribute the tools. Steven Levy is a senior editor at Newsweek and author of CRYPTO: HOW THE CODE REBELS BEAT THE GOVERNMENT, SAVING PRIVACY IN THE DIGITAL AGE. He is also author of four other books including HACKERS, ARTIFICIAL LIFE, INSANELY GREAT, and THE UNICORN'S SECRET, and have contributed to many other publications. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, March 6th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, March 3rd, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (we've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: April 3 Scott Moskowitz Watermarking and Bluespike As you can see, :-), we are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, are a principal in digital commerce, and would like to make a presentation to the Society, please send e-mail to the DCSB Program Committee, care of Robert Hettinga, mailto: [EMAIL PROTECTED]. -BEGIN PGP SIGNATURE- Version: PGP 7.0 iQEVAwUBOopVR8UCGwxmWcHhAQGC0wf+Iu5psvIFhQiFdzJhhy2t2ftYtCUwtxe0 jUcfdU+tlzzUNhOaQzbv4ld1+VhpmAGhjtnbrc31SEUqSvdGJeq3xTSyazJHfo8d JO0A5+cdPMYGEd/vD2PH86WcP36/zc6y57PjVZ30dkcrp554mM3s4UKPDTBZW/aX 1kyDtEBK/vHQblt01n5bVU+fCEJYRRV3qP0et3NebGZM4OP9+ehs92+nnd+4bsqN qdGhgZqlsVLlwA9jEkrC0IsrypAqw/Xbxfubof4ys08/UALBNgGY+3dNFhtFmjnG Pq8Jwhvu7CffqLbxFkON/pNu2KtFBBZLx8xep98NyP3a2lllbsCzmA== =E2LW -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' ~~ To unsubscribe from this list, send a letter to: [EMAIL PROTECTED] In the body of the message, write: unsubscribe dcsb-announce Or, to subscribe, write: subscribe dcsb-announce If you have questions, write to me at [EMAIL PROTECTED] --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
rubberhose.com (was Re: NTK now, 2000-02-09)
At 11:22 AM -0800 on 2/9/01, Danny O'Brien wrote: Accusing us of "doting on my six year old childhood peccadilloes", JULIAN ASSANGE, co-author of THE UNDERGROUND and, we dotifully include, THE DAN FARMER RAP, directs our attention as "citizen[s] of totalitarian England", to RUBBERHOSE, his fine two-year-old toddler of a "deniable encryption" system. In Assange's own sweet, twisted way, Rubberhose is named after the decryption tactic it attempts to defeat: Rubberhose Cryptanalysis, in which suspects are exposed to repeated rounds of the "kick to the head" attack until their password is revealed. Rubberhose thwarts this by allowing a large number of encrypted messages to be stored on the same drive, each encoded with a different password. The total number of levels is unknown, so when Commandante Plodista requests your passphrase, you can happily give him the password to the lowest level (or three), confident that noone can ever prove that this isn't *all* the data you have on the drive. Along with StegFS, it's another recommended RIP-bypasser. Unless you really are under risk of being beaten up, in which case, we'll re-pose the FAQ: won't rational torturers just beat you up *forever*? Anyone want to pick up on the in-the-field research here? http://www.rubberhose.org/ - smart civil rights groups stick with Linux 2.2 http://www.rubberhose.org/current/src/doc/beatings.txt - taking "prisoner's dilemma" out of labs, into prisons http://www.dataguard.no/bugtraq/1995_2/0194.html - hold on, if he was six in 1995... -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: 802.11 Wired Equivalent Privacy (WEP) attacks
At 12:05 PM -0500 on 2/8/01, Arnold G. Reinhold wrote: Thus there is a need for a short term remedy that can work with the existing standard. Not to pull your leg (too hard), or anything, but, we were told, at mac-crypto, that it's called "super-encryption". ;-) IPSec anyone? Cheers, RAH -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: IEEE 802.11 WEP holes
At 9:35 AM -0800 2/5/01, Jurgen Botz wrote: Slashdot this morning reported on a ZD-Net article at: http://www.zdnet.com/zdnn/stories/news/0,4586,2681947,00.html?chkpt=zdhpnews0 1 which states that there are major holes in IEEE 802.11 "WEP" encryption. Does anyone have any more details on this? http://www.vmeng.com/mc/debrief00.html, and grep for WEP, although Vinnie hasn't gotten the slides from Nikita Borosov yet, it looks like, but I bet they'll be there soon, now :-)... Nikita's talk at mac-crypto last week was entirely coincident to the slashdotted ZDNet story, I'm sure, :-), though I wouldn't be completely surprised that ZeroKnowlege's PR folks stirred the pot there as well. I can't wait to see if Schneier calls this a "publicity attack". (Naw, Jon Callas was there, and he'd have said something, I'm sure, so I'd say ZKS has been offically inoculated from such a scandalous accusation...) The above remarkable cooincidence, coupled with the "impromptu lecture" from conference floor by Apple's entirely defeatist :-) export-lawyer, which appeared the Guardian story this morning, means, I suppose, mac-crypto's now officially influential, if not exactly famous... Of course, Vinnie, and I sicced Paul on poor Ian to bring himself, or or send someone like Nikita, after Paul saw Ian's recent Bay-Area cypherpunks meeting talk on the same subject, and said we *had* to have a talk on their total WEP-crack this year. Moral: use end-to-end encryption, IPSec (PGPNet, other stuff), for instance. Anyway, a good time was had by all, and Nikita, -- followed by the talk that Andrew did with MojoNation running in System X after some immediately-burned midnight oil -- completely stole the show this year. A great time was had by all, wish you were there, see you next time, and all that... :-). Cheers, RAH -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
WEP Wipes Out
networks, without activating security measures such as WEP. One computer-security consultant in New York, who asked not to be identified, said he was able to access the computer network of his client, a major financial-services firm on Wall Street, while sitting on a bench across the street. Though he didn't have free range of the network, it was as if he walked through the building lobby, past a receptionist and sat down at one of the firm's computers. "From a taxi driving by you could gain access to their network," he said. That is the unique challenge of wireless networks: Radio transmitters beam out data beyond the walls of buildings. The latest vulnerabilities also point to human error in the design. "Some of the mistakes they made are howlers," said Steven Bellovin, a security researcher at ATT. One weakness resides in the system that scrutinizes data packets when they are received at a destination. The system, called a "checksum," applies a mathematical formula to the contents of the packet of data and generates a number. When the packet of data is received, its checksum is recalculated to ensure that the packet hasn't been corrupted or modified. The Berkeley researchers found, however, that the packets and their checksum could be modified without detection. Somebody's .sig --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
WPI Cryptoseminar, Wednesday, Feb 7
--- begin forwarded text Date: Tue, 6 Feb 2001 12:59:46 -0500 (EST) From: Christof Paar [EMAIL PROTECTED] To: WPI Crypto Seminar: ; Subject: WPI Cryptoseminar, Wednesday, Feb 7 Sender: [EMAIL PROTECTED] Reply-To: Christof Paar [EMAIL PROTECTED] Here we go again, the WPI Cryptoseminar starts tomorrow, Wednesday. Sorry for the late notice. - Christof ** WPI CRYPTOGRAPHY SEMINAR Efficient Implementation of Elliptic Curve Cryptosystems on the TI MSP430x33x Family of Microcontrollers Jorge Guajardo WPI Place: AK218 Date Time: Wednesday, Feb 7, 1:30pm (refreshments at 1:15pm) This contribution describes a methodology used to efficiently implement elliptic curves (EC) over $GF(p)$ on the 16-bit TI MSP430x33x family of low-cost microcontrollers. We show that it is possible to implement EC cryptosystems in highly constrained embedded systems and still obtain acceptable performance at low cost. We modified the EC point addition and doubling formulae to reduce the number of intermediate variables while at the same time allowing for flexibility. We used a generalized-Mersenne prime to implement the arithmetic in the underlying field. We take advantage of the special form of the moduli to minimize the number of precomputations needed to implement inversion via Fermat's little theorem and the $k$-ary method of exponentiation. We apply these ideas to an implementation of an elliptic curve system over $GF(p)$, where $p=2^{128} - 2^{97}-1$. We show that a scalar point multiplication can be achieved in 3.4 seconds without any stored/precomputed values and the processor clocked at 1 MHz. This work will also be presented next week at PKC 2001 in Korea. -- DIRECTIONS: The WPI Cryptoseminar is being held in the Atwater Kent building on the WPI campus. The Atwater Kent building is at the intersection of the extension of West Street (labeled "Private Way") and Salisbury Street. Directions to the campus can be found at http://www.wpi.edu/About/Visitors/directions.html ATTENDANCE: The seminar is open to everyone and free of charge. Simply send me a brief email if you plan to attend. TALKS IN THE SPRING 2001 SEMESTER: 2/7 Jorge Guajardo, WPI Efficient Implementation of Elliptic Curve Cryptosystems on the TI MSP430x33x Family of Microcontrollers TBA Daniel Bailey, NTRU and Brown University NTRU in constraint applications TBA Andre Weimerskirch, WPI Application of the Mordell-Well Group to Cryptographic Systems (MS Thesis presentation) TBA Adam Woodbury, WPI Public-key Cryptography in Constraint Environments (MS Thesis presentation) TBA Thomas Wollinger, WPI Hardware Architectures for Hyperelliptic Curve Cryptosystems (MS Thesis presentation) See http://www.ece.WPI.EDU/Research/crypt/seminar/index.html for talk abstracts. MAILING LIST: If you want to be added to the mailing list and receive talk announcements together with abstracts, please send me a short email. Likewise, if you want to be removed from the list, just send me a short email. Regards, Christof Paar ! WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS (CHES 2001) ! ! Paris, France, May 13-16, 2001 ! ! www.chesworkshop.org ! *** Christof Paar, Assistant Professor Cryptography and Information Security (CRIS) Group ECE Dept., WPI, 100 Institute Rd., Worcester, MA 01609, USA fon: (508) 831 5061email: [EMAIL PROTECTED] fax: (508) 831 5491www: http://ee.wpi.edu/People/faculty/cxp.html *** For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Fw: CfP - Workshop on Security of Mobile Multiagent Systems(SEMAS-2001)
ould include the full name and contact details of at least one author(email and full postal address). Electronic submissions are mandatory. Acceptable formats are PDF and PostScript. Important Dates: - Submissions due Monday 19th March 2001 Notifications sent Friday 30th March 2001 Camera ready version due Monday 16th April 2001 Workshop Tuesday 29th May 2001 Organisation: - - Klaus Fischer and Dieter Hutter, DFKI Saarbr=FCcken, Germany Program Committee: - -- Sahin Albayrak, TU Berlin, Germany David Basin, University of Freiburg, Germany Ciaran Bryce, University of Geneve, Switzerland Hans-J=FCrgen B=FCrckert, DFKI GmbH Saarbr=FCcken, Germany G=FCnter Karjoth, IBM Research Z=FCrich, Switzerland Luc Moreau, University of Southampton, UK Volker Roth, Frauenhofer IGD, Germany Helmut Schwigon, BSI Bonn, Germany Vipin Swarup, The MITRE Corp, USA Christian Tschudin, Uppsala University, Sweden Jan Vitek, Purdue University, USA Contact Person: - --- Dr. Klaus Fischer DFKI GmbH Stuhlsatzenhausweg 3 D-66123 Saarbr=FCcken Germany Tel/Fax +49 681 302-3917/-2235 Email: [EMAIL PROTECTED] URL: http://www.dfki.de/~kuf/ __ To be removed from this list, send a message with "unsubscribe info-hol" as its sole content to [EMAIL PROTECTED] For more information see http://lal.cs.byu.edu/lal/hol-documentation.html For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Anonymous Credit: 7-11/AMEX Gift Card (was Re: PRIVACY ForumDigest V10 #02)
At 6:48 PM -0800 on 2/3/01, PRIVACY Forum wrote: Date:Thu, 07 Dec 2000 19:00:36 EST From:HC [EMAIL PROTECTED] Subject: Anonymous "Credit": 7-11/AMEX Gift Card I'm writing about a fairly new product that has become available: the 7-Eleven Gift Card by American Express. I found it a little odd that AMEX would be enabling people to carry out anonymous/private transactions. Especially considering the reports about how AMEX would peek into customers' bank accounts to verify if they have enough money to pay their monthly bill! So it's interesting that they would issue a card that cannot be tracked back to you. ABOUT THE CARD This card is being issued at 7-Eleven stores nationwide. It is fairly new (to the East Coast anyway) so it's availability may be limited in some areas. You can find out more information on the 7-Eleven web site at http://www.7-eleven.com/products.html. It is gold in color and bears the American Express "Blue Box" logo on the front. It's packaged much the same way as a prepaid calling card--it is on a hang-card with the front of the card displayed but the back side is half covered by the opaque card but the magnetic strip is exposed. The back side of the card which is covered up contains a silvery strip which you scratch off much like a lottery ticket. This is where the 15-digit card number and 4-digit verification codes appear. Note that there are no embossed numbers or any name whatsoever on the card. The expiry date is in tiny under the signature panel but I noticed that the date shown (12/03) is different than the date encoded on the mag stripe (03/03) yet both of them work. HOW IT WORKS The card is a gift card much like any other gift card or gift certificate from Best Buy, Macy's etc except this card can be used at most anyplace that takes the American Express card. To get a card, simply go to a 7-11 store and ask for a gift card in any amount between $25-$1,000. You'll be charged a fee of 4% to "load" the money onto the card. You pay the amount plus fee with cash or (oddly enough) credit card--or even another gift card. The clerk swiped the gift card and enters the payment information which then activates the card on the AMEX network. You'll be given a receipt showing the balance on the card. When activated, the card can be used instantly--there is no delay. Since this is a gift card, I think AMEX intended it to be sent to loved ones but there is nothing stopping you from buying one for yourself. When your balance runs low you can "reload" more money onto the card at any 7-11 store. You can also call the toll free number on the back to check your balance. USING THE CARD So far, I have used the card in all manner of places both online and in the physical world with only one or two minor snags: one merchant's register would not read the mag stripe properly and when the clerk keyed in the number, the register asked for the effective dates, ie, when did the card *start* and when did it expire. A quick call to the toll free number took care of that. The other hold up came from a couple of places that not only swipe all credit cards presented but also imprint the number. Well there's nothing to imprint on this card so they just note that and carry on. Note that the four (only four!) places that asked for ID with the credit card changed their mind when they saw there wasn't even a name on the card to verify! On the subject of ownership, you need to treat this card as cash. That's because like cash, you can't really prove ownership--if you drop either in a parking lot and someone else comes along after you leave, he/she can use either and you're out of that money. Some would wonder why pay 4% to use your own cash. One thing to remember is that you can't really use cash across the Internet. This card can be used (again, entering any name and address if necessary) at any website that takes AMEX. This makes it good at sites that you'd rather not have appear on your personal credit card. So you can greatly enhance your privacy by using a web-based mail service, an anonymous web browser and this card and not worry about junk mail or any other annoyances. [ Of course, if a person chooses to buy one of these cash cards using their credit card for payment, the "anonymity" factor may be significantly reduced. -- PRIVACY Forum Moderator ] -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Telephone Behavior as Biometric (was Re: ip: New ScientistNewsletter 3 February 2001)
[Interesting implications on automated traffic analysis... --Perry] At 1:37 AM -0600 on 2/1/01, by way of [EMAIL PROTECTED] wrote: GUARDIAN ANGEL We wouldn't go so far as to suggest that your are boring, but this week's New Scientist does have evidence that you are somewhat predictable. Especially when you use your mobile phone. Researchers at a London company have discovered that the numbers we ring, the length of our calls and the times of the day we make them are all characteristic behaviours that are very specific to us. Now, SearchSpace intends to use our "predictability" to develop a fraud-detection system which could help foil potential phone thieves. The new system has pattern-recognition software built into intelligent agents - called sentinels - which assemble behaviour profiles of subscribers on a network and demand user identification if they spot anything unusual. According to SearchSpace's Jason Kingdon, "It's like having a virtual software guardian assigned to each customer." http://www.newscientist.com/news/newsletter.jsp?id=ns370 -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Leo Marks
issolved in acrimony. A liver complaint necessitated a big operation. He got into troubles over money. Yet he deserves to be remembered as he was a man of undoubted brilliance, who played an outstanding part in the war against Hitler. Leo Marks, codebreaker, codemaker and impresario, was born in 1920. He died on January 15 aged 80. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: iDVD Not What It's Claimed
-BEGIN PGP SIGNED MESSAGE- At 7:41 AM -0800 on 1/21/01, Somebody wrote: x-flowedYou've all seen this - I'm just trying to figure out what I think about at least the part that applies to Apple and iDVD. I think Gilmore's right. On the other hand, and, quite frankly, it is the *market* that ultimately determines the salability of something, and not government regulation, or even the litigiousness of the recording industry. I think the reason we don't have digital out jacks on minidisc players is because people don't want to *pay* for them. The fact that the recording industry's lawyers have a massive incentive to increase that cost as much as they possibly can, is, oddly, orthogonal to the basic value proposition that people *play* music on the things, and not record it on them. Sharing music in digital form may eventually change that dynamic, in the much the same way that people beam applications back and forth with their Palm machines today, or with Napster on the net. But, that will happen only if the physical cost of a digital out port is worth it in the marketplace. At the risk of sounding like a Republican, or, better, an anarcho-capitalist, here, supply creates its own demand, same as it ever was. If it's cheap enough, hardware companies will put them there, just because they can. Remember the Go dual video-recorder case, where the movie business fought a simple copying technology tooth and nail, and, after much blood and money, nobody bought the damn things when they *did* get to market because the physical *cost* of copying a video -- and the value of a movie you've seen once -- was considerably more expensive than the few bucks it cost to rent a video from, say, Blockbuster. So, the reason we have copy protection schemes (scams? :-)) is because the people who *finance* recorded art and software (not those who *make* it, notice the distinction) can not, currently, make their money back without hiring lawyers and using the governments guns to keep in business. Not a bad thing, frankly; it's value neutral, like the weather. It's just the way the world works right now. At least we get the music that way, after a fashion. And, given the inertia of the capital involved, it's currently the *only* way to get music and make enough money to stay in business. Of course, that will change, both with internet cash-settled auction markets for content, where the first copy is the most valuable and the last copy is worth only marginally more than the bandwidth used to distribute it, and of course, in a world of ubiquitous strong cryptography, which creates a very precise, and non-legislated form of private property: if it's encrypted with my key, then it's *my* property, and there's not much you can to with lawyers, or guns, frankly, to keep me from controlling that property. In a geodesic market like that, copy protection becomes mere friction, and it will go the way of all copy protection throughout the ages, once again, because it *costs* too much. Oddly enough, this idea auctioning the first copy of something for a lot of money and each subsequent copy being auctioned off for asymtotically smaller prices per copy is exactly what happens now. That's what publishing and recording advances are, what recording contracts themselves are. It's just that it's done with laws and the monopolistic force of the state now, and we're moving into a world where we're going to trade guns and lawyers for networks and financial cryptography. Of course, if that new world cost *more* than the current regime of guns and lawyers, it doesn't *deserve* to live, all moral protestations of the latter's adherents like myself to the contrary. Cheers, RAH -BEGIN PGP SIGNATURE- Version: PGP 7.0 iQEVAwUBOmsXtcUCGwxmWcHhAQEXpwf+KQqRrS90IafdkcDEi7T/CG+5DjVAbds2 tVff+uwSloA5ZjOZjxR0snLoSQx569QDz9tsQUi5qTeIlO4+oWNYZUSEfITs1bTi c6r9YFJMRiFMhlR08XmGZMQnolYboXsE3+yi9PIfhLJ3zUpmfERKmjowh6SLiiqo n8aOwlahu2PSSt9yibThqy/Jt8nfkc8zKKvGSXpsOtq/1kUe9G/N9Rq5D6+WQ+16 c6xbl0g+hPToRi6RTvTS1GFRZ3lpEL5my8lFRM4TReoe7ufWsa6B25PgHrFZ3qEw EOwH+8ZLCOn2I68U5vnJMFH7wG3GKwXwgZ4vIzrLvhaUsCrRkhydKg== =XQTK -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
New Scientist (UK): Hand Over Your Keys
from the police and intelligence agencies to the Home Office recently revealed that they aspire to a seven-year computerised archive logging all phone calls, e-mails and web browsing. When online, this amounts to surveillance of your stream of consciousness without a warrant. Crypto is a well-researched book. Its one flaw is its exclusively American perspective, which means that it overlooks the most repressive Internet legislation anywhere in the world: the RIP Act 2000. Caspar Bowden is director of the Foundation for Information Policy Research ** Subscribe to Freematt's Alerts: Pro-Individual Rights Issues Send a blank message to: [EMAIL PROTECTED] with the words subscribe FA on the subject line. List is private and moderated (7-30 messages per month) Matthew Gaylor, 2175 Bayfield Drive, Columbus, OH 43229 (614) 313-5722 Archived at http://www.egroups.com/list/fa/ ** ** For Listserv Instructions, see http://www.lawlists.net/cyberia Off-Topic threads: http://www.lawlists.net/mailman/listinfo/cyberia-ot Need more help? Send mail to: [EMAIL PROTECTED] ****** --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
NSPW 2001 CFP
