Cryptography-Digest Digest #583
Cryptography-Digest Digest #583, Volume #14 Sun, 10 Jun 01 23:13:01 EDT
Contents:
Re: Hehehe I found out who David Scott is ("Boyd Roberts")
Re: cubing modulo 2^w - 1 as a design primitive? (Boris Kazak)
Re: National Security Nightmare? ("Boyd Roberts")
Re: National Security Nightmare? ([EMAIL PROTECTED])
Re: National Security Nightmare? ("Boyd Roberts")
Re: Uniciyt distance and compression for AES ("Boyd Roberts")
Re: Alice and Bob Speak MooJoo ("Douglas A. Gwyn")
Re: Help with Comparison Of Complexity of Discrete Logs, Knapsack, and ("Douglas
A. Gwyn")
Re: Alice and Bob Speak MooJoo ("Boyd Roberts")
Re: Alice and Bob Speak MooJoo ("Boyd Roberts")
Re: Best, Strongest Algorithm (gone from any reasonable topic) - VERY LONG (John
Savard)
Re: cubing modulo 2^w - 1 as a design primitive? ("Tom St Denis")
Re: National Security Nightmare? (JPeschel)
Re: National Security Nightmare? ("Tom St Denis")
Re: National Security Nightmare? (JPeschel)
Re: Uniciyt distance and compression for AES ("Tom St Denis")
Re: National Security Nightmare? ([EMAIL PROTECTED])
Re: National Security Nightmare? (JPeschel)
Re: National Security Nightmare? ("Boyd Roberts")
Re: Best, Strongest Algorithm (gone from any reasonable topic) - VERY LONG
(SCOTT19U.ZIP_GUY)
Re: National Security Nightmare? (JPeschel)
From: "Boyd Roberts" <[EMAIL PROTECTED]>
Subject: Re: Hehehe I found out who David Scott is
Date: Mon, 11 Jun 2001 01:51:38 +0200
well after not reading the group for about two years the french
expression:
plus ça change, plus la même chose
springs to mind.
same slaughtering of the english language complete with the
obligatory set of 6 steak knives...
oops, no, i mean scott.zip 'encryption'.
what a package. free at sci.crypt or an ftp site near you.
--
From: Boris Kazak <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: cubing modulo 2^w - 1 as a design primitive?
Date: Sun, 10 Jun 2001 23:57:20 GMT
Tom St Denis wrote:
> I thought if p is your modulus, the order is at most a multiple of p-1?
>
> How do you explain it being a bijection for p=255?
>
> Tom
===
Cubing (and modular multiplication in general) can be a bijection
when the multiplier and the modulus are mutually prime.
In this case the multiplicative inverse exists, and the operation
can be reversed.
In case of a composite modulus (e.g. 255) the multiplicative inverses
do not exist for numbers that have common factors with the modulus.
So, for example 31^3 mod 255 will be a bijection, but 30^3 mod 255
will not, because 30 does not have a multiplicative inverse mod 255.
Best wishes BNK
--
From: "Boyd Roberts" <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Mon, 11 Jun 2001 02:18:36 +0200
"Tom St Denis" <[EMAIL PROTECTED]> a écrit dans le message news:
is8U6.60161$[EMAIL PROTECTED]
>
> So it is in fact "A plethora of people is here" since it's only one
> plethora?
the word 'people' forces you to use 'are'.
--
Subject: Re: National Security Nightmare?
From: [EMAIL PROTECTED]
Date: 10 Jun 2001 20:27:24 -0400
"Boyd Roberts" <[EMAIL PROTECTED]> writes:
> "Tom St Denis" a écrit:
>>
>> So it is in fact "A plethora of people is here" since it's only one
>> plethora?
>
> the word 'people' forces you to use 'are'.
Incorrect. ``A plethora is here.'' ``Really? What sort of plethora?''
``A plethora of people.''
Len.
--
> We [hackesses] about our lives like most human beings, maybe even
> a little better.
Or in your case, a little dumber.
-- Phrack Magazine
--
From: "Boyd Roberts" <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Mon, 11 Jun 2001 02:29:30 +0200
"JPeschel" <[EMAIL PROTECTED]> a écrit dans le message news:
[EMAIL PROTECTED]
> Nope, if you want to use the passive voice, the verb should be "is."
the passive is used to indicate an event but not who did it:
s/he got flamed
it uses the past participle, and is not influenced by the verb.
