Cryptography-Digest Digest #803, Volume #10 Tue, 28 Dec 99 15:13:01 EST
Contents:
Re: Employing digits of pi (CLSV)
Re: Encryption: Do Not Be Complacent ("modokon")
Re: looking for simple RSA source (James Muir)
Re: Secure Delete Not Smart (Donald Haines)
Re: HD encryption passphrase cracked! (Matthew Montchalin)
Re: HD encryption passphrase cracked! (Jim)
Re: HD encryption passphrase cracked! (Jim)
Re: Encryption: Do Not Be Complacent (Jim)
Re: Secure Delete Not Smart (Jim)
Re: Secure Delete Not Smart (Jim)
Re: Secure Delete Not Smart (Jim)
Re: Economic Espionage Act of 1996 and the U.S.A. government's violations (Jim)
Re: Disbelief about Numbers Stations (Jim)
Re: Disbelief about Numbers Stations (Jim)
Re: Secure Delete Not Smart (Frank Gifford)
Re: Disbelief about Numbers Stations (dave)
Re: Secure Delete Not Smart (Guy Macon)
File format for CipheSaber-2? (Guy Macon)
----------------------------------------------------------------------------
From: CLSV <[EMAIL PROTECTED]>
Subject: Re: Employing digits of pi
Date: Tue, 28 Dec 1999 18:25:55 +0000
Mok-Kong Shen wrote:
> CLSV wrote:
> You need not have to obtain the offsets 'directly' from your key bits.
> For example, your key could be a seed to a PRNG that generates
> a very long sequence of bits to give large offset values.
Why don't use those bits instead?
This is going to be a very costly
procedure.
> After R is obtained, it is still open how one is
> going to use it, as far as my article is concerned. One can XOR the
> plaintext bits with the bits of R or one can do addition mod 2^32
> (i.e. adding 32 bits of plaintext with 32 bits of R) or use R in any
> other ways one likes, e.g. as session keys.
Aha, I didn't catch that one. I presumed that you
used R just as a stream cipher, but there are other
uses indeed.
> I have difficulty of understanding here due to my poor knowledge. For
> I couldn't yet link 'side channel attack' with 'higher computational
> cost'. Could you please explain a bit more?
Depending on the key you chose your algorithm takes
longer to calculate the digits of Pi, so a timing
attack could be feasable if the algorithm is embeded
in say a web server.
Regards,
CLSV
------------------------------
Reply-To: "modokon" <[EMAIL PROTECTED]>
From: "modokon" <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy,talk.politics.crypto,talk.politics.misc,talk.politics.drugs
Subject: Re: Encryption: Do Not Be Complacent
Date: Tue, 28 Dec 1999 18:29:14 -0000
Gee thanks Tony! In a similarly patronizing vein...
Even though you are careful and not a jaywalker...
Be careful how you cross the road now, look left & right and
wait UNTIL THERE IS NO TRAFFIC.
Cross briskly now. DON'T STOP IN THE MIDDLE OF THE ROAD!
Carry on walking until you reach the other side.
Well Done!
"Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in
message news:[EMAIL PROTECTED]...
> Encryption: Do Not Be Complacent
>
> Even though you encrypt your messages with what you
believe to
> be excellent encryption, do not necessarily be frank in
these
> encrypted communications.
>
> Continue to use code words and euphemistic phrases, etc.
that only
> you and your recipient understand. In fact, I would
create an
> entirely original vocabulary to communicate sensitive
information
> in the plain text.
>
> I would create several specific words and phrases that
convey the
> exact same meaning. I guess the best security would be to
assign
> certain numbers to represent certain words and phrases.
Then have
> any of several numbers represent the exact same word or
phrase.
>
> Remember, encryption is only part of the solution to
privacy. There
> are protocols, secure (isolated) machines, bug
(sophisticated
> eavesdropping device) threats, etc. If any of these holes
in
> security might effect you then your plain text may be
compromised
> even if you encrypt.
>
> By being purposely ambiguous or using additional codes in
your plain
> text you will have an additional level of security.
>
> It could mean the difference between succeeding or
failing.