Voice: +1 (732) 576-3279 Fax: +1 (305) 489-8129 Fax: +1 (732) 576-6406 Program Committee Co-Chairs Brenda Timmerman Darrell Kienzle California State University NAI Labs at Network Associates 18111 Nordhoff Street8000 Westpark Dr. Suite 600 Northridge, CA 91330-8281 USAMcLean, VA 22102 USA Email: [EMAIL PROTECTED] Email: [EMAIL PROTECTED] Voice: +1 (818) 677-7341 Voice: 703-356-4938 Fax: +1 (818) 677-2140 Fax: 703-821-8426 Program Committee Bob Blakley, Tivoli Systems Thomas E. Daniels, CERIAS/Purdue University Heather Hinton, Tivoli Systems Jun Li, University of California, Los Angeles Carla Marceau, Odyssey Research Associates Cathy Meadows, Naval Research Laboratory Ira Moskowitz, Naval Research Laboratory Susan Pancho, University of Cambridge Kai Rannenberg, Microsoft Research, Cambridge Emilia Rosti, Universita` degli Studi di Milano Sami Saydjari, SRI International Abe Singer, University of California, San Diego John Michael Williams, USA Bradley J. Wood, SRI International Local Arrangements John McHugh, SEI/CERT, +1 (412) 268-7737 [EMAIL PROTECTED] Financial Aid Hilary Hosmer, Data Security Inc., +1 (781) 275-8231 [EMAIL PROTECTED] John McHugh, SEI/CERT, +1 (412) 268-7737, [EMAIL PROTECTED] Publicity Crispin Cowan (WireX Communications, Inc.) +1 (503) 241-6575 ACM-SIGSAC Chair Ravi Sandhu (George Mason University) +1 (703) 993-1659 Steering Committee Bob Blakley, Steven J. Greenwald, Hilary Hosmer, Darrell Kienzle, Catherine Meadows, Cristina Serban, Brenda Timmerman, Mary Ellen Zurko For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
early registration deadline for Financial Cryptography '01
--- begin forwarded text Resent-Date: Mon, 15 Jan 2001 21:40:34 -0400 Date: Tue, 16 Jan 2001 02:40:21 +0100 (MET) From: "R. Hirschfeld" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: early registration deadline for Financial Cryptography '01 Reply-to: [EMAIL PROTECTED] Resent-From: [EMAIL PROTECTED] Resent-Sender: [EMAIL PROTECTED] Just a reminder that the next few hours are the last chance to register for the FC01 conference for the early registration fee. After that the price will increase by $150. A preliminary program is available on the conference website, http://fc01.ai. --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
CHES 2001 --- 2nd CFP
ganization) Gemplus Card International 34 Rue Guynemer 92447 Issy les Moulineaux Cedex, FRANCE Phone: +33 1 46 48 20 11 Fax: +33 1 46 48 20 04 Email: [EMAIL PROTECTED] Christof Paar (Publicity Chair) Dept. of Electrical Computer Engineering Worcester Polytechnic Institute Worcester, MA 01609, USA Phone: +1 508 831 5061 Fax: +1 508 831 5491 Email: [EMAIL PROTECTED] Workshop Proceedings The post-proceedings will be published in Springer-Verlag's Lecture Notes in Computer Science (LNCS) series. Notice that in order to be included in the proceedings, the authors of an accepted paper must guarantee to present their contribution at the workshop. For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
[Mojonation-devel] announcing Mojo Nation 0.936
--- begin forwarded text To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: [EMAIL PROTECTED] Subject: [Mojonation-devel] announcing Mojo Nation 0.936 Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED]?subject=help List-Post: mailto:[EMAIL PROTECTED] List-Subscribe: http://lists.sourceforge.net/lists/listinfo/mojonation-devel, mailto:[EMAIL PROTECTED]?subject=subscribe List-Id: For developers hacking Mojo Nation code mojonation-devel.lists.sourceforge.net List-Archive: http://lists.sourceforge.net/archives//mojonation-devel/ Date: Fri, 12 Jan 2001 19:44:18 -0800 The Evil Geniuses For A Better Tomorrow are pleased to announce version 0.936 of Mojo Nation. This version contains several important bugfixes and improvements to the user interface. Mojo Nation is the peer to peer file system with "swarm" delivery[1], distributed load balancing[2], optional integrated micropayments[3], a global hash-based name space[4], 4-out-of-8 block reconstruction[5], and many other features[6]. In addition, Mojo Nation actually works.[7] To download the latest version of Mojo Nation for Windows, Linux or FreeBSD: http://mojonation.net/ (Or search the "software" category on Mojo Nation.) ChangeLog: core: + a bug introduced in 0.934 that would cause needless 100% cpu usage in the comms code has been fixed. + a bug in which Windows runs out of file descriptors has been fixed. + a bug that could cause publishing to hang has been fixed. + brokers directly connected to the internet will recheck their IP address once every few minutes for people using DHCP with flakey ISPs. user interface: + it now displays a notice when downloading the users initial mojo so that they don't think they need more. + many consistency improvments and a new background color. --- footnotes: [1] "Swarm" delivery splits files into many pieces and uses a dynamic file retrieval algorithm so that many servers, each with a low-bandwidth connection, can deliver a file to a client at high-bandwidth speed. [2] Distributed load balancing is provided by an algorithm which dynamically selects the servers that are performing best for *you*. [3] Integrated "Mojo" micropayments provide a way to ensure that the people connecting to your server are peers, not leeches. If you prefer to be more generous (or if you want to establish a reputation as a new but powerful server), you can set your prices to "0" which gives access to your disk space and bandwidth for free. [4] The global hash-based namespace, implemented with the SHA1 cryptographic hash, provides a way for any participant to uniquely identify a file and to verify that file's identify. For example, if you have Mojo Nation installed and you go to the URL "id/RDHYEsPIfSX8X9Vf-lQzDRFdYcA" then you will see a JPEG of two Evil Geniuses suiting up to enter the Research Chamber. The hash-based namespace makes it is impossible for any peer on the network to substitute a different file in place of that JPEG. [5] 4-out-of-8 block reconstruction, using Rabin's Information Dispersal Algorithm, means that for each block there are 8 "shares", each 1/4th as big as the block, and combining any 4 of them yields the original block. This increases availability of files when some of your peers are unavailable. [6] Too many to list. [7] Try it. ___ Mojonation-devel mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/mojonation-devel --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Digital Money Forum Programme
--- begin forwarded text User-Agent: Microsoft-Entourage/9.0.2509 Date: Mon, 08 Jan 2001 22:26:31 + Subject: Digital Money Forum Programme From: "David G.W. Birch" [EMAIL PROTECTED] To: Bob Hettinga [EMAIL PROTECTED] Bob, Can you post this in all of the relevant places: thanks... . the fourth annual Consult Hyperion forum . .. D I G I T A L ... M O N E Y . ... Kensington Park Hotel London April 25th/26th, 2000 sponsored by GlobeID in association with E-Finance Forum Day One. Benjamin Sahel Tim Jones European Central Bank Purseus Dominique Hautain Jon Prideaux ProtonWorld International Visa International Herve Kergoat Hugh Kingdon Europay Barclaycard Mike Hendry Dan Isamann Payment Systems Consultant Smart Prepay Day Two. Bob HettingaJack Selby Internet Bearer Underwriting Corp. PayPal Viktor Rostov Charles Cohen Paycash Beenz Amir Herzberg Phil Curtis NewGenPay Oberthur Paavi Helanto David Birch Sonera Mobile Pay Consult Hyperion .Administration. The detailed programme is on line at http://www.consult.hyperion.co.uk/forum/digmon4.htm Thanks to the generosity of our sponsors, this year the seminar costs only 495 pounds Sterling per person excluding VAT. The fee includes the seminar, documentation, meals, cocktails and drinks around the champagne tables.. For further information or to reserve a place please contact Gloria Benson [EMAIL PROTECTED] Telephone +44 1483 301793Fax +44 1483 561657 --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Digital Money Forum Programme
At 5:35 PM -0500 on 1/8/01, R. A. Hettinga wrote: April 25th/26th, 2000 ...I think David meant 2001, here... -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Ted Byfield; ICANN, Intellectual Property, and Digital Commerce
--- begin forwarded text Date: Tue, 9 Jan 2001 14:58:50 -0500 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Ted Byfield; ICANN, Intellectual Property, and Digital Commerce Cc: Ted Byfield [EMAIL PROTECTED], Scott Moskowitz [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- [Note that the Harvard Club is now "business casual". No more jackets and ties... --RAH] The Digital Commerce Society of Boston Presents Ted Byfield, Moderator, Nettime (among other things...) ICANN, Intellectual Property, and Digital Commerce Tuesday, February 6th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA Through an erratic process intended to "lessen the burdens of government," the Clinton administration transferred governance of the Internet's essential functions to the Internet Corporation for Assigned Names and Numbers. In trying to cement its status, ICANN has sought to transform the net's cooperative structures into a hierarchical contractual regime geared toward expanding and enforcing intellectual property claims. The result of ICANN's deviation from its technical coordination mandate into a captured policy-making proxy for an absent-minded US government is a centralized namespace that privileges the demands of late-adopters over innovative expansions of DNS. This talk will provide a survey of ICANN's activities to date and how they may advance alternative models and extensions of DNS as a decentralized, cooperative system that is more secure and less subject to political whim. After working for over a decade as decade as an editor focusing on intellectual and cultural history, Ted Byfield joined the faculty of Parsons School of Design in New York City, where he teaches about the social and political aspects of design. In addition to writing and lecturing about areas where the technical and cultural collide, he is a member of the rump Boston Working Group, co-moderates the Nettime mailing list, and serves as an boardmember and advisor for various New York-area cultural organizations. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, February 6th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, January 3rd, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (we've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: March 6 TBA April 3 Scott Moskowitz Watermarking and Bluespike As you can see, :-), we are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, are a principal in digital commerce, and would like to make a presentation to the Society, please send e-mail to the DCSB Program Committee, care of Robert Hettinga, mailto: [EMAIL PROTECTED]. -BEGIN PGP SIGNATURE- Version: PGP 7.0 iQEVAwUBOlttV8UCGwxmWcHhAQHyQgf9EFME11YN9QQUHfMidGJW/Jl4JYS4kz+c O+aS217xG7jrHhSzcobImq4Be16XkSz90hNEGfPEikOhOjbv0MHDQue5nOnJy9dN 5TCydlsSbD3Sz2f29FdpU+yV0MM2/puGDFGzZ3mdLFJJENGmAUdmy4FJGZbyLuSI PWeOikiuRYfuJlsQrzGNT+v6AzvB0DbzufCgGN2nNFRVXdHJny/p3HYj2ZH+53ZR e4pR1fhRzsK0xA3aQrMBErdGZcOR7iWrDj5va0DMjhw8ZdXQhQDNcQWigdCOnNx6 heY6pvuvSJDLMWb0sV+1QB6NKagKdiYP8U1S6iU1/49/lXToJH2LLw== =zbvY -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end
Treasury Publishes Electronic Authentication Policy
--- begin forwarded text Date: Thu, 4 Jan 2001 18:38:50 -0500 Reply-To: Law Policy of Computer Communications [EMAIL PROTECTED] Sender: Law Policy of Computer Communications [EMAIL PROTECTED] From: "Stephen T. Middlebrook" [EMAIL PROTECTED] Subject: Treasury Publishes Electronic Authentication Policy To: [EMAIL PROTECTED] Pursuant to GPEA, the Treasury Dept. has published an Electronic Authentication Policy. The policy appeared in yesterday's Federal Register and may be viewed online at (in PDF) http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=2001_registerdocid=01-79-filed.pdf (in text) http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=2001_registerdocid=01-79-filed Some background info: Purpose: This policy sets forth principles on the use of electronic authentication techniques, including digital signatures, for Federal payment, collection, and collateral transactions conducted over open networks such as the Internet. Federal payment and collection transactions include all transactions intended to effect a credit or a debit to an account, including transactions executed by Non-Treasury Disbursing Offices. Federal collateral transactions include all electronic messages or instructions to pledge, deposit, release, or claim collateral used to secure public funds. These payment, collection, and collateral transactions may be between the Federal Government and non-Federal entities, as well as transactions between Federal entities. stm ** For Listserv Instructions, see http://www.lawlists.net/cyberia Off-Topic threads: http://www.lawlists.net/mailman/listinfo/cyberia-ot Need more help? Send mail to: [EMAIL PROTECTED] ** --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Call For Presentations - EFCE 2001 - 22-23 June
--- begin forwarded text Date: Mon, 1 Jan 2001 12:52:18 -0400 (AST) From: Ian Grigg [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Call For Presentations - EFCE 2001 - 22-23 June Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] The Second Edinburgh Financial Cryptography Engineering Conference 22-23 June, 2001 The Signet Library Parliament Square Edinburgh, Scotland C A L L F O R P R E S E N T A T I O N S Edinburgh is again host to the international *engineering* conference on Financial Cryptography. Individuals and companies active in the field are invited to present and especially to demonstrate Running Code that pushes forward the "state of the art". STATEMENT OF INTENT "The study of money, above all other fields in economics, is one in which complexity is used to disguise truth or to evade truth, not to reveal it." -- John Kenneth Galbraith, Money: Whence it came, where it went - 1975, p15 This is a technical, practical meet. Presentations of demonstrable technology in the field of Financial Cryptography are invited. As this is a practical conference, we are hoping to accept every demonstrator. THE VENUE Our Venue is the Upper Library, within the Signet Library, which is a listed building housing the Society of Writers to Her Majesty's Signet. This exclusive conference venue is located in the centre of Edinburgh, within the Royal Mile. ADMINISTRATION Included in the conference admission will be breakfast, lunch and tea coffee breaks. Also included will be the conference dinner in a local Edinburgh establishment. The conference administration will block-book a convenient hotel in the centre of town. Details to be advised. NEXT STEPS FOR PRESENTERS 1. Save the dates 22/23 June, Friday and Saturday on your calendar. It is good to plan on a few extra days, and especially, leaving on the day after, Sunday, will help to get the best fares. 2. Prepare your presentation. Check the a href="http://www.efce.net/programme.html"evolving programme/a. Propose your presentation by mailing the Programme Chair, a href="mailto:[EMAIL PROTECTED]" Ian Grigg /a. 3. Book passage to Edinburgh. Don't forget to stay a few days on either side to see the sights. Check the site for Locatives and Logistics. 4. Work on your presentation. Remember, the main rule is that you demo working code. 5. Get your budget approved / allocated / applied for. Whilst a commercial conference, accepted presenters will pay a deeply discounted fee, to be announced in a forthcoming release. For planning purposes, 200 GBP (approximately 300 dollars or 320 euros) should cover presenter's admission; the hotel should be about 100 GBP ($150 or E160) per night. Also include travel and incidentals in your budget. 6. The call for delegates -- attendees who do not present -- will by published at a later date. If there is someone in your organisation who needs to survey the state of the financially cryptographic art, they can attend as a delegate. For planning purposes, 500 GBP ($750 or E800) should cover the delegate's admission. 7. If you think the conference can benefit your organisation, consider sponsoring. Contact the Sponsorship Chair a href="mailto:[EMAIL PROTECTED]" Rachel Willmer /a for more details. 8. Keep an eye on the a href="http://www.efce.net/" conference web site /a for evolving details. EFCE2000 COMMITTEE Fearghas McKay General Chair[EMAIL PROTECTED] Ian Grigg Programme Chair [EMAIL PROTECTED] Rachel Willmer Press and Sponsorship Chair [EMAIL PROTECTED] SPONSORSHIP EFCE is supported by these companies active in Financial Cryptography: * Intertrader Ltd, an Edinburgh-based e-payments middleware and applications company. http://www.intertrader.com/ * Systemics Inc, a builder of financial cryptography applications. http://www.systemics.com/ --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
TidBITS' Adam Engst on Martin Minow (was Re:TidBITS#561/01-Jan-01)
At 9:00 PM -0800 on 1/1/01, TidBITS Editors wrote: **The Passing of Martin Minow** -- I was cleaning out some old email while flying back from visiting family for Christmas when I came upon an message from Martin Minow, a puckish and insightful friend I see every year at the Netters' Dinner at Macworld Expo. The message didn't need a reply, but that didn't lessen my sadness when I saw a new message in another mailbox telling me Martin had just died suddenly of arteriosclerotic heart disease. Most recently, Martin had been a senior software engineer at ThinkLink, a voice-over-IP communications company, but before that he spent seven years at Apple as a SCSI guru, and for the 20 years before that he worked at Digital Equipment Corporation, first in Sweden and then in the U.S. I didn't know Martin well on a personal level, though he surprised me once in 1998 by inviting me to a picnic barbecue his running club was putting on after the San Francisco Bay to Breakers race. We hadn't exchanged email in months, and I was perplexed as to how he'd heard I'd be running that race. It turned out the news had leaked out via the widespread network of Mac folks we both knew. I'll treasure that quirky memory of Martin, both so a bit of him continues with me and because it reminds me just how important the community of Macintosh users really is. [ACE] http://www.vmeng.com/minow/ -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Reminder... Mac Crypto Jan 29th - Feb 1st
--- begin forwarded text Date: Fri, 29 Dec 2000 09:55:58 -0800 To: [EMAIL PROTECTED] From: Vinnie Moscaritolo [EMAIL PROTECTED] Subject: Reminder... Mac Crypto Jan 29th - Feb 1st Cc: [EMAIL PROTECTED] Hi all; Below is a preliminary list of talks scheduled for the Millennium Edition of the Mac Crypto/ Internet commerce workshop. The conference will be held at Apple's Deanza 3 Auditorium from Jan 29th - Feb 1st . I have had a lot of people propose talks but only a few have actually sent me their abstracts. If you are on the list below and would like to correct the abstracts, please send me the updated text. If you are not on the list but plan to talk, then send me the abstract now. thanks. -- Jonathan D. Callas Counterpane Internet Security "The Effect of Anti-Circumvention Provisions on Security" One of the properties of digital Intellectual Property (IP) is that it can be easily reproduced, modified, and transferred. In response, IP owners have created creating new security technologies for controlling the digital works. Inevitably, this creates an opportunity for those who can circumvent those technologies. --- Will Price, Director of Engineering PGP Security, Inc. "PGP Future Directions" Will Price will discuss new technologies in PGP such as Key Reconstruction, Instant Messaging encryption, PGP for Wireless, and future directions of PGP on the MacOS platform. -- Jean-Luc GIRAUD [EMAIL PROTECTED] "Security Architect". Gemplus (www.gemplus.com), "Introduction to Smartcards" This tutorial gives a general overview of the smartcard technology and its added value for cryptography and security. Classical smartcard concepts (card life cycle, smartcard structure, required infrastructure,...) are covered along with recent ones like open cards (Javacard,...). New applications and potentail security enhancements to MacOS X are given. Finally, the current state of the art in smartcard security is described. A lot of ressources are listed to give attendees the opportunity to access more detailed information. -- Charles Evans [EMAIL PROTECTED], Partner, BEK Ventures, "Secure, Real-Time Financial Transactions Using WebFunds on the Mac." The talk will center on real-world transfer of value in the form of either a) exchange among commodity-back electronic currencies or b) trading of shares in micro-enterprises. -- Vinnie Moscaritolo KF6WPJ ITCB-IMSH http://www.vmeng.com/vinnie/ PGP: 3F903472C3AF622D5D918D9BD8B100090B3EF042 --- WARNING: POLITICALLY INCORRECT AREA All P.C. Personnel entering these premises will encounter gravely offensive behavior and opinions. (SEC4623. Ministry of political incorrection security act of 1995) RAMPANT INSENSITIVITY AUTHORIZED --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Singapore to Make E-Money Legal Tender (was Re: GigaLaw.com DailyNews, December 27, 2000)
--- begin forwarded text Sender: [EMAIL PROTECTED] Date: Wed, 27 Dec 2000 09:23:37 -0400 From: Ian Grigg [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: Digital Bearer Settlement List [EMAIL PROTECTED] Subject: Re: Singapore to Make E-Money Legal Tender (was Re: GigaLaw.com DailyNews, December 27, 2000) List-Subscribe: mailto:[EMAIL PROTECTED] (full story below - careful, I think the site reconfigures the browser to turn off cp...) Presumably, what the article didn't say is that the central bank (currency board?) will be the issuer of electronic monies, thus clarifying the issue of the value of monies sourced from different technologies and companies. An unusual step, as pretty much all of "the West" has decided that Central Bank issued electronic value is a Bad Idea. But, the sort of thing one could expect form Singapore. iang "R. A. Hettinga" wrote: [E-COMMERCE] Singapore to Make E-Money Legal Tender Electronic money will be made legal tender in Singapore by the year 2008 and every merchant on the island republic will be required to accept it from customers no matter what the price of the goods in question. It is envisaged that consumers will pay for goods and services with e-money loaded in electronic purses stored on smart chips in mobile phones, personal digital assistants and even cars. The Board of Commissioners of Currency Singapore has set the 2008 start-up date to give merchants and banks around the country the time to prepare for such a nationwide system. Called the `electronic legal-tender system' it will require merchants and service providers to accept e-money under Singapore law. Even an item costing as little as 10 cents will be able to be purchased through the electronic currency. Low Siang Kok, director of currency of the BCCS said that existing wireless access protocol (WAP) technology was already capable of supporting such a service, but it will work to ensure a nationwide system is in place to support e-money transactions. Reported By Newsbytes.com, A HREF="http://www.newsbytes.com"http://www.newsbytes.com/A . 18:48 CST (20001226/WIRES TOP, ASIA, ONLINE, LEGAL/SINGAPORE/PHOTO) --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Spooknux (was Re: Netsurfer Digest: Vol. 06, #43)
