Re: Obama administration revives Draconian communications intercept plans
On 9/28/2010 1:47 AM, Florian Weimer wrote: Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages. Isn't this just a clarification of existing CALEA practice? In most jurisdictions, if a communications services provider is served an order to make available communications, it is required by law to provide it in the clear. Anything else doesn't make sense, does it? Service providers generally acknowledge this (including Research In Motion, so I don't get why they are singled out in the article). This post from the IETF Wiretapping list [RAVEN] from October, 1999 may be relevant to the discussion. Should Tin Cans and String comply with CALEA? http://www.ietf.org/mail-archive/web/raven/current/msg7.html The question has special significance to me as proprietor of tincansandstring.net -- Josh Rubin jlru...@tincansandstring.net - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Re: MD6 withdrawn from SHA-3 competition
Paul Hoffman wrote: > At 10:39 AM -0700 7/4/09, Hal Finney wrote: > >> But how many other hash function candidates would also be excluded if >> such a stringent criterion were applied? Or turning it around, if NIST >> demanded a proof of immunity to differential attacks as Rivest proposed, >> how many candidates have offered such a proof, in variants fast enough >> to beat SHA-2? >> > > The more important question, and one that I hope gets dealt with, is > what is a sufficient proof. We know what proofs are, but we don't have > a precise definition. We know what a proof should look like, sort > of. Ron and his crew have their own definition, and they can't make > MD6 work within that definition. But that doesn't mean that NIST > wouldn't have accepted the fast-enough MD6 with a proof from someone > else. Mathematicians have a precise definition of what a proof is, thanks to logicians like David Hilbert and Kurt Goedel. But people in all disciplines have a terrible time formulating problems, and remembering the conditions under which a statement was proved. They also quote theorems incorrectly, and errors propagate through the less well-reviewed parts of the literature. -- Josh Rubin jlru...@gmail.com - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com