------------------------------
From: James Muir <[EMAIL PROTECTED]>
Subject: Re: looking for simple RSA source
Date: Tue, 28 Dec 1999 18:21:18 GMT
In article <84abrs$dog$[EMAIL PROTECTED]>,
"Lieven Iliano" <[EMAIL PROTECTED]> wrote:
> I'm looking for a simple RSA source wrote in C. It's just for a
project for
> university used as an example. It doesn't have to be very complex
just with
> little prime ciphers.
> Thanx
> Lieven
>
>
RSA labs ( or whatever they call themselves now ) published reference
code in C for the RSA algorithm. It is freely available but it is a
bit of a pain tracking down a copy ( I wonder why it isn't posted on
ftp.rsa.com ? ). Here's a link:
ftp://ftp.funet.fi/pub/crypt/cryptography/asymmetric/rsa
rsaref v2.0 is the most current.
-James
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Donald Haines <[EMAIL PROTECTED]>
Subject: Re: Secure Delete Not Smart
Date: Tue, 28 Dec 1999 13:41:57 -0500
The only truly secure delete is to remove the platters and to destroy them. If
data can be read after 9 wipes now who is to say that next year it won't be 15 or
20 wipes? If the stored data was encrypted who is to say that it can't be
decrypted ( brute force, finding the key elsewhere, algorithm flaws, etc...)
This is the military's answer to disposal of a HD that had secret information on
it. Of course that doesn't help for a file delete.
Don Haines
------------------------------
From: Matthew Montchalin <[EMAIL PROTECTED]>
Crossposted-To: misc.misc
Subject: Re: HD encryption passphrase cracked!
Date: Tue, 28 Dec 1999 10:50:38 -0800
|>I never lost *any* data from particulate damage. (Don't smoke. And
|>for what it's worth, I happen to run a number of air purifiers in the
|>background -- which isn't good enough to make the area a true 'clean
|>room,' but it is a whole lot better than what you would find in a
|>smoker's house, or a house with lots of pets.)
On 28 Dec 1999, Guy Macon wrote:
|Let me guess... the drive was in the 5 to 500 MB range. Am I right?
|The denser they get, the cleaner they need to be.
Yes, it was ten years ago. :)
And speaking of odd storage devices, what ever happened to Loren
Dangerfield's cubic foot of mass storage --- not a drive --- no
moving parts to speak of --- did it get suppressed from light of
day as a military secret? And if it did, never mind.
------------------------------
From: [EMAIL PROTECTED] (Jim)
Crossposted-To: misc.misc
Subject: Re: HD encryption passphrase cracked!
Date: Tue, 28 Dec 1999 19:16:06 GMT
Reply-To: [EMAIL PROTECTED]
On 27 Dec 1999 21:17:52 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote:
>In <[EMAIL PROTECTED]> Matthew
>Montchalin
><[EMAIL PROTECTED]> writes:
>>medium with a pair of tweezers? Sure, they say that microscopic
>>particles of dirt get into the hard drive, substantially compromising the
>>storage capabilities, but if you really wanted to eradicate every last
>>trace of the data, and yet still be able to use the medium (that is the
>>important part), you can swipe a kitchen magnetic over and around and
>>around the medium before replacing it again. Of course, after doing
>
>Well. I suspect that this would not do much good. A household kitchen
>magnet is not all that strong, and furthermore it has a very low Fourier
>coefficient on the drive surface, so it will not be very effective at
>all in erasing those transients between 0 and 1 on the disk platter. It
>may well mess it up enough to make it unuseable but not enough that
>someone could not recover whatever data was there already. You need a
>very strong alternating magnetic field to do a good job of bulk erasing.
>, and enven then I would worry about leaving the transients detectable.
>Much better to burn it-- make sure the material goes above its Neal
>temperature. Of course that makes it somewhat unuseable afterwards.
Wouldn't you have to take the platters out of the case, thus destroying
the drive?
Would've thought the case would prevent most of the erasing field getting
to the surface of the platters (?)
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Crossposted-To: misc.misc
Subject: Re: HD encryption passphrase cracked!