At 1:17 AM -0500 on 12/27/00, Netsurfer Digest wrote: NSA Releases Security Enhanced Linux The US National Security Agency (NSA) is known far and wide for its reluctance to reveal anything about itself or its involvement with computer security. This Web page about an NSA project in operating system security goes against the grain. NSA broke its habitual silence in order to release a special security enhanced version of the Linux operating system: "Linux was chosen...to demonstrate that this (security) functionality can be successful in a mainstream operating system and, at the same time, contribute to the security of a widely used system. Additionally, the integration of these security research results into Linux may encourage additional operating system security research that may lead to additional improvement in system security." In other words, they want a secure OS as much as the rest of the online community. The security enhanced release includes source code, so Trojan horses are unlikely. http://www.nsa.gov/selinux/ http://www.nsa.gov/selinux/ -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: IBMIntel push copy protection into ordinary disk drives
--- begin forwarded text Date: Sat, 23 Dec 2000 22:42:35 -0800 From: Somebody To: "R. A. Hettinga" [EMAIL PROTECTED] Subject: Re: IBMIntel push copy protection into ordinary disk drives --- begin forwarded text Subject: Re: IBMIntel push copy protection into ordinary disk drives To: [EMAIL PROTECTED] From: [EMAIL PROTECTED] This hard drive thing sounds a lot more like 4C than TCPA though. The hard drive thing is apparently 4C, but seems like it'd fit in "nicely" (for someone's definition of nicely) with a TCPA-based system. Don't forget Intel and IBM are charter members of both these scuzzy outfits. And somebody please tell me what good an encrypted hard drive is gonna be when the key material has to pass through an untrusted PC running a see-through OS such as Windows? If one is actually trying to save the data _from_ the PC operator not _for_ him/her, one needs a TCPA-like hardening. At least Intel and IBM must realize this. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Ashcroft on encryption
--- begin forwarded text Date: Fri, 22 Dec 2000 19:27:05 -0500 Reply-To: Law Policy of Computer Communications [EMAIL PROTECTED] Sender: Law Policy of Computer Communications [EMAIL PROTECTED] From: John Noble [EMAIL PROTECTED] Subject: Ashcroft on encryption To: [EMAIL PROTECTED] "We're not going to outlaw photography because someone takes dirty pictures. People use it for good things and bad things - and it's the same with encryption." -- Missouri Senator John Ashcroft (Rep.) * John Noble ** For Listserv Instructions, see http://www.lawlists.net/cyberia Off-Topic threads: http://www.lawlists.net/mailman/listinfo/cyberia-ot Need more help? Send mail to: [EMAIL PROTECTED] ** --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Ashcroft on encryption
At 11:13 PM -0500 on 12/22/00, Dan Geer wrote: make that Attorney General Ashcroft. Indeed. Somebody on Mclaughlin Group gave him the "Fastest Comeback" award tonight. :-). Cheers, RAH -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
IP: Egghead scrambles to gauge damage - bad scene
--- begin forwarded text Date: Sat, 23 Dec 2000 19:10:04 -0500 To: [EMAIL PROTECTED] From: Dave Farber [EMAIL PROTECTED] Subject: IP: Egghead scrambles to gauge damage - bad scene Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Egghead scrambles to gauge damage An intruder may have poached the online electronics and computer retailer's database of 3.7 million customers, including credit card information. The FBI and security experts are on the case. By Robert Lemos and Ben Charny, ZDNet News December 22, 2000 12:37 PM PT Egghead.com scrambled on Friday to gauge how much of its 3.7-million-customer database had been stolen by intruders during an online theft, which experts believed happened the day before. "We're in continuous crisis mode here," said a consultant from physical and electronic security firm Kroll Worldwide--the experts called in when Egghead discovered the intrusion on Thursday. The consultant asked not to be named. http://www.zdnet.com/zdnn/stories/news/0,4586,2668562,00.html For archives see: http://www.interesting-people.org/ --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
The Physics of Quantum Information
--- begin forwarded text From: "Frank Sudia" [EMAIL PROTECTED] To: "Digital Commerce Soc" [EMAIL PROTECTED] Subject: The Physics of Quantum Information Date: Fri, 22 Dec 2000 15:36:12 -0800 Sender: [EMAIL PROTECTED] Reply-To: "Frank Sudia" [EMAIL PROTECTED] Bouwmeester, D., et al., "The Physics of Quantum Information: Quantum Cryptography, Quantum Teleportation, Quantum Computation," Springer Physics Astronomy Series (2000). ($54, Amazon) Good grief, buy this book. The quantum mechanical EPR states are now becoming so well understood that "realizations" are merely years away. This will allow us to deploy quantum states with strange properties in the design of pretty much any other system. (We still need it to work in solid state, with long decoherence times, but progress has been phenomenal since the famous Aspect experiment put this on the map in 1982.) [Also check out the tantalizing photos of multi-atom quantum computers at the University of Innsbruck: http://heart-c704.uibk.ac.at/ This site also has a lot of well written tutorial material, and is all in English, but you will understand it better after reading the book.] This volume is a survey of important recent results, with 43 authors, who are members of a worldwide scientific study group. The first third is a well written introductory text, intended for a wider audience, scannable at the "Scientific American" / "Science Magazine" level of literacy. The rest of it reviews the mathematics and (still primitive) experimental setups in more detail. My personal observations follow. I think I "got" all this, but scientific accuracy is not guaranteed -- Many of the principles involve "cat" states, wherein photons or particles are passed around (within a fiber network, or on a computer chip), carrying not yet determined states inside them, which are paired with other such particles far away. Each one is a little "Schroedinger's Cat," waiting for someone to open the box and look in. At that point the state of the far away particle is altered, and "classical information" is transferred instantaneously from point A to point B. Also, due to the immense complexity that can be represented inside a quantum superposition of states, usually in a trapped atom, problems that currently require exponential running times, in what is quaintly called "classical mathematics," will henceforth be solvable in logarithmic time. But presumably, even if factoring becomes easy, it won't matter, because we'll all be communicating securely via long distance quantum teleportation. A notional quantum telephone exchange is described. And believe it or not, you can design network repeaters that could transport the entangled quantum states over long distances. (This will be the second coming of optical networking, in 2007.) Quantum cryptography is discussed extensively, and one imagines that there must be considerable interest by well funded government agencies. For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Financial Cryptography 01 preliminary program
Grand Cayman is located on Seven Mile Beach. There are two restaurants and three bars, including pool-side service. The hotel has tennis courts and water sports services, and includes all the standard features of a Marriott Beach Resort. It is within walking distance of the many restaurants and shopping attractions located on Seven Mile Beach. The Marriott room rate is: US$299.00 This rate is based on single or double occupancy and is subject to a 10% government tax and a 10% hotel service charge. The hotel service charge includes bellmen and maid gratuities. The rooms are run of the house. Telephone: +1 345 949 0088 Fax: +1 345 949 3347 Please request the rate of US$299.00 for Financial Cryptography. COMFORT SUITES This is a new hotel, just open this season. It is located right next door to the Marriott Beach Resort, only 300 feet from the beach. Many room have ocean views. The hotel offers restaurant, bar, outdoor swimming pool, jacuzzi, water sports centre, gift shop, guest coin laundry, dry-cleaning, car hire, fitness centre, business centre, fax, and copier services. Suites Blocked for Financial Cryptography 01 are: Single Double Triple Studio Suites 170 180 190 Deluxe Suites 185 195 205 Studio Suites: open floor plan with one queen bed, sleep sofa and shower; can sleep 4 persons. Deluxe Suites: open floor plan with two double beds, sleep sofa and shower; can sleep 6 persons. Telephone: +1 345 945 7300 Fax: +1 345 945 7400 These rates are in US$ and are subject to a 10% government tax and a 10% service charge. They include a continental breakfast and complimentary coffee in the bedrooms. SLEEP INN RESORT The Sleep Inn Resort is located about 10 minutes' walk from the Marriott. It is the closest hotel to downtown George Town, a 15-minute walk along the scenic coast line. The Sleep Inn is not located on the beach but within easy walking distance. There is a swimming pool, a snack bar grill, a dive shop and a boutique. Single Room 120.00 Double Room 130.00 These rates are in US$ and are subject to a 10% government tax and a 10% service charge. Breakfast is included with both rates. Contact Josephine in reservations at the Sleep Inn. Telephone: +1 345 949 9111 Fax: +1 345 949 6699 Email: [EMAIL PROTECTED] Web Sites about the Cayman Islands The official Department of Tourism site: http://www.caymanislands.ky The official government and weather site: http://www.gov.ky Local news and issues: http://www.caymannetnews.com The official site for info on Financial Services: http://www.caymanfinance.gov.ky The national airline, Cayman Airways: http://www.caymanairways.com All of these sites have links to various other sites of interest on the Cayman Islands. Program Committee Matt Blaze, ATT Labs - Research Yair Frankel, Ecash Matt Franklin, UC Davis David Kravitz, Wave Systems Corp. Arjen Lenstra, Citicorp Philip MacKenzie, Lucent Bell Labs Avi Rubin, ATT Labs - Research Jacques Stern, Ecole Normale Superieure Kazue Sako, NEC Stuart Stubblebine, CertCo Paul Syverson (Chair), Naval Research Laboratory Win Treese, Open Market, Inc. Doug Tygar, UC Berkeley Michael Waidner, IBM Zurich Research Lab Moti Yung, CertCo Organizing Committee Program Chair: Paul Syverson ([EMAIL PROTECTED]) General Chair: Stuart Haber ([EMAIL PROTECTED]) Sponsorship Chair: Barbara Fox ([EMAIL PROTECTED]) Sponsors FC01 is sponsored by: Bibit Internet Billing Services http://www.bibit.com nCipher Corporation http://www.ncipher.com InterTrust Corporation http://www.intertrust.com If you are interested in sponsoring FC01, please contact the Sponsorship Chair at the email addresses listed above. For further information, please see the main FC01 conference web page at http://fc01.ai/. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
New book on encryption technology vs. NSA from Steven Levy, autho r of Hackers (fwd)
--- begin forwarded text Date: Tue, 19 Dec 2000 15:57:12 -0500 (EST) From: Chris Wysopal [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: New book on encryption technology vs. NSA from Steven Levy, autho r of Hackers (fwd) Sender: [EMAIL PROTECTED] Reply-To: Chris Wysopal [EMAIL PROTECTED] -- Forwarded message -- Date: Tue, 19 Dec 2000 14:30:31 -0500 From: "McCall, Tim" [EMAIL PROTECTED] Subject: New book on encryption technology vs. NSA from Steven Levy, autho r of Hackers Steven Levy, author of the 16-year-old classic Hackers, has written a new book entitled Crypto: When the Code Rebels Beat the Government--Saving Privacy in the Digital Age. In the tradition of Hackers, Crypto celebrates the work of cryptographers and makes a strong case for private freedoms over government intervention. Crypto will be released on January 8, 2001, and we will be reissuing Hackers (which has been out of print) on the same day. Endorsements for Crypto by Neal Stephenson, Kevin Kelly and David Kahn: "You've got to hear this story of how renegade geniuses and unlikely heroes liberated crypto from under the noses of spooks, and installed the code in the dream servers of dot-coms. This book persuaded me that despite the dangers of strong crypto (it gives a chance for evil to hide) providing it to the public was a Very Good Thing. Crypto not only makes e-commerce possible, it is also the first political movement in the digital era. Read about the future here." --Kevin Kelly, author of New Rules for the New Economy and Editor-at-Large, Wired Magazine "At last! The human story of the breakthroughs that gave us e-commerce and privacy on the Internet. Steve Levy has written cryptography's Soul of a New Machine.'" --David Kahn, author of The Codebreakers "Civilian crypto hardly existed three decades ago. Now we can't get cash from an ATM or buy something on the Net without it. To tell the story coherently is a service, and to tell it entertainingly is a favor to anyone with a stake in crypto--which nowadays means all of us. CRYPTO is a book that needed to be written and Steven Levy has written it. " -- Neal Stephenson, author of Cryptonomicon Author Bio Steven Levy is also the author of Hackers and Insanely Great: The Life Times of Macintosh, the Computer That Changed Everything. He is Newsweek's chief technology writer, a former writer for Macworld, and a frequent contributor to Wired. For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
nettime Interview with Eben Moglen on the decryption wars
--- begin forwarded text Date: Wed, 13 Dec 2000 12:06:31 -0500 From: Sina Najafi [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: nettime Interview with Eben Moglen on the decryption wars Sender: [EMAIL PROTECTED] Reply-To: Sina Najafi [EMAIL PROTECTED] Cabinet magazine has posted online a long version of an interview conducted in May with Eben Moglen on the cultural implications of the current "encryption/decryption wars." Moglen is general counsel to the Free Software Foundation (developer and distributor of GNU) and a professor at Columbia Law School. http://www.immaterial.net/page.php3?id=39 # distributed via nettime: no commercial use without permission # nettime is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: [EMAIL PROTECTED] and "info nettime-l" in the msg body # archive: http://www.nettime.org contact: [EMAIL PROTECTED] --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Snooping
--- begin forwarded text From: Somebody To: "R. A. Hettinga" [EMAIL PROTECTED] Subject: Snooping Date: Sun, 3 Dec 2000 22:37:03 - http://news.bbc.co.uk/hi/english/uk/newsid_1052000/1052341.stm Sunday, 3 December, 2000, 09:35 GMT Spy plans 'threat to human rights' Civil liberties campaigners have warned the government that granting police and secret services greater snooping powers would be a breach of human rights. It has been reported that British intelligence services and the police are seeking powers to log all telephone calls, e-mails and internet traffic in the UK. The Home Office has confirmed a report in The Observer newspaper that MI5, MI6 and the National Criminal Intelligence Service (NCIS) are jointly requesting new legislation requiring communication service providers (CSPs) to log phone calls and keep details for seven years. But campaign group Liberty has warned the proposal would breach the Human Rights Act and Data Protection Act and could see Britain hauled before the European Court of Human Rights in Strasbourg. 'Extraordinary idea' John Wadham, director of Liberty, said: "The security services and the police have a voracious appetite for collecting up information about our private lives, but this is an extraordinary idea. "This would violate the principles of the Data Protection Act and the Human Rights Act and the government should reject this idea now. Paul Boateng: "We must strike a balance" "If it goes ahead we will challenge this in the courts in this country and the European Court of Human Rights." A Home Office spokesman said: "We are currently considering their representations. However, no decisions have been taken at this stage." Speaking on BBC Radio 5 Live's Andrew Neil Show, Home Office minister Paul Boateng said the government would strive "to get the balance right" between the demands of industry and the demands of law enforcement. It is said the new powers are needed to tackle the growing problems of cyber crime, paedophiles' use of computers to run child porn rings, terrorism and international drug trafficking. 'Unquestionably lawful' The document, written by the deputy director general of NCIS, Roger Gaspar, said the new demands were necessary. He writes: "We believe that the Home Office already accepts that such activity is unquestionably lawful, necessary and proportional, as well as being vital in the interests of justice." Mr Gaspar estimates that a database to store all the information would cost about ?3m to set up and ?9m a year to run. Politicians have condemned the proposal. The Conservative peer and privacy expert Lord Cope told The Observer he was sympathetic to the need for greater powers to fight modern types of crime but had concerns about the proposal. "Vast banks of information on every member of the public can quickly slip into the world of Big Brother. I will be asking serious questions about this," he said. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Win Treese; So, Where's All the Financial Cryptography?
--- begin forwarded text Date: Tue, 28 Nov 2000 14:09:19 -0500 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Win Treese; So, Where's All the Financial Cryptography? Cc: Win Treese [EMAIL PROTECTED], Ted Byfield [EMAIL PROTECTED], Scott Moskowitz [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] [Note that the Harvard Club is now "business casual". No more jackets and ties... --RAH] The Digital Commerce Society of Boston Presents Win Treese, Fellow, VP Technology, Open Market, Inc. Fermi's Revenge: Systems Thinking for Financial Cryptography Tuesday, December 5th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA The technology of financial cryptography has promised many changes for the way that individuals and organizations do business, yet little progress has been made in real systems. In part, this is because the technology proposals--the crypto, the protocols, and occasionally code--are usually presented with little or no context for the total system in which they play. This talk will look at some of the systems issues, both technical and non-technical, that are critical for successful implementations of financial cryptography. Win Treese is a Fellow and Vice President of Technology at Open Market, Inc. At Open Market, he has contributed to the architecture and implementation of many of its products, with a particular focus on security. Before co-founding Open Market in 1994, he was a member of the research staff at Digital Equipment Corporation's Cambridge Research Laboratory. In 1999, Win was named a "High-Tech All Star" by Mass High Tech. He is co-author of the book "Designing Systems for Internet Commerce" and chairs theTransport Layer Security (TLS) Working Group of the Internet Engineering Task Force. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, December 5th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, December 2nd, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (We've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: TBD Ted Byfield Decentralized DNS Control TBD Scott Moskowitz Watermarking and Bluespike As you can see, :-), we are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, are a principal in digital commerce, and would like to make a presentation to the Society, please send e-mail to the DCSB Program Committee, care of Robert Hettinga, mailto: [EMAIL PROTECTED]. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' ~~ To unsubscribe from this list, send a letter to: [EMAIL PROTECTED] In the body of the message, write: unsubscribe dcsb-announce Or, to subscribe, write: subscribe dcsb-announce If you have questions, write to me at [EMAIL PROTECTED] --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity,
eRevolution: Europe shuns its own Net cipher
--- begin forwarded text To: "Ispo@Www. Ispo. Cec. Be" [EMAIL PROTECTED], "eRevolution@topica. com" [EMAIL PROTECTED] From: Larry Moffett [EMAIL PROTECTED] Subject: eRevolution: "Europe shuns its own Net cipher" Date: Fri, 24 Nov 2000 06:14:23 -0800 Reply-To: [EMAIL PROTECTED] That's the headline from a recent article in The Standard, referring to the "Rijndael" security algorithm developed by Belgian cryptographers that was chosen by the US Commerce Department to encrypt sensitive US government data. Rijndael won the competition, defeating entries from IBM, RSA and 12 others. The article reports that the European Commission, instead of adopting the same standard and showcasing it as a European technology success story, intends to continue with its own competition and postpone its decision until 2002. With all those lofty speeches at the IST conference in Nice praising European technological excellence still ringing in my ears, I'm sure the EC has its reasons... http://europe.thestandard.com/article/display/0,1151,12736,00.html?mail Larry --- Larry Moffett Managing Partner e-Strategy sprl-bvba Rue Defacqzstr. 1, B-1000 Brussels BELGIUM Tel +32 2 534 3400 Fax 544 1662 --- - eRevolution is the discussion list for the electronic revolution Unsubscribe: send blank email to [EMAIL PROTECTED] Post to the list: reply to this message or send to [EMAIL PROTECTED] ___ T O P I C A http://www.topica.com/t/17 Newsletters, Tips and Discussions on Your Favorite Topics --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Advance Notice: Digital Money Forum
--- begin forwarded text User-Agent: Microsoft-Entourage/9.0.2509 Date: Mon, 13 Nov 2000 19:07:59 + Subject: Advance Notice: Digital Money Forum From: "David G.W. Birch" [EMAIL PROTECTED] To: Bob Hettinga [EMAIL PROTECTED] Bob, We are currently assembling the programme for our annual Digital Money Forum. The 2001 Forum, the 4th such event, will be held in London on April Wednesday April 25th and Thursday 26th. We have set aside some speaking slots for members of the digital money community to take up, so I was wondering if you could use your usual reposting network to pass on this e-mail to places where relevant parties might see it. The Digital Money Forum is a not-for-profit event and is supported by sponsorship. This enables us to keep the cost of attending well below the typical cost of similar events and also enables us to provide complimentary places to a wide spectrum of people -- researchers, academics and others -- who might not normally attend such an event. This means that the range of opinions, ideas and discussions is wide and makes the event fun for the sponsors, speakers and attendees alike. The surplus from the event goes to charities in the Guildford area. To avoid wasting money (and trees) there won't be printed proceedings -- all proceedings will be on the web site -- although as usual we will choose some interesting books and magazines for delegates. As soon as the provisional programme is in place it will be posted at http://www.consult.hyperion.co.uk/forum/digmon4.htm If you would like to look at the programme from the 3rd Annual forum or download any of the presentations from that event, please visit http://www.consult.hyperion.co.uk/forum/digmoney3.htm If you are interested in presenting at the Forum or, even better, presenting and sponsoring then please contact me as soon as possible. Regards, Dave Birch. -- David G.W. Birch, Director. Consult Hyperion http://www.consult.hyperion.co.uk/ 8 Frederick Sanger Road mailto:[EMAIL PROTECTED] Guildford Tel:+44(0)1483 301793, Fax:+44(0)1483 561657Surrey GU2 7EB, UK Digital Identity Forum http://www.consult.hyperion.co.uk/forum/digid1.htm --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Globeset sat on...