Date: Tue, 28 Dec 1999 19:16:08 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 27 Dec 1999 16:31:17 -0700, "John E. Kuslich" <[EMAIL PROTECTED]> wrote:
>I have heard stories supposedly originating from one of those three
>letter agencies that indicate a really phenominal level of paranoia
>regarding those old 9-track computer tapes.
>
>The story goes that there are machines available which will take one of
>those big spools of old tape, unwind it at ungodly speed and feed the
>tape into a huge blow torch, thus instantaneously vaporizing the tape as
>it unspools.
>
>Seems nobody really trusts a bulk degausser. Maybe there guys know
>something about magnetic media...:--)
In the early 80s hard discs were cut into pieces, then burned
with a blowtorch or gas welder. They probably still do this.
Wiping is just not considered.
Tapes were simply unspooled, shredded and burned in an extremely hot
furnace.
Magnetic media, once used, were never declassified.
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Crossposted-To: alt.privacy,talk.politics.crypto,talk.politics.misc,talk.politics.drugs
Subject: Re: Encryption: Do Not Be Complacent
Date: Tue, 28 Dec 1999 19:16:13 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 27 Dec 1999 18:07:50 -0800, Anthony Stephen Szopa <[EMAIL PROTECTED]>
wrote:
>Encryption: Do Not Be Complacent
>
>Even though you encrypt your messages with what you believe to
>be excellent encryption, do not necessarily be frank in these
>encrypted communications.
>
>Continue to use code words and euphemistic phrases, etc. that only
>you and your recipient understand. In fact, I would create an
>entirely original vocabulary to communicate sensitive information
>in the plain text.
>
>I would create several specific words and phrases that convey the
>exact same meaning. I guess the best security would be to assign
>certain numbers to represent certain words and phrases. Then have
>any of several numbers represent the exact same word or phrase.
Seems that what you are describing is enciphered code.
I.e. code your message from a codebook (if you can still find
one) then encipher it.
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Subject: Re: Secure Delete Not Smart
Date: Tue, 28 Dec 1999 19:16:16 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 28 Dec 1999 17:55:48 GMT, [EMAIL PROTECTED] (Steve K) wrote:
>On Tue, 28 Dec 1999 19:18:21 +0800, Johnny Fenton <[EMAIL PROTECTED]>
>wrote:
>
>>Steve K wrote:
>>
>>> I also believe that recovering data that has been overwritten more
>>> than a couple of times involves taking the drive apart and using some
>>> very fancy magnetometer gear on it. That sounds pretty expensive.
>>> When you consider the real-world threats that a typical user faces,
>>> it's pretty redundant to worry about attacks that go beyond what can
>>> be done with software alone. Unless it's just a hobby.
>>
>>On that note.. Is there anyone out there who is into physically
>>retrieving data as a hobby? I've always considered it a very interesting
>>one and wonder what type of hardware setups etc. are required. The only
>>information i can find on the web is from large data-recovery lab
>>companies, most of whom use proprietary methods/equipment etc.
>>
>
>This is just speculation on my part, but I rather suspect that the
>recovery methods for overwritten data would involve hooking up digital
>storage oscilloscope with a *huge* custom memory (orders of magnitude
>larger than the drive being examined) directly to the read-head output
>of the drive. You would read the data that may have over-written the
>stuff you want to recover, and use software to look at the small
>variations in output voltage that indicate left-over traces of the
>previously stored bits.
>
>When this fails (as it most likely will, if the data has been
>overwritten with multiple layers of junk per DoD specs for their
>contractors), it's time to go into the clean room and disassemble the
>drive. I don't know the right names of the devices that would be used
>for the recovery, but they would be a variation on the electron
>microscope, and I am sure that they are present wherever R&D is done
>on hard drive design.
>
>Probably not the kind of stuff you would do in your garage.
To avoid further speculation on this erasure business:
Peter Gutman, University of Auckland, NZ published a paper at the 6th
USENIX Security Symposium Proceedings at San Jose on 22 July 1996.
Although I can't find a Web URL in the paper, the author's EMail address
is [EMAIL PROTECTED] and no doubt it wouldn't be too difficult
to search for the paper given this information.
It's quite a long paper with 28 references.