"Virtual Visa", is, of course, the protocol formerly known as SET... Cheers, RAH --- begin forwarded text From: Somebody To: "R. A. Hettinga" [EMAIL PROTECTED] Subject: FT: Globeset staff cut Date: Wed, 1 Nov 2000 08:21:41 - Globeset staff cut By James Mackintosh Published: October 31 2000 22:22GMT | Last Updated: October 31 2000 22:27GMT Globeset, the Texas-based supplier of internet secure purchasing software to both the MasterCard and Visa credit card networks, has laid off almost all its 300 staff and closed its international offices after a cash crisis. The privately owned company is now operating on a skeleton staff and is believed to be looking for a buyer for its technology. Austin-based Globeset specialises in online payments and its backers - which are believed to have provided $66.5m in venture capital - are understood to include Deutsche Bank, American Express, Citigroup and Chase Manhattan. Oki Electric, which distributes Globeset's products in Japan, invested $2m in the company last month. Jack Antonini, appointed as chairman and CEO of Globeset in July, did not return calls on Tuesday. No one else at the company's headquarters could be contacted. Visa, which uses Globeset for its latest online purchasing software, said it was not panicking. "I am not a worried man," said Jon Prideaux, executive vice-president of Virtual Visa, the organisation's internet arm. "It doesn't have any impact in the short term and we are looking at three options going forward. Clearly it is an occupational hazard of working with start-ups that some of them do not succeed." He would not say what the options were, or whether Visa was considering an offer to buy the technology from Globeset. At the end of July, Mr Antonini told American Banker, a trade magazine, that revenues had quadrupled in a year and the company was "very solid, very strong, with a good group of investors". However, a senior executive at a rival company said: "Globeset had good technology but they didn't have the strength and depth of capital to expand their business around the world from Austin." The group's Slough, UK, office was still staffed on Tuesday but one employee, who refused to give his name, said: "The UK office is closed. As of the end of today we will no longer have an office in the UK." He confirmed that almost all US staff were told on Monday they no longer had jobs. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
CALL for Papers: The Millennium Mac-Crypto Conference
--- begin forwarded text Date: Tue, 31 Oct 2000 13:55:16 -0800 To: [EMAIL PROTECTED] From: Vinnie Moscaritolo [EMAIL PROTECTED] Subject: CALL for Papers: The Millennium Mac-Crypto Conference -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Take out your calendars, It's that time again folks. I am starting to put together the schedule for the Millennium Edition of the Mac Crypto/ Internet commerce workshop. The dates should be the week of Jan 29th, 2001. I have booked us space for that whole week, on the Apple Cupertino Campus . Henceforth, I am looking for folks to give talks, papers etc. This year's overall theme could cover "Security in a MacOS X world". I would like to see a number of talks related to how MacOS X changes the Macintosh threat model. In addition I would also like to see a few talks about lessons learned in the last few years about developing crypto related products. Maybe something about digital rights management or music. Digital cash talks are always welcome. I would like both technical and tutorial material. As usual I discourage simple marketing presentations without content, this is a technical group. Please try to keep the talks no more than 40 minutes with an additional 10 minutes allocated for for QA.. I suspect that there a a number of new people who have never been to a Mac Crypto. To get an idea about what this is all about take a look at the past three conference archives at http://www.vmeng.com/mc/ I will be posting a preliminary schedule, formal announcements and registration form in a month. In the meantime if you would like to give a talk, please send me the Title, Author's full name and email address and a small abstract I can post on the web-page. Once you have slides or possibly a pdf, please send me a copy I post or link to.. -BEGIN PGP SIGNATURE- Version: PGP 7.0 iQA/AwUBOf8/EtixAAkLPvBCEQIIfgCfR3RHnib58GqZ03fbb+m0Ngvw3nQAmwUl F1r76c977zboKxAIK+l6xw5C =0Tx+ -END PGP SIGNATURE- -- Vinnie Moscaritolo KF6WPJ ITCB-IMSH PGP: 3F903472C3AF622D5D918D9BD8B100090B3EF042 --- --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Ramzan and Van Someren; Minting Millidollars for Streaming Cash
--- begin forwarded text Date: Tue, 24 Oct 2000 19:13:50 -0400 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Ramzan and Van Someren; Minting Millidollars for Streaming Cash Cc: Ted Byfield [EMAIL PROTECTED], Scott Moskowitz [EMAIL PROTECTED], Ron Rivest [EMAIL PROTECTED], Adi Shamir [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- [Note that the Harvard Club is now "business casual". No more jackets and ties... --RAH] The Digital Commerce Society of Boston Presents Zulfikar Ramzan, Financial Cryptographer, MIT Laboratory for Computer Science and Dr. Nicko Van Someren, Financial Cryptographer, Chief Technology Officer, nCipher PLC, "Aspen" vs. "Hancock": Minting Millidollars for Streaming Cash Tuesday, November 7th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA Zulfikar Ramzan is currently a PhD student at the Massachusetts Institute of Technology where he works with the Cryptography and Information Security research group. At MIT, he works under the supervision of Professor Ronald Rivest, co-inventor of the RSA public-key cryptosystem and the Micromint micropayment protocol. He has authored a number of publications in the field of cryptography and has presented his research at various conferences in his field [including the International Conference on Financial Cryptography --RAH]. He holds a number of patents in data security, and some of his work is being considered for use in several national and international standards in the wireless communications industry. Mr. Ramzan has worked in cryptographic algorithm and protocol design with the Wireless Secure Communications group at Lucent Technologies. Upon graduation, Mr. Ramzan will join Lucira Technologies. Dr Nicko van Someren co-founded nCipher in 1996. As Chief Technology Officer Nicko leads nCipher's research team and directs the technical development of nCipher products. From 1993 to 1996, Nicko was Technical Director and co-founder of ANT Limited, where he developed hardware products and application software. Before that, he was employed as a Researcher by Xerox EuroPARC and as a Software Engineer by Atari Research and Perihelion Software Limited. Nicko has almost 20 years' experience in cryptography, software and hardware product development, and holds a Doctorate and First Class degree in Computer Science from Trinity College, Cambridge, UK. Zully Ramzan will talk about the proposed design of Aspen: a practical Micromint implementation for IBUC, the Internet Bearer Underwriting Corporation. In addition to going over the basic underlying protocols, he will discuss the various design and parameter choices. He will also examine the practical ramifications of these decisions. Thereafter he will discuss potential modifications and extensions that may be of use for future implementations of Aspen. The ideas he will present are based on discussions with Ron Rivest and Adi Shamir, the two co-inventors of Micromint. Nicko van Someren will then talk about the practical problems surrounding the implementation of a MicroMint. He will consider the engineering issues along with the economic issues and look at how the nature of MicroMint mandates various unhelpful deployment issues. He will also consider alternatives to MicroMint which aim to solve these issues. [Including a signature-based solution IBUC is calling, for lack of a better moniker, "Hancock", which would be about 100 times cheaper to prototype, much less get to market, and streaming cash on the wire in 3-6 months. :-) --RAH] Want to know what IBUC's going to do *now*? Come to the November DCSB meeting and find out. Appropriately enough, this meeting of the Digital Commerce Society of Boston will be held on Election Day, Tuesday, November 7th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, November 4th, or you won't be on
NSA wants it all
--- begin forwarded text From: [EMAIL PROTECTED] Date: Tue, 17 Oct 2000 13:06:30 -0400 (EDT) To: [EMAIL PROTECTED] Subject: NSA wants it all Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] http://foxnews.com/vtech/101700/nsa_fox.sml [snipped] # #War of the Web #NSA prepares the U.S. for battle online #Tuesday, October 17, 2000 # #The U.S. National Security Agency wants to do battle in cyberspace. # #"Information is now a place," Air Force Lt. Gen. Michael Hayden told #a major computer security conference in Baltimore on Monday. "It is #a place where we must ensure American security as surely as land, sea, #air and space." # #And the NSA - the military agency responsible for intercepting #communications worldwide - doesn't just care about defense. # #Ultimately the NSA must become the "security statement" of the U.S. #telecommunications and computer industries, just as he views the Air #Force as the "military statement" of the aviation industry, he said. #"How else does our society develop the tools we need to do what it #is that our agency has been charged to do?" --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
NSA Releases Reorg Reports
--- begin forwarded text Date: Tue, 17 Oct 2000 14:13:15 -0400 To: [EMAIL PROTECTED] From: John Young [EMAIL PROTECTED] Subject: NSA Releases Reorg Reports Sender: [EMAIL PROTECTED] Reply-To: John Young [EMAIL PROTECTED] NSA released today on its Web site two reports on its reorganization, one by an external team of 27 page, another of 76 pages by an internal team. Both are big PDF files. We have converted the first to HTML: http://cryptome.org/nsa-reorg-et.htm (77KB) Here is an excerpt: "We interviewed about one hundred people in the Agency, including most senior leaders, and asked very specific questions about the way people operate and the embedded culture. We learned the Agency is a very bureaucratic government organization, and that most of the behavior patterns were established during the 1970s and 1980s when there was plenty of money to execute its mission. NSA appears to operate like an entitlement program. Most people in the Agency are highly motivated and work very hard, but a portion does not. We also found a leadership culture that appears most interested in focusing on their positions and protecting their people's jobs at the expense of accomplishing the mission. Most of the people at NSA are hired night out of college and spend their entire lives in the Agency. Regardless of their work performance and their job responsibility, the Agency promotes people roughly at the same rate. The institution encouraged people to get deeply involved in the promotion process, to the point that civilian personnel wrote their own promotion reports, and supervisors endorsed the reports even if they did not agree, mostly to prevent animosity. However, the most critical aspect of the people and culture in the institution was the mindset related to lack of empowerment and accountability. NSA's present culture overemphasizes loyalty to a particular function and its associated senior leadership, instead of full and frank discussions of problems, issues and concerns. This has created a culture that discourages sending bad news up the chain of command. The staff knows NSA is falling behind and is not properly addressing the inherent problems of the emerging global network, and the present management infrastructure does not appear to be supporting the required changes. In addition, we are concerned the present mindset fostered a society where people were afraid to express their own thoughts. Even though people spoke to us with true candor, they always wanted to avoid attribution because of the perception that the information was going to be used against them." From: External Team Report: a Management Review for the Director, NSA, October 22, 2000 http://www.nsa.gov/releases/nsa_external_team_report.pdf (2.7MB) Second report: http://www.nsa.gov/releases/nsa_new_enterprise_team_recommendations.pdf (6.4MB) --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
[Mojonation-devel] New mojonation-ports list
--- begin forwarded text To: [EMAIL PROTECTED] From: Jim McCoy [EMAIL PROTECTED] Subject: [Mojonation-devel] New mojonation-ports list Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] List-Id: For developers hacking Mojo Nation code mojonation-devel.lists.sourceforge.net Date: Tue, 17 Oct 2000 12:06:12 -0700 We have created a new mojonation-ports list (hosted @ SourceForge, so mailto:[EMAIL PROTECTED] for subscribe requests) which will be used to discuss and coordinate efforts at porting Mojo Nation to new platforms. This will serve as a place for people working on ports to coordinate their effort and where questions about specific ports can be answered. jim mccoy AZI/Mojo Nation ___ Mojonation-devel mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/mailman/listinfo/mojonation-devel --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
simonsingh on bbc
--- begin forwarded text Date: Thu, 12 Oct 2000 13:05:57 -0400 Originator: [EMAIL PROTECTED] From: [EMAIL PROTECTED] To: Multiple recipients of list [EMAIL PROTECTED] Old-Subject: simonsingh on bbc Subject: simonsingh on bbc Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] I am currently presenting a TV series for Channel 4 in Britain, entitled The Science of Secrecy. It airs on Thursday nights at either 9.00 or 9.30pm until November 2. The final programme includes an exclusive interview with Clifford Cocks, the secret co-inventor of RSA. This is the first time that a British Government cryptographer has been permitted to talk about his work. Details of the series can be found on the Channel 4 website The series is accompanied by a book entitled The Science of Secrecy. Please note, this is an adaptation of The Code Book, and so it will not be of interest to anybody who has already read The Code Book. It has the advantage of following the series more closely and contains more illustrations. Hence, I would certainly recommend it to anybody who has not read The Code Book, and who wants to learn more about cryptography having watched the TV series. I hope that the TV series will be shown overseas, but as yet there are no plans to do this. http://www.simonsingh.com/cipher.htm --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
More fun with payment protocols (was Re: oh, sh__)
--- begin forwarded text Date: Mon, 09 Oct 2000 09:22:50 -0700 From: Somebody To: [EMAIL PROTECTED] Subject: oh, sh__ Bob, Please be careful about the forwarding of this epistle in it's entirety. The contents might be considered inflamatory. [moi? *I*'m not saying anything here, *you* are... :-) --RAH] But I recommend your synthesizing an opinion about it, and communicating to the usual suspects. See my "bottom line", at the end Well, 1st Data Corp has made their move, and it's a doozy: eONE Global, a new e-payments company capitalized with $600 million ($360 in assets transferred from First Data, $135 in equity investment from iFormation -- a GoldmanSachs, BCG, Genl Atlantic Partners creature -- and a commitment from the parties to kick in another $100 in cash). The headquarters are in Napa (Rutherford). Remember Rutherford Partners? With principals Robert W. Greer, Scott J. Loftesness, Garen K. Staglin? eOne Global has a Garen Staglin, President and CEO, located in Rutherford, CA. eONE Global has a Menlo Park office with a Managing Director by the name of Loftesness. Greer is also involved. Brochure at: http://www.eoneglobal.com Includes a slightly amusing and very gushy whitepaper http://www.eoneglobal.com/whtpaper.html (by Garen) News at: http://news.cnet.com/news/0-1007-200-3141623.html?tag=st.ne.1002.thed.ni Oh, yes...and by the way: "eONE Global welcomes inquiries from emerging payment technology companies with a business plan they are prepared to execute against. We require that a prospective strategic partner have proprietary rights to the technology it is presenting." See: http://www.eoneglobal.com/started.html I guess this means Scott has money now. Among the assets they own, or have and equity interest in are SurePay, CashTax, Yclip, MeetChina.com, Reciprocal, PassLogix, Achex, RRE Ventures (?1?) and others. In reality it's mostly the 1stData/EnTrust payment initiative SurePay. Bottom Line: This is a significant event, well capitalized, and an "instant company" because of the the transfer of some FirstData assets. However, their major challenges will be (a) they are already an operational company with a bunch of realworld operating challenges for the management team (who seem more venture, finance oriented), and (b) they don't yet have any breakthrough exciting technologies or products and need to acquire same. I actually wouldn't be too surprised to see them buy back eCashTechnologies, or do a JV with something like Spectrum or Wells/eBay. I'm afraid, though, that (in spite of their brave words about the need for innovation and new models) this venture is going to be inevitably tied to the current banking structure with which FirstData is so deeply in bed. I suspect that Rutherford Partners put up a bunch of half- baked intellectual property (as well as their bodies and a great spiel) to take over management of 1stData's total e-payment strategy. Quite a coup. --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
FinCEN report on e-cash
--- begin forwarded text Date: Sat, 07 Oct 2000 18:20:33 -0700 To: [EMAIL PROTECTED] From: John Muller [EMAIL PROTECTED] Subject: FinCEN report on e-cash Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] The Financial Crimes Enforcement Network has posted on its Web site http://www.treas.gov/fincen a report on regulatory and law enforcement issues presented by E-cash, E-banking and Internet gaming. This appears to be the document that was leaked to Declan McCullagh and previewed in a WIRED News article a few weeks ago, http://www.wired.com/news/politics/0,1283,38955,00.html John Muller [EMAIL PROTECTED] [EMAIL PROTECTED] "The humorless power of the state, the iron-fisted control demanded by the corporation, the sexless desire insinuated by broadcast advertising -- all are falling to networked imagination" Christopher Locke --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
UK Companies free to snoop on staff
Obviously, if someone who uses company assets for personal business deserves all the snooping he gets, at least theoretically, though certainly not in actual practice. The tweak in the British RIP vs. Eurocrat case here is that, same as it ever was, the nation-state is again quite literally expropriating the resources of employers by making them subject to a human "right". ;-). "The 'Poor'?? Are there no prisons?" Cheers, RAH (Who believes we'll *all* be proprietors some day, and none of this garbage will matter anymore...) --- begin forwarded text From: Somebody To: "Bob Hettinga" [EMAIL PROTECTED] Subject: UK Companies free to snoop on staff Date: Thu, 5 Oct 2000 18:10:08 +0100 http://news.ft.com/ft/gx.cgi/ftc?pagename=Viewc=Articlecid=FT39YW11WDCliv e=truetagid=YYY9BSINKTMuseoverridetemplate=IXLZHNNP94C Companies free to snoop on staff By Jean Eaglesham, Legal Correspondent Published: October 3 2000 20:28GMT | Last Updated: October 4 2000 00:41GMT British companies will be able to snoop on employees' e-mails and phone calls following a government decision to grant industry greater freedom to monitor staff. Under rules announced on Tuesday, from October 24 companies will be permitted "routine access" to any business e-mail and phone call to check whether they are business-related. Patricia Hewitt, the minister for e-commerce and small business, said that proposals to force companies to obtain agreement for most monitoring from both the senders and recipients of e-mails and phone calls had been abandoned. Trade unions criticised the move, saying it gave companies carte blanche to snoop on virtually any workplace communication. Union officials vowed to use the Human Rights Act to challenge the snooping rules. Lucy Anderson, employment rights officer at the Trades Union Congress, said: "Employers should not be allowed to routinely screen e-mail and phone calls, and certainly not without consent". Ms Hewitt denied the rules would allow businesses a free hand to snoop. She said: "There are limits they must not go over, such as intercepting personal calls for unjustified scurrilous interest." The rules would give "any business following them comfort they are not in breach of the Human Rights Act or the Regulation of Investigatory Powers Act [a new law on surveillance for law enforcement purposes]". It was complex balancing the needs of business with the rights of individuals in this area, Ms Hewitt said. "Because it's a complex issue, we have taken time to consult with business and I am confident the regulations will meet everybody's needs". Industry groups, which had condemned the earlier proposals as "totally impractical" and impossible to comply with, welcomed the government climbdown. Nigel Hickson, head of e-business at the Confederation of British Industry, said: "The changes are a big step forward. It is disappointing that the government did not consult business earlier as we would have liked to avoid unnecessary conflict". Lawyers pointed out that employers would have to contend with a mass of overlapping regulation on monitoring staff. The Data Protection Commissioner, a government regulator, will publish this week a draft code of practice on workplace surveillance, covering everything from e-mail monitoring to the use of CCTV cameras and drugs testing. Employers, particularly in the public sector, must also conform to the Human Rights Act. "Employers will have to juggle a lot of different provisions," said Eduardo Ustaran, a partner at Paisner Co, a law firm. "All these changes have to be managed calmly and without panic - there's a lot of panic around." The TUC said an early union-backed legal challenge to the new rules was likely, on the basis that they breached employees' new right to privacy under the Human Rights Act. Some lawyers have predicted that the act, which came into force on Monday, would force companies that routinely screen calls to allow employees access to unmonitored phones and e-mail for private purposes. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
NYT roundtable on Watermarking
http://partners.nytimes.com/library/tech/00/09/biztech/technology/20mirapaul.html ...with Esther Dyson, Orrin Hatch, yer average Napster user, a developer of Gnutella, the head of the RIAA, etc... Note Kan's comment on the persistence of watermarks, or the inability to achieve thereof, and Jim Griffin's "celestial jukebox" idea... Cheers, RAH -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
WPI Cryptoseminar, Wednesday, Sept 27
--- begin forwarded text Date: Tue, 26 Sep 2000 09:31:50 -0400 (EDT) From: Christof Paar [EMAIL PROTECTED] To: WPI Crypto Seminar: ; Subject: WPI Cryptoseminar, Wednesday, Sept 27 Sender: [EMAIL PROTECTED] Reply-To: Christof Paar [EMAIL PROTECTED] Here we go again, the Cryptoseminar starts again. As alway, attendance is free and everybody is welcome. - Christof Paar -- WPI Cryptography Seminar Elliptic Curve Cryptography on Smart Cards without Coprocessors Christof Paar WPI Wednesday, September 27 4:30 pm, AK 218 (refreshments at 4:15 pm) This talk describes joint work by Adam Woodbury, Dan Bailey, and Christof Paar. This talk will discuss how an elliptic curve cryptosystem can be implemented on very low cost microprocessors with reasonable performance. We focus in this paper on the Intel 8051 family of microcontrollers popular in smart cards and other cost-sensitive devices. The implementation is based on the use of an optimal extension field (OEF) which is particularly suited for low end 8-bit processors. Two advantages of our method are that subfield modular reduction can be performed infrequently, and that an adaption of Itoh and Tsujii's inversion algorithm is used for the group operation. We show that an elliptic curve scalar multiplication with a fixed point, which is the core operation for a signature generation, can be performed in a group of order 2^134 in less than 2 sec. Unlike other implementations, we do not make use of curves defined over a subfield such as Koblitz curves. This work was also presented at the CARDIS 2000 Smart Card Conference which was held last week in Bristol, UK. -- DIRECTIONS: The WPI Cryptoseminar is being held in the Atwater Kent building on the WPI campus. The Atwater Kent building is at the intersection of the extension of West Street (labeled "Private Way") and Salisbury Street. Directions to the campus can be found at http://www.wpi.edu/About/Visitors/directions.html ATTENDANCE: The seminar is open to everyone and free of charge. Simply send me a brief email if you plan to attend. TALKS IN THE SPRING 2000 SEMESTER: 9/27 Christof Paar et al., WPI Elliptic Curve Cryptography on Smart Cards without Coprocessors 10/11 Prof. William Martin, WPI Combinatorics in Modern Cryptography 10/25 Prof. Berk Sunar, WPI TBA 11/9 Susan Landau, Sun Microsystems Laboratories Have the Crypto Wars Been Won? 11/22 Seth Hardy, WPI Elliptic Curve Point Counting with the CM Method in Java TBA Adam Woodbury, WPI Public-key Cryptography in Constraint Environments (MS Thesis presentation) See http://www.ece.WPI.EDU/Research/crypt/seminar/index.html for talk abstracts. MAILING LIST: If you want to be added to the mailing list and receive talk announcements together with abstracts, please send me a short email. Likewise, if you want to be removed from the list, just send me a short email. Regards, Christof Paar ! WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS (CHES 2001)! ! Paris, France, May 13-16, 2001! ! www.chesworkshop.org ! *** Christof Paar, Assistant Professor Cryptography and Information Security (CRIS) Group ECE Dept., WPI, 100 Institute Rd., Worcester, MA 01609, USA fon: (508) 831 5061email: [EMAIL PROTECTED] fax: (508) 831 5491www: http://ee.wpi.edu/People/faculty/cxp.html *** For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Birthday Cake and Champagne -- DCSB's 5th Anniversary
--- begin forwarded text Date: Mon, 25 Sep 2000 11:54:44 -0400 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Birthday Cake and Champagne -- DCSB's 5th Anniversary Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- The Digital Commerce Society of Boston Presents well, The Digital Commerce Society of Boston, actually... "5 Years of Digital Commerce: An Anniversary Celebration" Birthday Cake and Champagne will be Served Tuesday, October 3rd, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA The Club's Dress Code is Business Casual At Noon, on Tuesday October 3rd, 1995, at the end of summer in a year when all commerce on the internet was measured in mere tens of millions of dollars, one year *after* the first book was bought over the net (not on Amazon, but using a PGP-encrypted credit card between two people on the cypherpunks list) the 29 folks below: Richard BlattPierre Bouchard Jeffrey Bussgang Travis J.I. Corcoran John DeYoung Gerald Gold Phillip Hallam-Baker Fredrick Hapgood Steven Hecht Craig Heim Robert A. Hettinga Arthur Hutchinson Owen D. Johnson Howard Kaye, Jr. John Kelly Rohit Khare Peter KrautscheidDavid Lash Yezdi Lashkari Norbert Leser Richard Lethin David Lindbergh Peter Loshin Kevin B. McLellan James O'TooleKen Rodrigues Richard Salz Jeffrey Sutherland Christopher Wysopal ...put on their suits and ties, went to Downtown Harvard Club of Boston on the 38th floor of the once-Shawmut, then-Fleet, now-Sovereign Bank Building. They had lunch, signed a membership book, and formed Boston Society for Digital Commerce, which, at the its next meeting, at the suggestion of Donald Eastlake "to make it more instantiable", changed its name to the Digital Commerce Society of Boston. Since then, every first Tuesday of the month (yes, we were the *first* first Tuesday, though not the First First Tuesday, :-)),with exactly two exceptions, one an act of God and the other an act of the Harvard Club and SailBoston :-), we've met, had lunch, schmoozed a bit, and listened to various principals in the business of digital commerce talk about how they do what they do. At the end of this message is a very long list of those who have spoken to DCSB so far. If we may say so, this list is indeed impressive, not only for the quality of the speakers and who they became, or even were at the time, but also for the prescience of their content. A lot of things have happened since then. Commerce on the net will soon be measured in trillions of dollars every year, and most people now believe that *all* commerce of any consequence will happen on the net soon enough. Oh. And the Harvard Club doesn't require a jacket and tie anymore. Why? Because of commerce on the internet, of course! :-). This meeting, we'll do something of a reprise of the first. Everyone will be given a chance to reminisce about the last 5 years, but more important, to predict three things that they think will happen in the next 5. Plus ca change, and all that. See you next week! This meeting of the Digital Commerce Society of Boston will be held on Tuesday, October 3rd, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or a money order, (or, if we actually know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, September 30th, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (We've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: NovemberZully Ramzan and Nicko van Someren "A Micropayment Shootout" As you can see, :-), we are actively searc
Re: Absolute Snakeoil
--- begin forwarded text Date: Fri, 22 Sep 2000 15:18:29 -0700 From: Somebody To: [EMAIL PROTECTED] Subject: Re: Absolute Snakeoil From the SafeMessage Faq What level of encryption is used in SafeMessage? Unfortunately, there is no straightforward answer to this question, because "level" doesn't mean anything in the encryption world. [le snippage] The bottom line is that there is no straightforward and concise answer to your question. We at AFTI have analyzed a number of encryption systems, and we believe SafeMessage to be more secure than any of the competition. But we can't provide a simple bit-count, for example, because our system encrypts the same data with several different ciphers and keys, some symmetric, some asymmetric from large fields, complicating the math of arriving at said bitcount. --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Absolute Snakeoil over and out.