It also goes into the recovery of erased data from RAM. Apparently it _can_
be done, so even if we use a RAMdisc in DOS to do our enciphering, we're
still far from safe!
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Subject: Re: Secure Delete Not Smart
Date: Tue, 28 Dec 1999 19:16:14 GMT
Reply-To: [EMAIL PROTECTED]
On 28 Dec 1999 03:17:28 GMT, [EMAIL PROTECTED] (UBCHI2) wrote:
>Data has been recovered after 9 overwriting wipes according to the PGP manual.
>It seems foolish to secure delete something without encrypting it first. Why
>isn't this ever suggested in the manuals?
At first sight that seems reasonable, but the file you want
to encrypt (assuming computer-aided encryption) must exist in
its plaintext form first, surely? And so would have to be
securely wiped after the encryption process.
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Subject: Re: Secure Delete Not Smart
Date: Tue, 28 Dec 1999 19:16:18 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 28 Dec 1999 11:04:52 -0500, "Trevor Jackson, III" <[EMAIL PROTECTED]>
wrote:
>UBCHI2 wrote:
>
>> Data has been recovered after 9 overwriting wipes according to the PGP manual.
>> It seems foolish to secure delete something without encrypting it first. Why
>> isn't this ever suggested in the manuals?
>
>It you already have a plain copy stored, encrypting it will not prevent someone
>from recovering the plain copy, because the encryption does not replace the plain
>copy. The encrypted file is a separate representaiton of the information in the
>plain file.So the plain file still exists to be recovered.
>
>Even if the excrypted copy replaced the plain copy sector for sector it would not
>hide the plain version of the file because the replacement would only write each
>sector once. To fully erase the plain version of the file you need many writes to
>each sector.
>
>The best answer is to never store plaintext. The information must be encrypted as
>it is stored. Disk encryption software does this for you.
So you're recommending that one always works within an enciphered volume
or partition?
If so, ought you to secure delete plaintext versions which have not
been taken outside the enciphered volume?
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Crossposted-To: alt.politics.org.cia
Subject: Re: Economic Espionage Act of 1996 and the U.S.A. government's violations
Date: Tue, 28 Dec 1999 19:16:20 GMT
Reply-To: [EMAIL PROTECTED]
On 28 Dec 1999 15:48:06 GMT, Eric Chomko <[EMAIL PROTECTED]> wrote:
>In alt.politics.org.cia Jim <[EMAIL PROTECTED]> wrote:
>: On 22 Dec 1999 18:20:50 GMT, Eric Chomko <[EMAIL PROTECTED]> wrote:
>
>: >One world economy and that many more lawyers. Man, to think how much
>: >litigation we have in the US over corporate squabbles and now its going
>: >worldwide. I shutter to think about needing more lawyers and on a global
>: >scale. <shutter>
>
>: Just how do you do that? Shutter.
>
>Ah yes, another Americanism of the English language: shutter. It would
>mean to writhe in disgust. Sort of like drinking a shot of really lousy
>whiskey.
Whisky, please. :o)
I think the condition you describe would be more 'shudder' than 'shutter' (?)
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Subject: Re: Disbelief about Numbers Stations
Date: Tue, 28 Dec 1999 19:16:09 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 27 Dec 1999 14:51:59 -0800, CombatXeroxRepairman <[EMAIL PROTECTED]>
wrote:
>Jim wrote:
>
>> Similarly, why in the age of rapid satellite and fibre-optic communications,
>> do so many embassies use slow outdated conventional 5 letter/figure-group
>> systems on HF radio? Is there some sort of convention that requires them
>> to be twenty years behind the rest of the world? (!!)
>Because in the spook business you don't want to have special equipment to
>receive messages. Just a common short-wave receiver and a notepad.
A short-wave receiver and a one-time-pad would cause raised eyebrows.
A PC and an Internet connection wouldn't!
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Subject: Re: Disbelief about Numbers Stations
Date: Tue, 28 Dec 1999 19:16:11 GMT
Reply-To: [EMAIL PROTECTED]
On 27 Dec 1999 22:58:17 GMT, [EMAIL PROTECTED] (TohuVohu) wrote:
>>Similarly, why in the age of rapid satellite and fibre-optic communications,
>>do so many embassies use slow outdated conventional 5 letter/figure-group
>>systems on HF radio? Is there some sort of convention that requires them
>>to be twenty years behind the rest of the world? (!!)