--- begin forwarded text Date: Fri, 22 Sep 2000 15:15:14 -0700 From: Somebody To: [EMAIL PROTECTED] Subject: Re: Absolute Snakeoil over and out. I was hoping to find somebody working on real peer to peer, and they sort of are. Here's the summary: a) encrypted messaging amongst a pre-registered population who have bought the software b) flexible transport options (you can deliver a message by): i. socket-to-socket; ii. ssl/http mediated through Absolute Snakeoil servers (for firewall subversion) iii. encrypted store and forward through Absolute Snakeoil servers c) corporate purchasers are run their own Snakeoil servers, but these "VPN"s can be enabled to speak to other corporations' Snakeoil servers. No discussion of the PKI implications of this whole approach. NETNET: Somebody should embed PGP code into the AOL Instant Messanger framework (AIM), and you'd be in the same place, with open-source pre-vetted crypto and an established approach to PKI (none). Probably somebody has. --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
FC'01 Final Call for Papers
--- begin forwarded text Resent-From: [EMAIL PROTECTED] Resent-Date: 23 Sep 2000 18:14:31 +0200 Resent-To: [EMAIL PROTECTED] Date: Mon, 11 Sep 2000 17:08:37 -0400 (EDT) From: Paul Syverson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: FC'01 Final Call for Papers Resent-Sender: [EMAIL PROTECTED] Final Call for Papers Financial Cryptography '01 February 19-22, 2000 Grand Cayman Marriott Beach Resort Cayman Islands, BWI Original papers are solicited on all aspects of financial data security and digital commerce in general for submission to the Fifth Annual Conference on Financial Cryptography (FC01). FC01 aims to bring together persons involved in the financial, legal and data security fields to foster cooperation and exchange of ideas. Relevant topics include Anonymity Protection Infrastructure Design Auditability Legal/ Regulatory Issues Authentication/Identification Loyalty Mechanisms Certification/AuthorizationPayments/ Micropayments Commercial TransactionsPrivacy Issues Copyright/ I.P. Management Risk Management Digital Cash/ Digital Receipts Secure Banking Systems Economic Implications Smart Cards Electronic Purses Trust Management ImplementationsWaterMarking INSTRUCTIONS FOR AUTHORS: Electronic submission strongly encouraged. (Instructions available at http://www.fc01.uwm.edu). Alternatively, send a cover letter and 15 copies of an extended abstract to be received no later than October 13, 2000 (or postmarked by October 6, 2000 and sent via airmail) to the Program Chair. The extended abstract should start with the title, names of authors, abstract, and keywords followed by a succinct statement appropriate for a non-specialist reader specifying the subject addressed, background, main achievements, and significance to financial data security. Submissions are limited to 15 single-spaced pages of 11pt type and should constitute substantially original material. Panel proposals are due no later than November 27, 2000 (or postmarked and airmailed by November 20). Panel proposals should include a brief description of the panel and a list of prospective panelists. Notification of acceptance or rejection of papers and panel proposals will be sent to authors no later than December 8, 2000. Authors of accepted papers must guarantee that their papers will be presented at the conference and must be willing to sign an acceptable copyright agreement with Springer-Verlag. Use the above address for electronic submissions or send hardcopy to: Paul Syverson, FC01 Program Chair Center for High Assurance Computer Systems (Code 5540) Naval Research Laboratory Washington DC 20375 USA email: [EMAIL PROTECTED] Web: www.syverson.org phone: +1 202 404-7931 PROCEEDINGS: Final proceedings will be published by Springer Verlag in their Lecture Notes in Computer Science (LNCS) series. Preproceedings will be available at the conference, but final versions will not be due until afterwards, giving authors the opportunity to revise their papers based on presentations and discussions at the meeting. Program Committee Matt Blaze, ATT Labs - Research Yair Frankel, Ecash Matt Franklin, UC Davis David Kravitz, Wave Systems Corp. Arjen Lenstra, Citicorp Philip MacKenzie, Lucent Bell Labs Avi Rubin, ATT Labs - Research Jacques Stern, Ecole Normale SupĂˆrieure Kazue Sako, NEC Stuart Stubblebine, CertCo Paul Syverson (Chair), Naval Research Laboratory Win Treese, Open Market, Inc. Doug Tygar, UC Berkeley Michael Waidner, IBM Zurich Research Lab Moti Yung, CertCo Important Dates Extended Abstract Submissions Due: Oct. 13, 2000 Panel Proposal Submissions Due: November 27, 2000 Notification: Dec 8, 2000 Electronic submission information: See http://www.fc01.uwm.edu General Chair Stuart Haber, InterTrust STAR Lab Electronic Submission chair George Davida, UWM Further Information about conference registration and on travel, hotels, and Grand Cayman itself will follow in a separate general announcement. FC01 is organized by the International Financial Cryptography Association. Additional information will be found at http://fc01.ai --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Loud-who?
http://www.thestandard.com/article/display/0,1151,18811,00.html Universal Music Group hires Loudeye.com to encrypt streaming media for them. Intrestingly, some people from loudeye.com show up on the cryptix email discussion list archives, when I started looking them up on alltheweb.com... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Net security leader nCipher heads for float
--- begin forwarded text From: Somebody To: "Bob Hettinga" [EMAIL PROTECTED] Subject: Net security leader nCipher heads for float Date: Wed, 20 Sep 2000 10:48:09 +0100 Net security leader nCipher heads for float by NICK GOODWAY Cambridge-based nCipher, one of Britain's leading internet security companies, is to float on the stock market with an expected value of around £250 million. Best known for its security hardware, which is dipped in epoxy plastic to prevent it being tampered with, nCipher's blue-chip client list includes Barclays, Abbey National and Pricewaterhouse-Coopers in this country and the US Navy, Fidelity Brokerage and Microsoft's Hotmail overseas. The company was founded in 1996 by brothers Alex and Nicko van Someren and its hardware and software protection products include nForce, nShield and KeySafe. Currently loss-making, it saw revenues more than double in the first half of this year to £5.5 million. Ahead of its flotation nCipher has appointed Jamie Urquhart, chief operating officer of high-flying chip designer and near neighbour ARM, as a non-executive director. Venture capitalists 3i, Newbury Ventures, Celtic House and France's Viventures all have significant stakes. The founding brothers own 12% between them while other staff and employees own 15%. Chief executive Alex van Someren said: 'The float will give us the ability to move on to our next phase of development.' Sponsor Deutsche Bank is expected to issue a pathfinder prospectus shortly with flotation likely in the next month or so. © Associated Newspapers Ltd., 20 September 2000 --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Hmmmm... (was Re: Cypherpunks et. al.'s RSA Patent ExpirationComposite Party -Sept. 21)
--- begin forwarded text Date: Fri, 15 Sep 2000 16:09:55 -0700 From: Somebody To: "R. A. Hettinga" [EMAIL PROTECTED] Subject: Re: Cypherpunks et. al.'s RSA Patent Expiration Composite Party -Sept. 21 The S.F. Rave will include the following (note particularly the final speaker): Dave Del Torto, CryptoRights Foundation Cindy Cohn, Electronic Frontier Foundation Ian Goldberg, Zero Knowledge Systems Matt Blaze, ATT Research John Gilmore, Electronic Frontier Foundation Keynote/The Last Word: David Chaum (with a special announcement!) --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
RSA Patent Expiration Composite Party - Sept. 21
--- begin forwarded text Subject: RSA Patent Expiration Composite Party - Sept. 21 To: [EMAIL PROTECTED] Date: Wed, 13 Sep 2000 16:18:57 -0400 From: Ian Goldberg [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: Ian Goldberg [EMAIL PROTECTED] As most of you know, the RSA patent expires next week (that they issued a press release waiving some rights early notwithstanding). We've been waiting a *long* time for this, and now we're throwing a long-anticipated party to celebrate! This is a benefit for the CryptoRights Foundation, which, among other things, promotes the use of cryptography by Human Rights workers in "less-friendly" countries in order to protect both the workers and the people they're trying to interview and help. [If you've never heard a talk by one of these people who goes to train said human rights workers in the use of crypto and steganography, you should get someone to tell you about it; it's not otherwise obvious how related the fields are, and it's extremely enlightening.] There will be no charge at the door, but t-shirts and stuff will be available to buy. You need to reserve (free) tickets in advance, though, which can be had by emailing [EMAIL PROTECTED]. Below is the full announcement. Corporate stuff starts at 8, music starts at 10. Let people know about this, and I hope to see you there! - Ian A copy of this note will be at: http://www.cryptorights.org/benefit http://www.shmoo.com/rsa Celebrate with us as we celebrate the end of an era The Big RSA Patent Expiration Composite Party A fundraiser for the Cryptorights Foundation (http://www.cryptorights.org/) September 21, 2000 8PM-2AM produced by Cryptorights Foundation BPM Consulting International with special thanks to our Gold Sponsor Certicom also sponsored by VA Linux Electronic Frontier Foundation PAIP International The Shmoo Group The Secret Order of Former Primes The Great American Music Hall 859 O'Farrell St. (between Polk Larkin) 21+ http://www.musichallsf.com/info/directions/ By invitation only. In order to receive your invitation, send an email with the # of people who plan to attend to mailto:[EMAIL PROTECTED] Entrance is free, but the Cryptorights Foundation will be accepting donations at the door. The first few hours will feature short speeches and presentations from luminaries in the fields of cryptography and human rights. We will present awards to various individuals for technical and activist contributions. The tail end of the presentations will feature a "Wheel of Fortune" with by your friendly hosts, John Gilmore and Cindy Cohn from the Electronic Frontier Foundation. Solve the puzzle (donation suggested) or buy one vowel and benefit human rights! Finally, at 10:00PM, the beats will drop and your evening will end with the slamming techno sounds of the San Francisco underground! Featuring Sameer (FnF, Cloudfactory, Urban Wasteland, Mad Hatter, trustcrew) Sameer has been active in the San Francisco underground throwing parties since 1993. In 1999 with some of the crew he met through Friends Family he started throwing the legendary Urban Wasteland parties in urban renegade locations in and around the East Bay. He also picked up his first slab of wax in early 1999 and has been playing sick pounding techno at parties around the world since then. He is also involved in producing a weekly club in Oakland called the Mad Hatter. Sameer is also known as the founder of C2Net, the company that pioneered the international development of strong cryptography to avoid United States export restrictions. DJ Tektrix (Sister, Tetractys, Influence Recordings) Cary, a/k/a DJ Tektrix, moved to San Francisco in 1997. Since then Tektrix has played alongside DJs such as Forest Green, Twerk, Terrac, Plateshifter, Mike Sims, Darin Marshall, Sean Murray, J-Bird, Tom L-G, 2x4 with DJ Zeel, Sifu, HoneyB, and Ethan. In 1999 she threw a party called Circle that took place at the Mother's Cookies Warehouse, conducted weekly live internet and pirate radio broadcasts on Vulcan Free Radio, and this year became a resident at Tetractys and Sister. She has played at parties such as Static, Circle, Overworld, and Topica. Forest Green (Cloudfactory, Sister, XLR8R, technologix, FnF) Forest Green has been throwing down beats with the sickness for several years. She has traveled both across the nation and into Canada to bring the sick Techno sound to those in need. you might also know her as one of the starring DJs from the hit underground movie Groove! --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ".
Deutsche Bank to advise NCipher
--- begin forwarded text From: Somebody To: "Bob Hettinga" [EMAIL PROTECTED] Subject: Deutsche Bank to advise NCipher Date: Mon, 11 Sep 2000 08:48:40 +0100 COMPANIES FINANCE: UK: Deutsche Bank to advise NCipher Financial Times, Sep 11, 2000, 252 words NCipher, the Cambridge-based internet security company, will this week move closer to floating, when it announces the appointment of Deutsche Bank as financial adviser, and the expansion of its board. A public offering could see the two brothers who founded the company - Alex and Nicko van Someren - join the select band of East Anglian technology millionaires. Although NCipher de-clined to confirm a date for the flotation, analysts expect an offering later this year. The appointment of Jamie Urquhart, chief operating officer of ARM Holdings, the semiconductor chip design company, as a non-executive director is seen as improving its credentials in the city. In previous rounds of venture funding, NCipher was valued at Dollars 100m (Pounds 62m). Since then sales, led by the US, have increased sharply to Pounds 3.3m in the three months to June 30, compared with Pounds 2.2m in the preceding quarter and Pounds 4.7m for of 1999. Some 30 per cent of the company remains with employees and the founders. Analysts said the fact NCipher produces both hardware and software made it difficult to compare for valuation purposes with security software companies, such as Baltimore Technologies. Its main product is a small hardware plug-in, costing between Pounds 3,000 and Pounds 10,000 each, for computer servers which store customer details securely while accelerating encryption. Early customers were online brokerages. It is now targeting business-to- business websites and the wireless market. It has formed a partnership with Identrus, a global venture backed by eight international banks to provide services for the financial sector. Product margins are above 50 per cent, although direct competitors have to date been few, and include Rainbow Technologies, a US security specialist, and the hardware manufacturers, Hewlett-Packard and Compaq. The company does not predict profits until 2002. --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: RSA Expiration Fundraiser for EFF, Downtown Harvard Club ofBoston
-BEGIN PGP SIGNED MESSAGE- The Members of The Digital Commerce Society of Boston, Rent this Space* :-), and The Internet Bearer Underwriting Corporation In Celebration of the EXPIRATION OF THE RSA PATENT invite the Digital Commerce Community to cocktails and an evening fundraiser for the recent litigation efforts of THE ELECTRONIC FRONTIER FOUNDATION Special Guests to Be Announced Wednesday Evening September 20, 2000 5:30 to 8:30 PM The Downtown Harvard Club of Boston One Federal Street, 38th Floor Boston Free hors d'oeuvres Cash Bar Beautiful views of Boston Harbor at night Requested minimum donation $35 The event's goal is $10,000 RSVP (or for *sponsorship :-)), Robert Hettinga, Moderator, The Digital Commerce Society of Boston, mailto: [EMAIL PROTECTED] The Club's new dress code is "Business Casual", whatever *that* means... -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.8 for non-commercial use http://www.pgp.com iQEVAwUBObZiU8UCGwxmWcHhAQEcxAgAhABrdq+bcxPDMYcjyaYDFFkPq3s8Ymnk 6SqQmqWRTOaK7+cK+AVXuleNtSk13EMPRBtOLq56HRQH3Ea8/GpW8Oe1xpXQJf/c 4ASX4FfApS78jP+9qFVLiN6F8xqUKCJMDSaa0nqwbmc4XBzMMpHCNKFhWEdYqur9 Mkf8N7IYJcItPbpMcC6QUoNTVg1wQLt3rptZnsEyHyTWgge2z1lRO8Jt38m6NfS9 5ZPem8IkUpYjcIpqQVw2DhsoRO6v/jYZxeulNHty26hxbME2RnLfxEMuaCoqq5aM zWPkRLMSyhYqo0POsSpOLg1FjA6wgMA0GTi0BbeDKqWGsSH25Av5Fw== =o7iR -END PGP SIGNATURE- -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Chilling effect (was Re: Media Giant To Sue Itself over DeCSS Links?)
--- begin forwarded text Priority: normal Date: Wed, 30 Aug 2000 14:33:55 -0400 Reply-To: Law Policy of Computer Communications [EMAIL PROTECTED] Sender: Law Policy of Computer Communications [EMAIL PROTECTED] From: Michael Sims [EMAIL PROTECTED] Subject: Chilling effect (was Re: Media Giant To Sue Itself over DeCSS Links?) To: [EMAIL PROTECTED] Seth Finkelstein wrote: Regarding DeCSS, Kaplan is very clear. Even if the publicity spreads the code far and wide, he will "serve notice" that the courts *can* and *will* come after anyone who does not have the desired "appropriate respect for intellectual property rights". As I keep trying to convey, these sort of rulings *work*. Maybe not 100.0%, not to every programmer in every situation. But I think the benefit that the plaintiffs got out of Kaplan's ruling is well worth any number of mirrors and folk songs. Here is a story submission received by slashdot.org today: = [redacted] writes "I am a student at Northwestern University and just got locked out of my account because my webpage had a copy of the DECSS code. Apparently the university got the threatening letter [link to 2600.com's post today] instead of me, and so they have just locked me out of my account and have gotten the university lawyers involved. 2600 is calling for everyone to post the DECSS code, but if people are really going to start getting in trouble for this stuff, some of the charm of all this electronic activism is going to start to rub off. The corporations may not have a good idea about the nature of code and the net, but they *do* have powerful legal teams that can lean quite heavily on activists." = I don't believe it could be said any better. This is one of a dozen or more similar submissions received today. ISP accounts cancelled. DSL lines taken down. Etc. The war is very real, and people are getting hurt. Oh, I suppose they aren't bullets, but the harm can still be substantial. If the above person is banned from the school computer system and flunks out, the harm will be significant indeed. Lawyers on this list who have an ounce of activism in their bodies ought to consider taking sides, and doing more than yakking on cyberia-l. It is myopic and wrong to assume that eventually, everything will work out, and all these silly corporations will realize they "can't" censor the net, and take their silly notions of copyright law and go home. There is every chance that this war will be lost, and lost thoroughly. -- Michael Sims - The Censorware Project - http://censorware.org Your Rights Online - http://slashdot.org/yro Faith: not *wanting* to know what is true. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
set-dev mailing list closing down
--- begin forwarded text Date: Tue, 22 Aug 2000 17:50:19 -0700 From: Elgin Lee [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: set-dev mailing list closing down Mail-Followup-To: [EMAIL PROTECTED] User-Agent: Mutt/1.2i Sender: [EMAIL PROTECTED] To all set-dev subscribers: I regret to announce that the set-dev mailing list will be closing down. It's been a wonderful four years, but for a number of reasons it no longer makes sense for SPYRUS/Terisa to operate the set-dev mailing list. The good news is that the set-dev community lives on, and so will this avenue of communication for the SET development community. All the subscription information for the set-dev and set-dev-digest mailing lists have been forwarded to SETCo. Look for a message from SETCo with more information about a replacement list for the SET development community at large. Best regards, Elgin Lee set-dev list maintainer --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Hapgood and Johansson; Post-Napster Models for Digital Commerce (and a special announcement!)
--- begin forwarded text Date: Fri, 11 Aug 2000 10:39:53 -0400 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Hapgood and Johansson; Post-Napster Models for Digital Commerce (and a special announcement!) Cc: "Eric S. Johansson" [EMAIL PROTECTED], "Fred Hapgood" [EMAIL PROTECTED], Zulfikar Ramzan [EMAIL PROTECTED], Nicko van Someren [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- [Please note the special DCSB 5th Anniversary announcement at the bottom of this message. --RAH] The Digital Commerce Society of Boston Presents Fred Hapgood and Eric Johansson presenting "Post-Napster Business Models for Digital Commerce" Tuesday, September 5th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA The Club's Dress Code is Business Casual Fred Hapgood and Eric Johannson will examine various ideas claiming to represent "online business models for the post- Napster music industry." These include paid admission to interactive online performances, an "official Napster", and systems based on voluntary payments. Attention will be given to how systems based on voluntary payments might work, what kinds of business models make sense in a voluntary payment context, and the implications of voluntary payment structures for other intellectual property issues. Fred Hapgood is a free lance writer specializing in business technology issues and trends. Eric Johansson has over 20 years of high level system and software design experience, with particular emphasis on Internet system design. For the past five years, Eric has headed Internet Guide Services, specializing in the design, configuration, and remediation of complex Internet-based systems. Among others, his clients have included EGG, BBN, AllMedia Solutions, ZipLink, and Harvard Pilgrim Health Care. He has extensive experience with UNIX systems, Internet server configuration/design, and communication architectures. Prior to founding Internet Guide Service, Eric held senior-level engineering positions with Polaroid Corp., Wang Laboratories, Ziff-Davis, and Computervision. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, September 5th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or a money order, (or, if we actually know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, September 2nd, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (We've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: October Birthday Cake and Champagne DCSB 5th Anniversary NovemberZully Ramzan and Nicko van Someren "A Micropayment Shootout" As you can see, :-), we are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, are a principal in digital commerce, and would like to make a presentation to the Society, please send e-mail to the DCSB Program Committee, care of Robert Hettinga, mailto: [EMAIL PROTECTED]. - Special Announcement! DCSB Turns Five on October 3rd When we started the Digital Commerce Society of Boston (originally the Boston Society for Digital Commerce, we made the name more, um, instantiable, a couple of months later) at lunch on Tuesday, October 3rd, 1995 it was barely proper to consider actually *selling* anything on the internet at all. In the beginning of 1995, most of us figured that *maybe* a few tens of millions of dollars in transactions would be executed on the internet th
Final Program CHES 2000
of prime numbers. 2:50 - 3:00 pm CONCLUDING REMARKS 2:30 - 4:30 pm Shuttle Service will be provided between WPI, the Crowne Plaza Hotel and Courtyard Marriott NOTES: - Invited talks are 40 min - Regular presentations are 20 min long - The Thursday program is from 8:45 am - 5:00 pm - The Friday program is from 9:00 am - 3:00 pm For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Digital Commerce Society of DC list started...
-BEGIN PGP SIGNED MESSAGE- Some people have started an email discussion list to talk about the possible founding of a Digital Commerce Society of the District of Columbia. You might want to look at the URL, below, for details (such as they are so far), and to sign up. Cheers, Robert Hettinga, Moderator, The Digital Commerce Society of Boston - --- begin forwarded text From: [EMAIL PROTECTED] Date: Mon, 17 Jul 2000 20:30:23 -0800 (AKDT) Subject: Welcome To "Dcsdc"! To: [EMAIL PROTECTED] List-Id: Digital Commerce Society - Washington DC dcsdc.shmoo.com Welcome to the [EMAIL PROTECTED] mailing list! To post to this list, send your email to: [EMAIL PROTECTED] General information about the mailing list is at: http://www.shmoo.com/mailman/listinfo/dcsdc If you ever want to unsubscribe or change your options (eg, switch to or from digest mode, change your password, etc.), visit your subscription page at: http:[EMAIL PROTECTED] You can also make such adjustments via email by sending a message to: [EMAIL PROTECTED] with the word `help' in the subject or body (don't include the quotes), and you will get back a message with instructions. You must know your password to change your options (including changing the password, itself) or to unsubscribe. It is: snarge If you forget your password, don't worry, you will receive a monthly reminder telling you what all your shmoo.com mailing list passwords are, and how to unsubscribe or change your options. There is also a button on your options page that will email your current password to you. You may also have your password mailed to you automatically off of the Web page noted above. - --- end forwarded text -BEGIN PGP SIGNATURE- Version: PGP 6.5.2 iQEVAwUBOXRdgcUCGwxmWcHhAQGJwQf/biumgBxlbeAZlp6nJoPhCGMRzR/b0qPE AfPXTb8a82WaJvQTEPhpMXQqnn2a+7CiZJSiQnXurrOqPTennzBtybKYuoZtyON3 aXafAyuXitSj16dZeKd6Gu6QiD2qpfUBZp94usPdoslZ3eAxGIZTZ37Cv4K1hoKW 4ppdDkXzRzDKAdsu48O6KSx7B5uu+1vXFNrMu7ROVD4zkv7xlAkBRSfaEl7Z5FP0 0uwFYp8GV0QSgRKPiHbDSn0deU5XYYHWY5Rb2/f8OyDWcFjVz6XurV+YxqNji6kn 1ALllD+OKNxQEk42Ho+pHUp+/LjyzVQvBOTlffyBd3nrVxHzLgsS9w== =bdhR -END PGP SIGNATURE- -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Podesta's speech?
...Anyone know what Podesta said at the National Press Club this morning? Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
FYI: a pessimistic look at security
--- begin forwarded text Date: Sat, 24 Jun 2000 11:57:38 +0100 To: Digital Bearer Settlement List [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: FYI: a pessimistic look at security Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] --- begin forwarded text Date: Sat, 24 Jun 2000 06:48:16 -0400 (EDT) From: Andrew Odlyzko [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: FYI: a pessimistic look at security Bob, Here is a rather cynical opinion piece from the June 2000 issue of iMP magazine. The published version is at http://www.cisp.org/imp/june_2000/06_00odlyzko-insight.htm. Best regards, Andrew Cryptographic abundance and pervasive computing Andrew Odlyzko ATT Labs Florham Park, NJ 07932, USA [EMAIL PROTECTED] http://www.research.att.com/~amo Moore's Law and related "laws" describing the steady progress in a variety of basic technologies are about to usher in a new era of pervasive computing. We will be surrounded by devices with intelligence built into them. They will require better security than we have been used to in the PC era to prevent chaos and disasters. These same technological advances will also produce an era of cryptographic abundance, where the cost of implementing security algorithms will seem to be trivial. This will lead to a new and welcome freedom in security design, which has, until now, been hampered by performance limitations. However, the net gain is likely to seem disappointingly small. Why, then, this paradox, where a wealth of technologies will seem to yield small fruits? The need for information security in civilian applications was realized in the early 1970s. This led to a surge of unclassified research in cryptography. The results have been negative in that no rigorous formal proofs of security have been found for any practical cryptosystems. On the other hand, they have been positive in that a sense of comfort about the safety of some types of algorithms has been developed. . The time to crack the best symmetric cryptosystems (where the sender and recipient share a common key before the start of the session) is an exponential function of the size of key. ("Exponential" is used here in the precise mathematical sense of the term, not the colloquial usage denoting anything that is hard.) This means that small increases in key size have very large time consequences for the attacker. However, the hardware and software complexities of implementing and running these algorithms increase slowly for legitimate users. This means that key sizes and the complexities of the algorithms do not have to increase much to protect against any foreseeable advances in conventional hardware, which constitutes a practical, if not a theoretical, limit to what is possible. (For the time being, they even seem proof against quantum computers, potentially the most disruptive technology on the crypto scene.) In particular, the current crop of algorithms being considered for the next encryption standard all appear adequate for the next century. This is in marked contrast to the current standard, DES, which was widely criticized even when it was designed for being insufficiently strong. The justification for the 56-bit key size in DES was that anything larger would be too expensive to implement. Over the last three decades, we have labored under the constraint that secure cryptosystems required too much computation to be performed easily. These constraints are disappearing. Moore's Law is producing general purpose processors that can handle the necessary crypto functions in a negligible fraction of their capacity. Tiny special purpose chips can also be produced inexpensively for fulfilling the crypto demands of special applications. Thus we are about to be freed from the constraints of the past. (This is even true for public key schemes. These algorithms, crucial for digital signatures and key management, do not require the communicating parties to possess a shared key that only they have. The computational requirements of these methods are still considerably higher than for symmetric ones, but progress in electronics is overcoming even this barrier.) Yet this new freedom is likely to make little difference in practice. Strong cryptography is required for security. However, strong cryptography alone does not guarantee security. Almost all security problems that keep surfacing with monotonous regularity are caused by economic and social factors, not defects in mathematical cryptography. There are no signs that this situation is about to change. The economic constraint comes from the desire for novelty over usability and security. Some of it can be blamed on the structure of the industry. It is software developers that Microsoft caters to, not the final users, and
EFCE Prelim Programme
--- begin forwarded text Date: Mon, 12 Jun 2000 01:11:58 -0400 (AST) From: Ian Grigg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: EFCE Prelim Programme Cc: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] EFCE 2000 - Preliminary Programme The First Edinburgh Financial Cryptography Engineering Conference 23-24 June 2000, Edinburgh, Scotland __ / \ /\ |Keynote by Ir. Simon Lelieveldt | | | |Lessons from the history of Dutch Payment Systems | | | | A walk through Dutch payments history, | | including the Amsterdam Exchange Bank | | (1608), the Municipal Giro 1916, and | | on to the most competitive chipcard | | money environment in the world today. | \/ \__/ "E-Commerce is Financial Cryptography" Friday - Day 1 - 23rd June Ir. Simon Lelieveldt - Keynote, see above. Edwin Woudt - Financial contracts with OpenPGP. A format for signed and parsable contracts that is suitable for describing online instruments. Amir Herzberg - IBM Micropayments as a basis for ecommerce interoperability. Neil Garner - MAOSCO. Downloading digital IDs securely onto blank MULTOS cards and then using the ID to complete non- repudiable transactions. (lunch) Invited Financial Cryptography speaker Douglas Jackson - e-gold Ltd, the leading online currency reserved in physical metal, will be shown transacting over POS devices such as WAP phones. Ian Grigg - WebFunds, a Java application that acts as a host and platform for payment systems such as SOX, and user features such as email payments. Saturday - Day 2 - 24th June Rachel Willmer - the Intertrader CashBox. A payment management system which supports Internet loading and spending of a variety of Internet payment types, including the Mondex smartcard. Seen in action controlling Internet access, puchasing mail order goods, gaming, offering currency exchange... Ben Laurie - Wagner blinding in a Java toolkit as a basis for privacy-protected online currencies. Tyler Close - IPOs over E-rights. Listings on the ferex.com exchange, as an example of application design within the E environment. (lunch) Scott Moskowitz - Trusted Transactions: digital watermarking using steganographic ciphering techniques. Victor Dostov - PayCash is a new cash-like software payment system using a blinded formula, all invented and developed in Russia. For any questions on the above programme, or new proposals, please email iang at systemics.com. This conference is an informal gathering of peers, the programme will change dynamically. Please check http://www.efce.net/programme.html for the latest version. WHERE DO I FIND OUT MORE http://www.efce.net/ HOW DO I REGISTER? GBP 200 for presenters of running FC code, GBP 500 for delegates. MORE QUESTIONS? Please mail [EMAIL PROTECTED] SPONSORSHIP The founding sponsors of EFCE 2000 are: Consult Hyperion http://www.consult.hyperion.co.uk/ The Internet Bearer Underwriting Corporation http://www.ibuc.com/ Intertrader http://www.intertrader.com/ Systemics http://www.systemics.com/ --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
EFCE Prelim Programme
--- begin forwarded text Date: Mon, 12 Jun 2000 01:11:58 -0400 (AST) From: Ian Grigg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: EFCE Prelim Programme Cc: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] EFCE 2000 - Preliminary Programme The First Edinburgh Financial Cryptography Engineering Conference 23-24 June 2000, Edinburgh, Scotland __ / \ /\ |Keynote by Ir. Simon Lelieveldt | | | |Lessons from the history of Dutch Payment Systems | | | | A walk through Dutch payments history, | | including the Amsterdam Exchange Bank | | (1608), the Municipal Giro 1916, and | | on to the most competitive chipcard | | money environment in the world today. | \/ \__/ "E-Commerce is Financial Cryptography" Friday - Day 1 - 23rd June Ir. Simon Lelieveldt - Keynote, see above. Edwin Woudt - Financial contracts with OpenPGP. A format for signed and parsable contracts that is suitable for describing online instruments. Amir Herzberg - IBM Micropayments as a basis for ecommerce interoperability. Neil Garner - MAOSCO. Downloading digital IDs securely onto blank MULTOS cards and then using the ID to complete non- repudiable transactions. (lunch) Invited Financial Cryptography speaker Douglas Jackson - e-gold Ltd, the leading online currency reserved in physical metal, will be shown transacting over POS devices such as WAP phones. Ian Grigg - WebFunds, a Java application that acts as a host and platform for payment systems such as SOX, and user features such as email payments. Saturday - Day 2 - 24th June Rachel Willmer - the Intertrader CashBox. A payment management system which supports Internet loading and spending of a variety of Internet payment types, including the Mondex smartcard. Seen in action controlling Internet access, puchasing mail order goods, gaming, offering currency exchange... Ben Laurie - Wagner blinding in a Java toolkit as a basis for privacy-protected online currencies. Tyler Close - IPOs over E-rights. Listings on the ferex.com exchange, as an example of application design within the E environment. (lunch) Scott Moskowitz - Trusted Transactions: digital watermarking using steganographic ciphering techniques. Victor Dostov - PayCash is a new cash-like software payment system using a blinded formula, all invented and developed in Russia. For any questions on the above programme, or new proposals, please email iang at systemics.com. This conference is an informal gathering of peers, the programme will change dynamically. Please check http://www.efce.net/programme.html for the latest version. WHERE DO I FIND OUT MORE http://www.efce.net/ HOW DO I REGISTER? GBP 200 for presenters of running FC code, GBP 500 for delegates. MORE QUESTIONS? Please mail [EMAIL PROTECTED] SPONSORSHIP The founding sponsors of EFCE 2000 are: Consult Hyperion http://www.consult.hyperion.co.uk/ The Internet Bearer Underwriting Corporation http://www.ibuc.com/ Intertrader http://www.intertrader.com/ Systemics http://www.systemics.com/ --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
WPI Cryptoseminar, Thursday, 5/25
(CHES 2000)! ! WPI, August 17 18, 2000! ! http://www.ece.wpi.edu/Research/crypt/ches! *** Christof Paar, Assistant Professor Cryptography and Information Security (CRIS) Group ECE Dept., WPI, 100 Institute Rd., Worcester, MA 01609, USA fon: (508) 831 5061email: [EMAIL PROTECTED] fax: (508) 831 5491www: http://ee.wpi.edu/People/faculty/cxp.html *** For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
VirtualBanking2000
--- begin forwarded text From: Jay Mandevia [EMAIL PROTECTED] To: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED] Subject: VirtualBanking2000 Date: Wed, 17 May 2000 18:35:55 +0100 Dear Robert, RMR plc in partnership with the Chartered Institute of Bankers (CIB) have just launched the first web-based conference in the banking industry entitled VirtualBanking2000 (at www.virtualbanking2000.com). This web based conference and resource centre is designed to attract a mass audience to exchange ideas and receive presentations from leaders in the virtual banking industry. The conference goes live on 18 September 2000 for two weeks and will address the developing world of branchless banking. RMR plc have run several successful web based conferences including Environment97 (www.environment97.org) part of the Engineering Council's 2020 Vision, Safety98 (www.safety98.org), Aviation99 (www.aviation99.com) and the hugely successful Autism99 (www.autism99.org) which attracted in excess of 30,000 people and huge amounts of positive publicity. Two new conferences will be run in May 2000 entitled ForBusiness2000 (www.ForBusiness2000.com) and EnergyResource2000 (www.EnergyResource2000.com). Given your interest in the Banking Industry, RMR plc are pleased to invite you to contribute a paper to the Security and Encryption sector of the conference. Listed below are the conference sectors. Security and Encryption Software Service and Distribution Channels Hardware and ATM's Smart Cards WAP Call Centres Revolutionary Banking Legislation and Policy Risk Management All papers are at our invitation only and will attract a substantial amount of interest from the invited audience. The following pieces of information would be needed as soon as possible: 1. A paper title (no later than 15 June 2000) 2. An abstract (100 words) (no later than 15 June 2000) 3. A biography (50 words) (no later than 15 June 2000) 4. A head and shoulders photograph of the author(s) (no later than 15 June 2000) The full papers (in the region of 3-4000 words) must be technically oriented and not contain any content of a commercial nature. We need to receive your contribution no later than 15 July 2000 - in order to finalise and prepare the content for the conference. If you would like to see further details, please take a moment to view our online conference pack - www.virtualbanking2000.com/conferencepack. I look forward to speaking with you later in the next few days. Kind regards Jay Mandevia RMR Plc. http://www.rmrplc.com/www.rmrplc.com WebConference Co-ordinator Tel: +44 1865 733733 Fax: +44 1865 733777 Mail to: mailto:[EMAIL PROTECTED][EMAIL PROTECTED] --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Second Call, Change of Venue: EFCE 2000
--- begin forwarded text Date: Mon, 15 May 2000 17:09:20 +0200 To: "EFCE 2K Conference List" [EMAIL PROTECTED] From: Fearghas McKay [EMAIL PROTECTED] Subject: [EFCE2K] Conference announcement: EFCE 2000 Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] EFCE 2000 The First Edinburgh Financial Cryptography Engineering Conference 23-24 June 2000, Edinburgh, Scotland WHY HOLD A CONFERENCE ON FINANCIAL CRYPTOGRAPHY ENGINEERING? Because E-Commerce is Financial Cryptography. Whether you're securing a website credit card transaction with SSL, storing an existing currency in smartcard form or creating a completely new online currency, the technology which makes the transaction possible is "Financial Cryptography". Although E-Commerce is still very much in its first wave of evolution, with the hundred-year-old technology known as "mail order" taken online, the future of E-Commerce promises to be far more revolutionary. And it will be the technologies under development today that will enable the new business models of tomorrow. You can see all of these leading edge technologies at EFCE 2000, in June in the beautiful city of Edinburgh... TELL ME MORE ABOUT THIS CONFERENCE This international conference is intended to enable technology companies and individual innovators at the "leading edge" of Financial Cryptography Engineering to showcase their products and technologies in front of an audience of their peers. No "vapourware" conference this - presenting companies are only accepted onto the programme if they have demonstrable working technology ! WHO WILL ATTEND? - Technologists who want to survey the "state-of-the-art" financial cryptographic applications - Technical managers who need to know what is happening at the forefront of e-commerce payments technology HOW DO I BENEFIT? - Managers, architects, marketeers and financiers at the cutting edge of financial cryptography will benefit by surveying the art. - Journalists charged with tracking the net's effect on society will see the changes in the next generation. - Programmers, implementers, designers will see the technology of their peers, and will have their peers critique their best offerings. HOW MUCH DOES IT COST? £200 for presenting delegates; £500 for non-presenting delegates. HOW DO I REGISTER? http://www.efce.net ANY QUESTIONS? Please mail [EMAIL PROTECTED] SPONSORSHIP The founding sponsors of this conference are: Consult Hyperion http://www.consult.hyperion.co.uk The Internet Bearer Underwriting Corporation http://www.ibuc.com Intertrader http://www.intertrader.com Systemics http://www.systemics.com --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Paul St. Pierre; XML, Smartcard Wallets and Digital Commerce
--- begin forwarded text Date: Fri, 12 May 2000 11:46:35 -0400 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Paul St. Pierre; XML, Smartcard Wallets and Digital Commerce Cc: "Paul St. Pierre" [EMAIL PROTECTED], Bruce Schneier [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- [Note that the Harvard Club is now "business casual". No more jackets and ties... --RAH] The Digital Commerce Society of Boston Presents Paul St. Pierre, Vice President of Engineering and co-founder, WearLogic, Inc. An XML-based Software Platform for Interacting with SmartCards in your Wallet Tuesday, June 6th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA XML is increasingly being used as a container for complex data, in both Business to Business (B2B) and Business to Consumer applications. A major virtue of XML over HTML is the separation of content from formatting -- XML encapsulates the data according to its meaning, but can be rendered according to the characteristics of the user's display device. In addition, XML defines Processing Instructions, which can be used to cause the "processor" (the XML interpreter) to perform certain actions at key points in the XML stream. This talk examines the XML software platform being developed by WearLogic http://www.wearlogic.com for its SmartWear(TM) electronic wallet products, and its applicability to a variety of SmartCard types and applications. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, June 6th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club has relaxed its dress code, which is now "business casual", meaning no sneakers or jeans. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of what's left of its dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, June 3rd, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (We've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: JulyNO MEETING: (4th of July and Tall Ships) August Bruce Schneier TBA We are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, are a principal in digital commerce, and would like to make a presentation to the Society, please send e-mail to the DCSB Program Committee, care of Robert Hettinga, mailto: [EMAIL PROTECTED]. For more information about the Digital Commerce Society of Boston, send "info dcsb" in the body of a message to mailto: [EMAIL PROTECTED] . If you want to subscribe to the DCSB e-mail list, send "subscribe dcsb" in the body of a message to mailto: [EMAIL PROTECTED] . We look forward to seeing you there! Cheers, R. A. Hettinga Moderator, The Digital Commerce Society of Boston -BEGIN PGP SIGNATURE- Version: PGP 6.5.2 iQEVAwUBORwnPcUCGwxmWcHhAQF7AQgAoEBarH8dOaM32pK2urRpBVBrJSvVli2J m6EzFFXhYSFhG5NQJ5Oi/S78oTJrVRUjHKhZrNa5QUbkDz43uqEEi5IlDDBKbvIv tlvxdnOd/rldRCsxAxjbAGICrlg/Ns4ZpQDZzBOVPqCFwjnT2TJLGemb7Y5Q09YG ZXZIOpHocRRECmOYiY4S+c47jAf7dY9fW6+9qJda5yOO8KdSkh7/KzI60zqpl/ld uW+gDlgr1U8jnbNLO+8uM3SYyIegIvYHGPmk6nZjvdhpoImZC7VT63Itqqi0gCcP R0UqjecLRkRYqyvUB6cqjOhx9pOxmj9XhQl31F1jN0V7DQwssaiEog== =tl37 -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' ~~ To unsubscribe fro
Re: Are these things crypto accellerators? (was Re: Edupage, 8 May 2000)
--- begin forwarded text Date: Tue, 09 May 2000 10:52:46 +0200 To: "R. A. Hettinga" [EMAIL PROTECTED] From: Somebody Subject: Re: Are these things crypto accellerators? (was Re: Edupage, 8 May 2000) Hi Robert, Yes, they include crypto acceleration, based on the ssl accelerators that Intel got when they bought iPivot. Seems like they have added XML support to the two current products in their line of network based ssl accelerators, the 7180 and the 7110: http://www.intel.com/netstructure/ecommerce_equipment.htm Patrik At 23:03 2000-05-08 R. A. Hettinga wrote: At 4:44 PM -0600 on 5/8/00, EDUCAUSE wrote: INTEL TO INTRODUCE 2 NEW DEVICES The new Intel NetStructure 7280 XML Director and 7210 XML Accelerator, devices that will make online business transactions 150 times faster, will be introduced by the company today. The new products are designed to remove a portion of the weight carried by network servers, and are intended for use in data centers and by application service providers on the Internet. The devices are based on XML, a format that is becoming more commonly used in business transactions on the Internet for structured documents such as invoices and purchase orders. The introduction of the two devices is a continuation of Intel's drive to provide e-commerce tools that accelerate business on the Web. (New York Times, 8 May 2000) -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
[Fwd: Stambler patents]
--- begin forwarded text Date: Thu, 04 May 2000 11:14:27 +0100 From: Graeme Burnett [EMAIL PROTECTED] Organization: Hawkley To: [EMAIL PROTECTED] Subject: [Fwd: Stambler patents] FYI Original Message Subject: Stambler patents Date: Thu, 4 May 2000 11:09:53 +0100 From: Simon Oxley [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Anyone here know anything about the patents registered by Leon Stambler? He has 7 patents going back to 1992 on mechanisms for digital signatures, integrity checks etc. Apparently his lawyers are writing to companies implementing SSL, SET etc claiming they infringe his patents. The main patent is: http://www.patents.ibm.com/details?pn10=US05267314 Regards -- Simon Oxley email: [EMAIL PROTECTED] --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
IP: Microsoft + Xerox for copyright tech venture
--- begin forwarded text Date: Fri, 28 Apr 2000 03:35:12 -0500 To: [EMAIL PROTECTED] From: [EMAIL PROTECTED] Subject: IP: Microsoft + Xerox for copyright tech venture Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Nando Media http://www.nandotimes.com/noframes/business/story/0,2469,500197580-500270935 -501423740-0,00.html Microsoft to join Xerox for copyright technologies venture The Associated Press SEATTLE (April 27, 2000 4:46 p.m. EDT http://www.nandotimes.com) - Microsoft Corp. and Xerox Corp. on Thursday announced the creation of a company to produce and market new technologies to protect copyrighted material on the Internet. The joint venture, ContentGuard Inc., is being spun off from a division of Xerox's Palo Alto, Calif., Research Center. That division developed a new computer language that allows writers, musicians and publishers to determine exactly how their readers and listeners use their materials. For example, a record label can include code within a digital audio file that would restrict how many times it could be copied, or how long a listener can listen to it. For documents, the language can be used to restrict anyone from printing the file or sending it via e-mail. The language has enough flexibility for a wide variety of restrictions or freedoms, depending on what the publisher wants, according to Dick Brass, co-chairman of the new company and vice president of technology development at Microsoft. "It allows you to set the rules however you like, for any piece of content you can think of," Brass said. "We're hoping to make it an industry standard." ContentGuard will license the computer language royalty-free and will create software programs using the language for sale. Brass said the language will be submitted to the industry committees that set standards for the Internet. Xerox will retain majority control of ContentGuard, while Microsoft will have a minority stake. Representatives of both companies will be co-chairmen of the new venture. ** To subscribe or unsubscribe, email: [EMAIL PROTECTED] with the message: (un)subscribe ignition-point email@address ** --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
EU EASES CRYPTO EXPORT RULES (was Re: [ILN] INTERNET LAW NEWS -APRIL 28, 2000)
At 9:20 AM -0400 on 4/28/00, Michael Geist wrote: EU EASES CRYPTO EXPORT RULES The European Union is relaxing export rules on encryption, permitting virtually free circulation in all member states and in ten other countries. The relaxed rules cover over 80% of the world market. http://interactive.wsj.com/articles/SB956867771608897487.htm -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Crypto Thesis Presentation, Wednesday 4/26
--- begin forwarded text Date: Mon, 24 Apr 2000 10:09:13 -0400 (EDT) From: Christof Paar [EMAIL PROTECTED] To: WPI Crypto Seminar: ; Subject: Crypto Thesis Presentation, Wednesday 4/26 Sender: [EMAIL PROTECTED] Reply-To: Christof Paar [EMAIL PROTECTED] MS Thesis Presentation and WPI Cryptography Seminar Efficient Arithmetic in Finite Field Extensions with Application in Elliptic Curve Cryptography Daniel V. Bailey CS Dept, WPI Wednesday, April 26 3:00 pm, AK 218 (refreshments at 2:45 pm) This contribution focuses on a class of Galois field used to achieve fast finite field arithmetic which we call an Optimal Extension Field (OEF). We extend the state of the art of the subject by presenting an adaptation of Itoh and Tsujii's algorithm for finite field inversion applied to OEFs. In particular, we use the facts that the action of the Frobenius map in GF(p^m) can be computed with only m-1 subfield multiplications and that inverses in GF(p) may be computed cheaply using known techniques. As a result, we show that one extension field inversion can be computed with a logarithmic number of extension field multiplications. In addition, we provide new extension field multiplication formulas which give a performance increase. Further, we provide an OEF construction algorithm together with tables of Type I and Type II OEFs along with statistics on the number of pseudo-Mersenne primes and OEFs. We apply this new work to provide implementation results using these methods to construct elliptic curve cryptosystems on both DEC Alpha workstations and Pentium-class PCs. These results show that OEFs when used with our new inversion and multiplication algorithms provide a substantial performance increase over other reported methods. Advisor: Prof. Christof Paar, ECE and CS Depts. Reader: Prof. Gabor Sarkozy, CS Dept. -- DIRECTIONS: The WPI Cryptoseminar is being held in the Atwater Kent building on the WPI campus. The Atwater Kent building is at the intersection of the extension of West Street (labeled "Private Way") and Salisbury Street. Directions to the campus can be found at http://www.wpi.edu/About/Visitors/directions.html ATTENDANCE: The seminar is open to everyone and free of charge. Simply send me a brief email if you plan to attend. TALKS IN THE SPRING 2000 SEMESTER: 3/22 Thomas Wollinger et al., WPI How Well Are High-End DSPs Suited for the AES Algorithms? 3/29 Joseph Silverman, Brown University Lattices and Cryptography 4/6 Adam Elbirt et al., WPI A Comparison of the AES Algorithms on FPGAs 4/19 Gerardo Orlando, WPI A Comparison of Modular Reduction Architectures 4/26 Dan Bailey, WPI Public-Key Cryptosystems with Optimal Extension Fields (MS Thesis presentation) 5/3 Adam Woodbury et al., WPI Public-Key Algorithms on Smart Cards without Coprocessors See http://www.ece.WPI.EDU/Research/crypt/seminar/index.html for talk abstracts. MAILING LIST: If you want to be added to the mailing list and receive talk announcements together with abstracts, please send me a short email. Likewise, if you want to be removed from the list, just send me a short email. Regards, Christof Paar ! WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS (CHES 2000)! ! WPI, August 17 18, 2000! ! http://www.ece.wpi.edu/Research/crypt/ches! *** Christof Paar, Assistant Professor Cryptography and Information Security (CRIS) Group ECE Dept., WPI, 100 Institute Rd., Worcester, MA 01609, USA fon: (508) 831 5061email: [EMAIL PROTECTED] fax: (508) 831 5491www: http://ee.wpi.edu/People/faculty/cxp.html *** For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
IP: Gates, Gerstner helped NSA snoop - US Congressman
e. Fernandes also noted that Microsoft has previously written poor software with the same weakness - in the Authenticode framework, for example. Fernandes also pointed out that there is a flaw in the way the crypto_verify function is implemented, because the NSA key can be eliminated or replaced easily. He produced a demonstration program to do this, which if used would remove the possibility of the NSA having export control. Replacing this NSA key would be commercially illegal, but if it is indeed a key owned by the NSA, the legality outside the USA of what is being done is an open question. There is a further possibility: it may be that the NSA did not in fact need a key as it had its own module between Windows and the encryption, which could of course specifically intercept just secure traffic. Microsoft cast further doubt on its explanation when it told the Washington Post that the _NSAKEY was "only a notation that conforms to technical standards set by the NSA". The snag with this explanation is that the NSA has no technical standards for publicly available cryptography, leaving Microsoft's claim looking very shaky. It is known that in 1996, IBM agreed with the NSA that in return for allowing Lotus Notes to be exported with 64-bit encryption, the NSA would get to have 24 of the bits, and so would only have to crack 40 bits, which was within the NSA's capability at that time. ® -- Dan S. ** To subscribe or unsubscribe, email: [EMAIL PROTECTED] with the message: (un)subscribe ignition-point email@address ** --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Can Accountants Compute?