>
>You may have just hit the nail on the head. Communication with persons in
>third world countries? Remember also that a shortwave radio is unlikely to
>draw as much attention as a burst transmitter or a computer loaded with crypto
>software. In remote region I suppose a shortwave might be the equivalent of
>our tabletop FM radio.
>
>I'm sure almost anyone in the intelligence community knows what these stations
>are but to my knowledge, the answer has never been released to the public.
Certainly they know who they are. They run them!
Identified certainties are: CIA, UK's SIS, Cuban, Mossad, French, German and
many others.
>Training for signals intelligence operators?
Most certainly not. Believe me! They are all illicit.
> Lots of spanish speaking stations - drug dealers making last
>minute changes to orders? Routes? Destinations?
Nope. They'd have been DF'd and rounded up years ago.
>I think the training theory is valid as there are signals that have a hidden
>layer to them. Similar to the principle of stenography where the visible
>message is a diversion. A SIGINT (or is it ELINT?) trainee who found messages
>beneath messages would demonstrate proficiency.
Sigint operators are hard pushed just to copy what they have to, without
having to look too deeply into their intercept.
--
Jim,
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED] (Frank Gifford)
Subject: Re: Secure Delete Not Smart
Date: 28 Dec 1999 14:11:51 -0500
In article <[EMAIL PROTECTED]>,
Donald Haines <[EMAIL PROTECTED]> wrote:
>The only truly secure delete is to remove the platters and to destroy them. If
>data can be read after 9 wipes now who is to say that next year it won't be 15 or
>20 wipes? If the stored data was encrypted who is to say that it can't be
>decrypted ( brute force, finding the key elsewhere, algorithm flaws, etc...)
>
>This is the military's answer to disposal of a HD that had secret information on
>it. Of course that doesn't help for a file delete.
All this stuff about overwriting files assumes that the drive is working
properly. Suppose that after you had put your top secret formula for
Coca-Cola on your hard drive, it started to go bad. The read/write head,
being a physical device, starts to drift away from the proper track and now
it is a little more to the outside than it used to be. Now when you write
data, it's writing a little towards one side of the track, but the other
side of the track still contains your Coca-Cola formula.
You can do the multiple pass overwrite, but you can't guarantee that there
isn't a problem with the drive. You cannot even be sure that the data
has even been overwritten.
In short, the only guarantee of data destruction is physical destruction of
the device. The other alternative is to always leave the drive locked up
in the massive safe of classified data - never to be used for anything
non-classified...
-Giff
--
Too busy for a .sig
------------------------------
From: dave <[EMAIL PROTECTED]>
Subject: Re: Disbelief about Numbers Stations
Date: Tue, 28 Dec 1999 19:47:02 GMT
check out the spooks group on onelist for lots of info and links
Dave
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: Secure Delete Not Smart
Date: 28 Dec 1999 14:51:35 EST
In article <84b21n$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Frank Gifford)
wrote:
>All this stuff about overwriting files assumes that the drive is working
>properly. Suppose that after you had put your top secret formula for
>Coca-Cola on your hard drive, it started to go bad. The read/write head,
>being a physical device, starts to drift away from the proper track and now
>it is a little more to the outside than it used to be. Now when you write
>data, it's writing a little towards one side of the track, but the other
>side of the track still contains your Coca-Cola formula.
Minor correction; modern drives do not depend on mechanical tolerances.
They servo to the center of the track. Everything else you said is 100%
correct, because servos can go bad and be off to one side of the track.
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: File format for CipheSaber-2?
Date: 28 Dec 1999 14:59:35 EST
Is there a standard place to keep the "number of repeats" data? I would
assume that it is desirable that when you run once the output should be
bytet for byte compatable with CipherSaber-1. Is the number of repeats
inserted in the keyphrase? in the initialization vector? What format
would allow other folks who use CipherSaber-2 to decode my message?
Would limiting the number of repeats to 256 be good enough?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