At 10:12 AM -0500 on 3/27/00, Duncan Frissell wrote: In a UK magazine ad, PricewaterhouseCoopers http://www.pwcglobal.com/ says "We are developing a new model of E-Cash for one of the largest global financial organizations". Offhand, I would say 'ecash', from Ecash Technologies, for Deutchebank, which, having just merged with Dresdner is one of the world's top (3?) largest. Cheers, RAH -- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
WPI Cryptoseminar, Wednesday March 29
--- begin forwarded text Date: Mon, 27 Mar 2000 07:07:45 -0500 (EST) From: Christof Paar [EMAIL PROTECTED] To: "WPI.Crypto.Seminar":; Subject: WPI Cryptoseminar, Wednesday March 29 Sender: [EMAIL PROTECTED] Reply-To: Christof Paar [EMAIL PROTECTED] Please note the unusal time (1:30 pm) of this talk. - Christof Paar WPI Cryptography Seminar Lattices and Cryptography Joe Silverman Brown University Wednesday, March 29 1:30 pm, AK 218 (refreshments at 1:15 pm) The problem of finding short vectors in lattices has a long history from both a theoretical and an algorithmic perspective. Various cryptographic systems have been proposed that are based, either explicitly or implicitly, on this or related hard problems. I will give an overview of the theory of lattices and lattice reduction and will describe two lattice-based cryptosystems. DIRECTIONS: The WPI Cryptoseminar is being held in the Atwater Kent building on the WPI campus. The Atwater Kent building is at the intersection of the extension of West Street (labeled "Private Way") and Salisbury Street. Directions to the campus can be found at http://www.wpi.edu/About/Visitors/directions.html ATTENDANCE: The seminar is open to everyone and free of charge. Simply send me a brief email if you plan to attend. TALKS IN THE SPRING 2000 SEMESTER: 3/22 Thomas Wollinger et al., WPI How Well Are High-End DSPs Suited for the AES Algorithms? 3/29 Joseph Silverman, Brown University Lattices and Cryptography 4/6 Adam Elbirt et al., WPI (NOTE: Talk is on a Thursday) A Comparison of the AES Algorithms on FPGAs TBA Dan Bailey, WPI Public-Key Cryptosystems with Optimal Extension Fields (MS Thesis presentation) TBA Adam Woodbury, WPI Public-Key Algorithms on Smart Cards without Coprocessors TBA Gerardo Orlando, WPI A Comparison of Modular Reduction Architectures See http://www.ece.WPI.EDU/Research/crypt/seminar/index.html for talk abstracts. MAILING LIST: If you want to be added to the mailing list and receive talk announcements together with abstracts, please send me a short mail. Likewise, if you want to be removed from the list, just send me a short mail. Regards, Christof Paar ! WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS (CHES 2000)! ! WPI, August 17 18, 2000! ! http://www.ece.wpi.edu/Research/crypt/ches! *** Christof Paar, Assistant Professor Cryptography and Information Security (CRIS) Group ECE Dept., WPI, 100 Institute Rd., Worcester, MA 01609, USA fon: (508) 831 5061email: [EMAIL PROTECTED] fax: (508) 831 5491www: http://ee.wpi.edu/People/faculty/cxp.html *** For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
WPI Crypto Seminar: How Well Are High-End DSPs Suited for the AESAlgorithms?
--- begin forwarded text Date: Mon, 20 Mar 2000 06:04:33 -0500 (EST) From: Christof Paar [EMAIL PROTECTED] To: "WPI.Crypto.Seminar":; Sender: [EMAIL PROTECTED] Reply-To: Christof Paar [EMAIL PROTECTED] The WPI Cryptoseminar starts again. As always, attendance is free and everybody is welcome. - Christof Paar WPI Cryptography Seminar How Well Are High-End DSPs Suited for the AES Algorithms? Thomas Wollinger WPI Wednesday, March 22 4:30 pm, AK 218 (refreshments at 4:15 pm) This presentation describes joint work with Jorge Guajardo, Min Wang and Christof Paar. The National Institute of Standards and Technology (NIST) has announced that one of the design criteria for the Advanced Encryption Standard (AES) algorithm is the efficient implementation in hardware and software. Digital Signal Processors (DSPs) are a highly attractive option for software implementations of the AES finalists since they perform certain arithmetic operations at high speeds, they are often smaller and more energy-efficient than general purpose processors, and they are commonly used for the rapidly growing market of embedded applications. In this contribution we investigate how well modern high-end DSPs are suited for the five final candidates chosen after the second AES conference. As a result of our work we will compare the optimized implementations of the algorithms on a C62x series DSP by TI. One of our findings is that the encryption rate for all five algorithms on the DSP is higher than on an Intel processor running at the same clock rate. We also show preliminary results for some AES algorithms running on the brand new C64x series DSP. The talk is an extended version of the presentation we'll give at the AES 3 conference. DIRECTIONS: The WPI Cryptoseminar is being held in the Atwater Kent building on the WPI campus. The Atwater Kent building is at the intersection of the extension of West Street (labeled "Private Way") and Salisbury Street. Directions to the campus can be found at http://www.wpi.edu/About/Visitors/directions.html ATTENDANCE: The seminar is open to everyone and free of charge. Simply send me a brief email if you plan to attend. TALKS IN THE SPRING 2000 SEMESTER: 3/22 Thomas Wollinger et al., WPI How Well Are High-End DSPs Suited for the AES Algorithms? 3/29 Joseph Silverman, Brown University Lattices and Cryptography 4/6 Adam Elbirt et al., WPI A Comparison of the AES Algorithms on FPGAs TBA Dan Bailey, WPI Public-Key Cryptosystems with Optimal Extension Fields (MS Thesis presentation) TBA Adam Woodbury, WPI Public-Key Algorithms on Smart Cards without Coprocessors See http://www.ece.WPI.EDU/Research/crypt/seminar/index.html for talk abstracts. MAILING LIST: If you want to be added to the mailing list and receive talk announcements together with abstracts, please send me a short mail. Likewise, if you want to be removed from the list, just send me a short mail. Regards, Christof Paar ! WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS (CHES 2000)! ! WPI, August 17 18, 2000! ! http://www.ece.wpi.edu/Research/crypt/ches! *** Christof Paar, Assistant Professor Cryptography and Information Security (CRIS) Group ECE Dept., WPI, 100 Institute Rd., Worcester, MA 01609, USA fon: (508) 831 5061email: [EMAIL PROTECTED] fax: (508) 831 5491www: http://ee.wpi.edu/People/faculty/cxp.html *** For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
zarro boogs (was Re: NTK now, 2000-03-03)
At 8:01 PM + on 3/3/00, Danny O'Brien wrote: HARD NEWS zarro boogs On Monday, the REGULATION OF INVESTIGATORY POWERS BILL will get its second reading in the Commons. Then it goes to committee, then it becomes law, and then you'll never hear from it again, because talking about most of its powers will get you five years in prison. So, when the police ask your ISP to put a tap on your mail, you won't hear about it. When your local trades and standards officer decides to take a look at your browser log for the last month, you won't hear about it. And when they come and get your private encryption key so that can read your friend's mails, you won't be able to tell your friend - or us - that it happened. Hell, you won't even be able to change your key if that might give us a clue. Given that it's all going to get so quiet so soon, STAND thought it might be an idea to let our MPs know that we're still here. So, with mild and belated fanfare, please welcome - STAND's Open Web to MP fax gateway. Peruse the bloody-long-but-not-as-long-as-the-bill STAND Guide to RIP, then send your comments on the Bill direct to your constituency MP's office with just a few clicks. But please be quick - MPs have only ten days from Monday to propose their amendments. At the very least, we should get an anti-spam statute out of it. http://www.stand.org.uk/ - may be a few bugs. but, hey, there's bugs everywhere these days http://www.stand.org.uk/ripnotes/ - liberty requires eternal vigilance (and magnifying glass) -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: paycash: blind signature etc.
At 12:34 AM -0500 on 2/9/00, Adam Shostack wrote: Anyway, has anyone taken a look at what the system offers? It looks to us like its covered by Chaum's blinding patent. They even call the functions in schemas 1 2 "B" and "U", apparently for blinding and unblinding. My understanding, at least from the short presentation they gave at DCSB this month, is that it's a form of blinded "passbooks" in the same way that old checking accounts used to operate. It's geodesic (it requires no hierarchy of intermediaries, just a single one) it's book-entry, not bearer, though like mondex smart cards, you could transfer passbooks. It seems that different intermediaries can sign different records, so it's not "proprietary", or at least monopolistic. It does remind me, somehow, of Eric Hughes' encrypted (blinded?) "open" books scheme a little bit. Finally, the blinding happens on highly distributed record entries, and not on bearer instruments, and, while I wouldn't be surprised if Chaum's blinding patent applies, it *is* used in a different context, and, not having studied the patent enough to say this, of course, maybe the blind signature patent doesn't cover it. They said they have a patent in Russia on it. They're looking to come to the US as well. Interesting times, indeed. Cheers, RAH - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: paycash: blind signature etc.
--- begin forwarded text Reply-To: "Victor Dostov" [EMAIL PROTECTED] From: "Victor Dostov" [EMAIL PROTECTED] To: "R. A. Hettinga" [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: paycash: blind signature etc. Date: Wed, 9 Feb 2000 18:33:39 +0300 Status: U it's our fault with Russian, I sent to Adam English copies and we'll return them on site asap. Victor - Original Message - From: R. A. Hettinga [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 09, 2000 3:56 PM Subject: Re: paycash: blind signature etc. --- begin forwarded text Date: Wed, 9 Feb 2000 00:34:43 -0500 From: Adam Shostack [EMAIL PROTECTED] To: "R. A. Hettinga" [EMAIL PROTECTED] Cc: Digital Bearer Settlement List [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: paycash: blind signature etc. So the main document I've found (blsig.doc) is doubly obfuscated, once in Russian, and once in Word's .doc format. .Doc is clearly the more annoying of these. Are there other docs in English? Anyway, has anyone taken a look at what the system offers? It looks to us like its covered by Chaum's blinding patent. They even call the functions in schemas 1 2 "B" and "U", apparently for blinding and unblinding. Adam On Tue, Feb 01, 2000 at 06:13:57PM -0500, R. A. Hettinga wrote: | Thanks much to Victor Dostov and Ivan Kouznetsov for their short but very | insightful discussion at DCSB of the paycash system. | | At my request, Victor has provided me with more information on the paycash | transaction system, and the blinding that it does in the course of moving | money around. | | It is forwarded below. | | Cheers, | Robert Hettinga, | Moderator, | The Digital Commerce Society of Boston | | | --- begin forwarded text | | | Reply-To: "Victor Dostov" [EMAIL PROTECTED] | From: "Victor Dostov" [EMAIL PROTECTED] | To: [EMAIL PROTECTED] | Subject: paycash: blind signature etc. | Date: Tue, 1 Feb 2000 01:10:32 +0300 | | A more detailed description of the Paycash Internet payment system with some | math is presented in the paper (13297 bt, zip-archive of rtf-document) at | ftp://demo.paycash.ru/paycash.zip | | For our blind signature over RSA you can see at | ftp://demo.paycash.ru/blsig.zip | | | Also we obtained an independent experts' decision on the schemes of blind | digital signature used in PayCash payment system. The examination was done | for the purpose of algorithms used in the system verification, as well as | patentability judgment. To accomplish such an expertise Bruce Schneier* the | President of Counterpane Systems Company was invited. The basic topics of | experts' decision are listed below. The whole text (zip-archive in | Postscript format, 27 283 bites) is available here: | | ftp://demo.paycash.ru/schneier.zip | | | More data is available at | | http://www.paycash.ru/new/english/ | | Best regards and thanks again | | VIctor | | --- end forwarded text | | | - | R. A. Hettinga mailto: [EMAIL PROTECTED] | The Internet Bearer Underwriting Corporation http://www.ibuc.com/ | 44 Farquhar Street, Boston, MA 02131 USA | "... however it may deserve respect for its usefulness and antiquity, | [predicting the end of the world] has not been found agreeable to | experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -- Tired of co-workers slowing you down? Leave them behind. http://jobs.zeroknowledge.com --- end forwarded text - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
CFP --- CHES 2000
nk, USA Jean-Jacques Quisquater, Universite Catholique de Louvain, Belgium Patrice Roussel, Intel Corporation, USA Christoph Ruland, University of Siegen, Germany Joseph Silverman, Brown University and NTRU Cryptosystems, Inc., USA Colin Walter, Computation Department - UMIST, U.K. Michael Wiener, Entrust Technologies, Canada Location WPI is in Worcester, the second largest city in New England. The city is 80 km (50 miles) west of Boston and 280 km (175 miles) north-east of New York City. Worcester is home to a wealth of cultural treasures, many of which are just a short distance from WPI. These include the historic Higgins Armory Museum, which houses one of the world's largest collections of armor; the EcoTarium (formerly New England Science Center), one of the only museums in the country dedicated to environmental education; and the beautifully restored Mechanics Hall, one of America's finest concert halls. The Worcester Art Museum, holding one of the nation's finest collections, and the world-renowned American Antiquarian Society, with the largest collection of items printed during the nation's colonial period, are within two blocks of the WPI campus. Worcester is also well known for its ten colleges, which cooperate through the Colleges of Worcester Consortium. Recreation areas within easy driving distance include Boston and Cape Cod to the east, the White and Green mountains to the north, and the Berkshires to the west. August weather in New England is usually very pleasant with average temperatures of 20 C (70 F). Workshop Sponsors This workshop has received generous support from cv cryptovision, Intel, secunet, and SITI. The organizers express their sincere thanks. For help on using this list (especially unsubscribing), send a message to "[EMAIL PROTECTED]" with one line of text: "help". --- end forwarded text - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Patent for pinpointing cellphones
--- begin forwarded text Date: Wed, 2 Feb 2000 16:57:44 -0800 To: [EMAIL PROTECTED] From: Somebody Subject: Patent for pinpointing cellphones Date: Wed, 02 Feb 2000 07:39:56 -0500 From: Somebody Else Subject: Remember the revelation that cell phone location could be pinpointed to a smaller area than a cell? Remember the revelation that cell phone location could be pinpointed to a smaller area than a cell? http://www.ragingbull.com/mboard/boards.cgi?board=QCOMread=22988 United States Patent 5,859,612 Gilhousen January 12, 1999 Method for using an antenna with a rotating beam for determining the position of a mobile subscriber in a CDMA cellular telephone system Inventors: Gilhousen; Klein S. (Bozeman, MT) Assignee: Qualcomm Incorporated (San Diego, CA) Appl. No.: 659408 Filed: June 6, 1996 Somebody's .sig --- end forwarded text - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Fundraiser for EFF, Downtown Harvard Club of Boston
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Members of The Digital Commerce Society of Boston and GTE/BBN, Fleet BankBoston, @Stake, Swiggart Agin, LLC and The Internet Bearer Underwriting Corporation, invite the Digital Commerce Community to cocktails and an evening fundraiser for the recent litigation efforts of THE ELECTRONIC FRONTIER FOUNDATION With special guests David Farber Harvey Sliverglate Lori Fena and others Tuesday Evening February 15, 2000 5:30 to 8:30 PM The Downtown Harvard Club of Boston One Federal Street, 38th Floor Boston Free hors d'oeuvres Cash Bar Beautiful views of Boston Harbor at night Requested minimum donation $35 The event's goal is $10,000 RSVP Robert Hettinga, Moderator, The Digital Commerce Society of Boston, mailto: [EMAIL PROTECTED] The Harvard Club of Boston has a dress code... -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.1 iQA/AwUBOJnwQMPxH8jf3ohaEQLcSwCgvqd3FcJvRtYh5O0bA3FXeefImm8AoNTY y5mYGei7rEG/swGjffegE1kc =WY09 -END PGP SIGNATURE- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Companies Ignore China's Encryption Regulations (was Re:NewsScan Daily, 1 February 2000 (Above The Fold))
At 9:48 AM -0700 on 2/1/00, NewsScan wrote: COMPANIES IGNORE CHINA'S ENCRYPTION REGULATIONS If everyone covered by China's new regulations on encryption registration had complied, about nine million Internet users would have shown up in one tiny government office to hand-deliver a form specifying what kind of encryption they used on their computers. Instead, only a handful of people showed up. Chinese officials have said there will be no extension of the deadline, but apparently have not yet decided what to do about the companies that missed it -- a group that includes virtually every Chinese and foreign company doing business in China. (Reuters/New York Times 1 Feb 2000) http://www.nytimes.com/library/tech/00/02/biztech/articles/01china-encryptio n.html - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Special Guests for DCSB Tomorrow: Paycash (from Russia), and Olivier Hance
At 10:15 AM -0500 on 1/31/00, R. A. Hettinga wrote: Suzan Dionne Balz's excellent DCSB talk "The Law of Digital Cash tomorrow" Woops. Typo. That's "The Law of Digital Cash" tomorrow Not so's you'd notice the difference, of course. :-). Cheers, RAH - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
[Fwd: 1/28/00 C.S. Colloquium]
--- begin forwarded text Date: Tue, 25 Jan 2000 18:05:39 -0500 From: Richard Lethin [EMAIL PROTECTED] Organization: Reservoir Labs, Inc. To: [EMAIL PROTECTED] Subject: [Fwd: 1/28/00 C.S. Colloquium] Sender: [EMAIL PROTECTED] Reply-To: Richard Lethin [EMAIL PROTECTED] -- Reservoir Labs, Inc. 628 Broadway, Suite 502 New York, NY 10012 212-780-0527 http://www.reservoir.com Return-Path: [EMAIL PROTECTED] Received: from cs.nyu.edu (CS.NYU.EDU [128.122.80.78]) by deer-park.reservoir.com (8.9.0/8.9.0) with ESMTP id PAA07926 for [EMAIL PROTECTED]; Tue, 25 Jan 2000 15:15:54 -0500 (EST) Received: (from majordom@localhost) by cs.nyu.edu (8.9.1/8.9.1) id OAA22855 for colloq-outgoing; Tue, 25 Jan 2000 14:45:47 -0500 (EST) X-Authentication-Warning: cs.nyu.edu: majordom set sender to [EMAIL PROTECTED] using -f Received: from dept.cs.nyu.edu (dept.cs.nyu.edu [128.122.80.31]) by cs.nyu.edu (8.9.1/8.9.1) with ESMTP id OAA22851 for [EMAIL PROTECTED]; Tue, 25 Jan 2000 14:45:45 -0500 (EST) Received: (from amico@localhost) by dept.cs.nyu.edu (8.9.1/8.9.1) id OAA08478 for colloq@cs; Tue, 25 Jan 2000 14:45:45 -0500 (EST) Date: Tue, 25 Jan 2000 14:45:45 -0500 (EST) From: Rosemary Amico [EMAIL PROTECTED] Message-Id: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: 1/28/00 C.S. Colloquium Sender: [EMAIL PROTECTED] Precedence: bulk X-Mozilla-Status2: == Department of Computer Science Courant Institute New York University DEPARTMENTAL COLLOQUIUM Allan Gottlieb New York University Intermemory The Intermemory project proposes an autonomous, world wide distributed system that will maintain information archivally and will offer extremely high availability without the storage costs of a large number of mirror sites. Information is dispersed in a redundant fashion so that only if an improbably large number of systems are down can the data not be retrieved. With one set of parameter values, an availability level comparable to more than 500 mirror sites can be obtained with a storage cost that is less than just 5 mirrors. If one assumes that the long standing exponential growth in bytes/dollar and hence bytes/system will continue, it can be shown that a contribution of storage to the system for a finite time period can entitle to the contributor to permanent ownership of (a smaller amount of) system storage. When exponential increases end, the guarantees weaken but are still attractive. The Intermemory project exposes important questions in areas as diverse as cryptography and DNS (domain name service). Recently the project has begun investigating intramemories, that is storage accessible throughout a smaller domain. Applications range from a single lan to a corporate-wide database. A major difference is that security is less of a concern since hosts are under a single administrative domain. Lowering the protection requirements will result in higher performance. When the system is restricted to a single lan, further simplifications are available and much higher performance is expected. Our implementations to date have all required that the data to be stored is write-once, i.e. immutable. We continue to examine the possiblility of full read-write support and believe that a system based on a form of ``session semantics'' in which all updates to a subtree are applied during a session of limited duration looks promising. Friday, January 28, 2000 11:30 a.m. - 12:30 p.m. Room 101 Warren Weaver Hall 251 Mercer Street New York, NY 10012-1185 Refreshments will be served in the Grumman Lounge from 11:00 - 11:30 a.m. in 13th floor of Warren Weaver Hall. Host: Allan Gottlieb, ([EMAIL PROTECTED]) (212) 998-3344 Directions: http://www.cs.nyu.edu/directions/new_wsq-campus.html Colloquium Information: http://www.cs.nyu.edu/calendar2.html == --- end forwarded text - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: BXA Press Release on New Regs
At 3:31 PM -0800 on 1/12/00, John Gilmore wrote: In addition, the guidelines also implement agreements reached by the Wassenaar Arrangement in December 1998 by decontrolling 64-bit mass market products, 56-bit encryption items and 512-bit key management products. Today's changes do not affect restrictions on terrorist supporting states (Cuba, Iran, Iraq, Libya, North Korea, Sudan, and Syria), their nationals, and other sanctioned entities. In other words, frankly, "Same shit, different day." Welcome to Xeno's munitions policy, ladies and gentlemen: half-step back, then half-step back, then half-step back, and so on, until everyone gives up in disgust and exports crypto anyway. (Meanwhile the state takes half as step back, and then half a step back, in infinite recursion) Not that such mummenchance matters in a world where strong cryptography is freely available anyway, thanks to open source cryptography, like Mr. Gilmore's FreeS/WAN effort, CryptoMozilla, Fortify, and so on. Remember, to the Church, Galileo is still (just barely, in the same Xenonian fashion) an apostate. Since the state is, in a world of ubiquitous networks and financial cryptography, going the way of the Church (i.e. more ceremony than hegemony) I bet 1gAU (compounded) that, 400 years from now, cryptography will *still* be a munition. :-). Cheers, RAH ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Preliminary Program -- Financial Cryptography '00
f Anguilla. The conference will have TCP/IP internet access. Shuttle service between the conference and the Mariners hotel will be available. REGISTRATION Registration can be done via the web at URL http://fc00.ai/. The fee for the conference, which covers all conference materials and events (including preproceedings, final proceedings, attendance at scientific sessions, and breakfast and lunch each day of the conference), is: $850 regular registration $350 academic registration $150 student registration An additional $150 fee applies to registrations for which payment is received after January 15, 2000. A $100 discount ($50 for academic and student registrations) is available to participants who pay their registration fee by electronic money. Payment may be made by credit card, bank transfer, electronic money, or cash. STIPENDS A limited number of stipends to help defray the costs of attendance may be available to full-time students with a paper accepted for presentation at the conference. If you would like to apply for a stipend, please contact the General Chair at the email address listed below. HOTEL ACCOMODATION The conference hotel is not recommended except to those seeking budget accomodations. The recommended hotel is Mariners, where a block reservation has been made. To reserve a room, please call the hotel at +1 (809) 497-2671 and mention that you will be attending FC00. Information about other hotels is available at URL http://fc00.ai. WELCOME RECEPTION A welcome reception will be held from 6:30pm to 8:00pm on Monday, February 21, 2000, the evening of the first day of the conference. GENERAL INFORMATION Visas Visas are not required for citizens of most American and European countries. If you are uncertain about whether you need a visa, contact the local British consulate for information. Getting to Anguilla From North America, Anguilla is usually reached via San Juan (Puerto Rico). From Europe, the best connections are via St. Maarten/St. Martin (from Amsterdam or Paris), or Antigua (from London). St. Martin is very close to Anguilla and is connected by ferry as well as by plane. Local Transportation The simplest way to get around Anguilla is to rent a car. You will need to buy an Anguilla drivers license, but this is a formality. Taxis are also available. Another possibility is to hitch rides from local residents, who are eager to provide them and will often stop to offer rides unsolicited. Transportation will be provided at specific times between Mariners and the InterIsland hotel. Weather Expect temperatures in the 20's or 30's Celsius, 70's or 80's Fahrenheit. There is often a strong wind, with cloudbursts that quickly blow over. Dress code for the conference is shorts and T-shirt. Money The local currency is the Eastern Caribbean dollar (EC$), with an exchange rate of approximately EC$2.7/US$1, but many goods and services in Anguilla, particularly those aimed primarily at tourists (such as restaurants and hotels) are priced in US dollars. US dollars are freely tradable everywhere on the island, so there is no need to obtain EC dollars before arrival. PROGRAM COMMITTEE Dan Boneh, Stanford Joan Feigenbaum, ATT Labs - Research Yair Frankel, CertCo Stuart Haber, InterTrust STAR Lab Philip MacKenzie, Lucent Bell Labs Ueli Maurer, ETH Zurich Clifford Neuman, USC Kazue Sako, NEC Dan Simon, Microsoft Paul Syverson, Naval Research Laboratory Win Treese, Open Market, Inc. Nicko van Someren, nCipher Program Chair: Yair Frankel (email: [EMAIL PROTECTED]) ORGANIZING COMMITTEE General Chair: Donald Beaver (email: [EMAIL PROTECTED]) Local Arrangements Chairs: Vincent Cate (email: [EMAIL PROTECTED]) Rafael Hirschfeld (email: [EMAIL PROTECTED]) Sponsorship Chairs: Lesley Matheson (email: [EMAIL PROTECTED]) Robert Tarjan (email: [EMAIL PROTECTED]) SPONSORS FC00 is sponsored by: e-gold Transnational http://www.e-gold.com Hush Communications Corporation http://www.hushmail.com InterTrust Star Lab http://www.star-lab.com Telcordia Technologies http://www.telcordia.com nCipher Corporation http://www.ncipher.com Zero-Knowledge Systems http://www.zeroknowledge.com Hansa Bank Trust Company http://www.hansa.net/ Offshore Information Services http://offshore.ai/ If you are interested in sponsoring FC00, please contact the Sponsorship Chairs at the email addresses listed above. For further information, please see the main FC00 conference web page at URL http://fc00.ai/. --- end forwarded text ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: EFF DeCSS Case Fund-Raiser -- Speakers Wanted
-BEGIN PGP SIGNED MESSAGE- I just got email from Warren Agin, of Swiggart and Agin, this afternoon. Swiggart and Agin has offered to be the first partial sponsor of the EFF fundraiser we've been kicking around on the DCSB list recently, a direct result of discussions on the cypherpunks list, and other places, about contributing money to EFF's DeCSS legal effort. This fit in nicely with previous discussions we've had on the DCSB list about doing a regular series of fund-raisers by the Boston digital commerce community for worthy internet causes. Obviously, we're looking for more sponsorship money to cover the rest of the event's costs, but for now it looks like we're really going to do this thing on some Friday evening to be announced later. Once we get the rest of the sponsorship money organized, anyway... However, on the strength of Swiggart and Agin's sponsorhip alone, I'm going to talk to the catering office after the DCSB lunch tomorrow about scheduling and arrangements for this event. Assuming that more sponsorship money's on the way (and soon, I hope; I'd like to get money to EFF as soon as possible) we're now recruiting speakers, preferrably those with internet name recognition or, better, those who have a stake in the case itself, for the fundraiser's program. Suggestions would be welcome, but actual commitments from people to speak would be even better. So, if you, or someone you know of, would like to speak to the issue of internet source-code as freedom of speech, the right to reengineer code as basic requirement of internet software engineering, and the other very important issues that EFF is fighting for in this DeCSS court case, please contact me directly, in email, and I'll get you on to the program. The fundraiser itself will be held on a Friday evening, when the dress code at the Downtown Harvard Club of Boston doesn't require a jacket and tie, which should come as a relief to some folks out there. The "price" of admission to this event will be a check, payable to the EFF, for a suggested donation of $35. Obviously, the more money, the merrier, but we figure that your donation should at least be the price of a normal DCSB luncheon, since that's a number the Society membership is immediately comfortable with. In addition to a cash bar, there will be complementary hors d'oeuvres. Those, and the room rental and staffing is what the sponsorship money's for, so your contributions can go directly to EFF and nowhere else. The Society is hoping that this event will raise at least $10,000 for the EFF, maybe more. That means, ultimately, that a lot of people, and their companies, should be doing quite a bit more than just show up with the minimum donation in hand to make this work the way we hope. Fortunately, we also believe that that contribution goal is entirely within reach of the Boston digital commerce community, or the Society wouldn't be committing to do these new fundraisers to begin with. Again, we'll say more later, like the actual date and time, as we get it worked out -- and, of course, as the rest of the sponsors sign up. In addition, if you, your organization, or an organization you know of, is a candidate for future fundraisers like this one, please let me know directly so we can see if there's something we can do to help. Finally, Warren, on behalf of the DCSB membership, I would personally like to take this opportunity to thank you and Swiggart and Agin for being the very first sponsors of the very first of what we hope will be many DCSB internet fundraisers to come. Cheers, Robert A. Hettinga, Moderator, The Digital Commerce Society of Boston -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.1 iQEVAwUBOHD0e8UCGwxmWcHhAQEZNAf/f7cT5j2bF+BxEutpHIDHdzrKhI6TyHii 5h5hcn3UL+JTVvRou2V18NzEcgu42J3O+hs+3U03/CfuuLeNF330jJuaOYf5vU8+ XQBgUsVTFUyagvzpFcAqr3dOdIv3Pux0kgUB8QurYzfOh91DIHpcFkrwKHjQc0Or 6Fujoj9qaR3pc4gPnwFz3WnZ8xIUCfZHXIqWC/kp1dPKwOJSGqnk6vYhRqFK/qI6 9/EAsWpvKdq1Sb3MgivSDUEzf/IDE4VTx2AdRuWQplrOu4pr1nbnsvUQJqgDnNMx 55PlXK5LRSm0jEnp3CRTu8vRlRql0v4fh2nYuRtKTdiC2yZECaq93Q== =qn2L -END PGP SIGNATURE- ----- R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: milis or newsgroup on financial crypto
-BEGIN PGP SIGNED MESSAGE- At 3:57 AM +0800 on 12/25/99, Arrianto Mukti Wibowo wrote: Does anybody know any mailing list or newsgroup for people whose interested in financial cryptography, especially e-cash? Ding! You rang? :-). By posting here on cryptography, you've already come to something like the right place, but you can dial in tighter on the economic/legal/financial problems of digital bearer financial cryptography, i.e. "e-cash", in all its lexical permutations, here: mailto:[EMAIL PROTECTED] There's also, of course, [EMAIL PROTECTED], which is a majordomo list like this one devoted to actually coding crypto, and where blinding schemes are, this moment, being thrashed out in gory detail by actual cryptographers, and, finally, there's the granddaddy of all crypto-anarchy can't have one idea without the other, so say lots of adherents of both lists, cypherpunks, which can be gotten at (in one among several places, on purpose) [EMAIL PROTECTED], being also a majordomo list, though hydra-headed, to prevent censorship. Contact me directly, and let me know if you need other help. Digital Commerce *is* Financial Cryptography. "Real time gross settlement" *is* digital bearer settlement. cet, cet, cet... Cheers, Robert A. Hettinga dangling baby-pictures from his walletware Founder, the Digital Commerce Society of Boston the e$/e$pam lists (RIP, but ya never know, stay tuned...) the International Conference on Financial Cryptography http://www.fc.ai, http://www.fc00.ai (and others, in opposing temporal directions...) the International Financial Cryptography Association http://www.ifca.ai Philodox Financial Technology Evangelism http://www.philodox.com the Digital Bearer Settlement List see above and, finally, (so far, anyway, lots more picture-holders in the wallet), the Internet Bearer Underwriting Corporation http://www.ibuc.com -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.1 iQEVAwUBOGQfg8UCGwxmWcHhAQFvkgf+NN5tXWuNz7yZ4kPLjpv5z3/05/A01jkD 3ddtGGcutSIwZkgtm9DcLml0jtfzZfVOp9V/UT+hv+lwkLofm6elpsa/5HYiYTwL x/oMtdqBAXdEuzrlppTGUrEMlc2qNGhNtn02sMj1GwCJKLU7sXiPrCkKKw09S/YS mceTaBt/H6MEo9nojkdiH5URFZQ3yCsN+5er9Do6KF552LnpgmIRX1/EbwAzLN8D ivYpu3GXEB3wwZLq2lpi47daMgPh3Z4rVq7XqJRs8kcJ8lqwWBsJM79wdJcNSx0y 70x2Dq8EKHwXZYEcZmk0PqUS/N6F+Yh4Cq4LeHW9NZipc7v+NiMY6g== =azqd -END PGP SIGNATURE- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
DCSB: Elias Israel; The Libertarians and Digital Commerce
--- begin forwarded text Date: Mon, 20 Dec 1999 11:09:49 -0500 To: [EMAIL PROTECTED], [EMAIL PROTECTED] From: "R. A. Hettinga" [EMAIL PROTECTED] Subject: DCSB: Elias Israel; The Libertarians and Digital Commerce Cc: Elias Israel [EMAIL PROTECTED], Muni Savyon [EMAIL PROTECTED], Suzan Dionne [EMAIL PROTECTED], Fred Hapgood [EMAIL PROTECTED], "André Dubois" [EMAIL PROTECTED], Rodney Thayer [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Reply-To: "R. A. Hettinga" [EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- The Digital Commerce Society of Boston Presents Elias Israel, Chairman, The Libertarian Party of Massachusetts New-Politics.COM: Applying the Internet commerce model to the construction of America's 21st Century Political Party Tuesday, January 4th, 2000 12 - 2 PM The Downtown Harvard Club of Boston One Federal Street, Boston, MA [The Society is pleased to announce the first of a series of three talks on the effects of digital commerce on the politics of Massachusetts and the nation. The first talk is from the Libertarians. Between now and the November elections, we are reserving one luncheon each for the Republican and Democratic parties. Contact the Society's Moderator, below, for further details if you would like to propose a speaker for one of those talks.] In a time when Americans are more disgusted with politics and politicians than ever before, how can a new political party bring its ideas to the public? Does the emergence of the Internet era, like the Television era before it, signal a new balance of power between political parties? Between government and the citizen? Elias Israel, Chairman of the Libertarian Party of Massachusetts, will discuss how the Libertarian Party, the third-largest and fastest-growing in the US, is positioning itself to be the political arm of the Internet revolution, and how it is using ecommerce techniques to get the word out, to communicate both internally and externally, and to organize for improved success. Elias Israel is Chairman of the Libertarian Party of Massachusetts. The Libertarian Party is the third largest and fastest growing political party in Massachusetts and the United States. As the Chairman, Mr. Israel develops and executes plans and directs volunteer activity for the infrastructure growth, fundraising, and candidate recruitment activities of the party. Mr. Israel is also a high-tech professional, with more than 14 years in the software industry, working for some of Massachusetts' largest employers, including Sun Microsystems and Eastman-Kodak, as well as startup companies such as CableSoft, where he served as Director of Engineering. In addition to his political work, Mr. Israel provides software project management consulting services through his own company, ProManage, Incorporated. This meeting of the Digital Commerce Society of Boston will be held on Tuesday, January 4th, 2000, from 12pm - 2pm at the Downtown Branch of the Harvard Club of Boston, on One Federal Street. The price for lunch is $35.00. This price includes lunch, room rental, A/V hardware if necessary, and the speakers' lunch. The Harvard Club *does* have dress code: jackets and ties for men (and no sneakers or jeans), and "appropriate business attire" (whatever that means), for women. Fair warning: since we purchase these luncheons in advance, we will be unable to refund the price of your meal if the Club finds you in violation of the dress code. We need to receive a company check, or money order, (or, if we *really* know you, a personal check) payable to "The Harvard Club of Boston", by Saturday, January 1st, or you won't be on the list for lunch. Checks payable to anyone else but The Harvard Club of Boston will have to be sent back. Checks should be sent to Robert Hettinga, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they *must* be made payable to "The Harvard Club of Boston", in the amount of $35.00. Please include your e-mail address so that we can send you a confirmation If anyone has questions, or has a problem with these arrangements (We've had to work with glacial A/P departments more than once, for instance), please let us know via e-mail, and we'll see if we can work something out. Upcoming speakers for DCSB are: February Suzan Dionne The Law of Digital Cash March Fred Hapgood The Rise and Fall of Internet Auctions April André Dubois Canadian Digital Commerce Policy TBARodney Thayer Transnational Cryptography We are actively searching for future speakers. If you are in Boston on the first Tuesday of the month, are a principal in digital commerce, and would like to make a presentation to the Soc
Siemens Card Hacked?
Fire at will, people... Cheers, RAH (Yes, you'd helping him write his story. For free. So, what else is new? :-)) --- begin forwarded text From: "Davis, Don" [EMAIL PROTECTED] To: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED], "'[EMAIL PROTECTED]'" [EMAIL PROTECTED], "'[EMAIL PROTECTED]'" [EMAIL PROTECTED] Subject: Siemens Card Hacked? Date: Tue, 14 Dec 1999 10:12:35 -0500 Hello, This is Don Davis, editor of Card Technology, a Chicago-based magazine that covers the smart card industry. I am trying to get some information about the alleged hack of a Siemens card used in the Geldkarte system in Germany. Your e-mail addresses were on a series of e-mails forwarded to me. I was hoping someone could explain to me what the hacker claims to have done (in layman's terms) and what the significance would be if it were true. Siemens claims there is no threat to Geldkarte or the digital signature card (are they one and the same?) Also, has the hacker been identified? Siemens says, "The supposed hacker is a student who programmed a free programmable card to analyse the chip behavior. He has apologized to Infineon Technologies and confirmed that the reports relating to his attempt at cracking the chip are not true." What do you think? (And, by the way, what do they mean by a programmable card; I do have calls into Infineon and Geldkarte to get their answers, as well.) Any information you can provide will be greatly appreciated. Don Davis, editor, Card Technology [EMAIL PROTECTED] (312) 983 6152 --- end forwarded text - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Ten Risks of PKI
//www.counterpane.com Carl M. Ellison is a Senior Security Architect for Intel Corporation, with special focus on cryptography, cryptographic access control and public key certificates. Prior to the focus on cryptography, his earlier professional computer science career focused on system design with special emphasis on distributed and networked systems. - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Ten Risks of PKI
can compute the probability of loss of key as a function of time and usage. Does the vendor do that computation? What probability threshold is used to consider a key invalid? Does the vendor support certificate or key revocation? Certificate Revocation Lists (CRLs) are built into some certificate standards, but many implementations avoid them because they seem to be archaic remnants of the newsprint booklets of bad checking account numbers one used to find at the supermarket checkout stand. Like those booklets, CRLs are seen as too big and too outdated to be relevant. However, if CRLs are not used, how is revocation handled? If revocation is handled, how is compromise of a key detected in order to trigger that revocation? Can revocation be retroactive? That is, can a certificate holder deny having made some signature in the past? If so, are signatures dated so that one knows good signatures from suspect ones? Is that dating done by a secure timestamp service? How long are the generated public keys and why was that length chosen? Does the vendor support 512-bit RSA keys just because they're fast or 2048-bit keys because someone over there in the corner said he thought it was secure? Does the proper use of these certificates require user actions? Do users perform those actions? For example, when you establish an SSL connection with your browser, there's a visual indication that the SSL protocol worked and the link is encrypted. But who are you talking securely with? Unless you take the time to read the certificate that you received, you don't know. Even then, you may not know (cf., Risk #4, above) but if you don't even look, it's much like going into a private room with the lights off: you might know that someone else is there and your conversation is private, but until you know who that other person is, you shouldn't reveal any secret information. Risk #10: "Why are we using the CA process, anyway?" One PKI vendor employee confided in us a few years ago that they had great success selling their PKI solution, but that customers were still unhappy. After the CA was installed and all employees had been issued certificates, the customer turned to the PKI vendor and asked, "OK, how do we do single sign-on?" The answer was, "You don't. That requires a massive change in the underlying system software." Single Sign-On (SSO) might be the killer app of PKI. Under SSO, you come into work in the morning, plug in your smart-card, enter the PIN that activates it, and for the rest of the day, you don't have to do any more logins. All of that is handled for you by the SSO mechanism. Attractive isn't it? Of course, it's attractive. Authentication is a pain. Anything we can do to avoid it, we'll jump at. Unfortunately, the security value of authentication is all but completely defeated by SSO. Authentication is supposed to prove that the user is present at the controlling computer, at the time of the test. Under SSO, when the user has to rush to the washroom, any passing person can walk up to that user's computer and sign on someplace via the SSO mechanism. So, why are so many jumping at the CA process with such fervor? Do they use certificates out of empty ritual, just because the other guy does and it's the thing to do this year? Do they do it in order to pass the liability buck: to be able to blame the PKI experts if any insecurity sneaks through? We are not that cynical. Our assessment is that security is very difficult, both to understand and to implement. Busy system administrators and IT managers don't have the time to really understand security. They read the trade press. The trade press, influenced by PKI vendors, sings the praises of PKIs. And PKI vendors know what busy people need: a minimal-impact solution. "Here, buy this one thing and it will make you secure." So that's what they offer. Reality falls far short of this promise, but then, this is a business and the prominent voices are those with something to sell. Caveat emptor. Bruce Schneier is the author of Applied Cryptography, the Blowfish and Twofish encryption algorithms, and dozens of research papers and articles on cryptography and computer security. He is CTO of Counterpane Internet Security, Inc., a managed security service company offering leading-edge expertise in the fields of intrusion detection and prevention, preemptive threat discovery, forensic research, and organizational IT systems analysis. You can subscribe to his free monthly e-mail newsletter, Crypto-Gram, at http://www.counterpane.com Carl M. Ellison is a Senior Security Architect for Intel Corporation, with special focus on cryptography, cryptographic access control and public key certificates. Prior to the focus on cryptography, his earlier professional computer science career focused on system design with special emphasis on distributed and networked systems. - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet
FC00 update
--- begin forwarded text Resent-Date: Thu, 9 Dec 1999 23:10:32 -0400 Date: Fri, 10 Dec 1999 04:10:29 +0100 (MET) From: Ray Hirschfeld [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: FC00 update Reply-to: [EMAIL PROTECTED] Resent-From: [EMAIL PROTECTED] Resent-Sender: [EMAIL PROTECTED] Resent-Bcc: Registration for Financial Cryptography '00 will open next week. The early registration deadline has been extended until January 15. A list of accepted papers is now available on the conference website (http://fc00.ai). Anguilla sustained some water damage from Hurricane Lenny, which should be (mostly) cleaned up by the time of the conference. The conference is definitely still on! A few hotels (including the Sonesta) are not scheduled to reopen until after the conference. Further developments will be reported to the fc00 mailing list (but not to the general fc list). --- end forwarded text - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'