> Here is a
> way you can see that for yourself. Open MS-Word, or any word processor that can
> check formal English
> grammar. Make sure the options are set to check formal English. Now type:
> "A bunch of nuts are claiming it means one thing." Word will suggest: "A bunch
> of nuts is" o
Cryptography-Digest Digest #583
Cryptography-Digest Digest #583, Volume #13 Sun, 28 Jan 01 23:13:01 EST
Contents:
Re: Dynamic Transposition Revisited (long) (Mok-Kong Shen)
Re: proving x^ed mod n = x ([EMAIL PROTECTED])
Re: William's P+1 ("Michael Scott")
Re: Why Microsoft's Product Activation Stinks (Matthew Montchalin)
Re: Why Microsoft's Product Activation Stinks (Matthew Montchalin)
Re: finding inverses and factoring (Paul Crowley)
Re: Why Microsoft's Product Activation Stinks (Bill Unruh)
Re: Cryptographic Windows APIs or OCX? (David Hopwood)
Re: Mr Szopa's encryption (was Why Microsoft's Product Activation Stinks) (Taneli
Huuskonen)
Re: Primality Test ("Matt Timmermans")
Re: Primality Test ("Matt Timmermans")
Re: "Enigma" at Sundance (John Savard)
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Dynamic Transposition Revisited (long)
Date: Sun, 28 Jan 2001 23:50:48 +0100
Terry Ritter wrote:
>
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>
> >Terry Ritter wrote:
> >>
> >> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
> >>
> >> >[...]
> >> >I suppose you have a different and problematical concept
> >> >of the (THEORETICAL) OTP. The bit sequence of OTP is by
> >> >definition/assumption unpredictable. If a 'claimed' OTP
> >> >uses a predictable bit sequence and consequently is weak
> >> >as you said, then it is by definition NOT an OTP, though
> >> >snake-oil peddlers used to call that OTP.
> >>
> >> OK, then, in practice, there can be no OTP at all, since, in general,
> >> it will be impossible to prove in practice that any bit sequence
> >> actually is unpredictable.
> >>
> >> Clearly we can't compare a cipher which is designed to work in
> >> practice to one which cannot. Yet that was exactly what you tried to
> >> do.
> >
> >The last sentence is FALSE.
>
> Really?
>
> From: Mok-Kong Shen <[EMAIL PROTECTED]>
> Newsgroups: sci.crypt
> Subject: Re: Dynamic Transposition Revisited (long)
> Date: Fri, 26 Jan 2001 23:26:55 +0100
> Message-ID: <[EMAIL PROTECTED]>
>
> "But the point is whether your DT is on a par with the
> theoretical OTP or perhaps better than it. So it is a
> 'theoretical' question, not a technical question."
>
> >It was you who made a comparison
> >of your DT with the OTP and claimed even superiority over
> >it.
>
> From the "Revisited" article:
>
> "When every plaintext block is exactly bit-balanced, any
> possible plaintext block is some valid bit-permutation of
> any ciphertext block. So, even if an opponent could
> exhaustively un-permute a ciphertext block, the result
> would just be every possible plaintext block. No particular
> plaintext block could be distinguished as the source of the
> ciphertext. This is a form of balanced, nonlinear combining
> of the confusion sequence and data block: as such, it is
> related to XOR, Latin squares, Shannon "perfect secrecy,"
> and the one-time-pad (OTP).
>
> "The inability to distinguish a particular plaintext, even
> when every possibility is tried, is basically the advantage
> claimed for the OTP. It is also an advantage which the OTP
> cannot justify in practice unless we can prove that the OTP
> keying sequence is unpredictable, which generally cannot be
> done. That makes the practical OTP exceedingly "brittle":
> if the opponents ever do gain the ability to predict the
> sequence, they may be able to attack many messages, both
> future and past. That would occur in the context of a
> system supposedly "proven" secure; as usual, the user would
> have no indication of security failure.
>
> "Dynamic Transposition does not need the assumption of
> sequence unpredictability, because the sequence is hidden
> behind a multitude of different sequences and permutations
> which all produce the same result. And if the sequence
> itself cannot be exposed, exploiting any predictability in
> the sequence will be difficult. (This of course does not
> mean that Dynamic Transposition cannot be attacked:
> Brute-force attacks on the keys are still imaginable, which
> is a good reason to use large random message keys.)"
>
> So exactly what about "an advantage which the OTP cannot justify in
> practice" do you not understand?
I was referring to your claim in the 'original' thread of
DT where you claimed superiority of DT over OTP. Apparently
you have forgotten what you
Cryptography-Digest Digest #583
Cryptography-Digest Digest #583, Volume #12 Thu, 31 Aug 00 22:13:01 EDT
Contents:
Post-ADK bug blues ("A. Melon")
Re: QKD and The Space Shuttle (wtshaw)
Re: Remark on practical predictability of sequences (Mok-Kong Shen)
Re: QKD and The Space Shuttle (Brian Thorn)
Re: more on that neat prime generator ([EMAIL PROTECTED])
Re: one-time pad question (Mr. Ian E. Yolk)
Re: an attack for stream ciphers ([EMAIL PROTECTED])
Re: an attack for stream ciphers ([EMAIL PROTECTED])
Re: QKD and The Space Shuttle (Markus Mehring)
Re: blowfish problem ("Kelsey Bjarnason")
Re: blowfish problem ("Bruce G. Stewart")
Re: blowfish problem (Kaz Kylheku)
test (Jim Walsh)
Re: QKD and The Space Shuttle (John Savard)
Re: QKD and The Space Shuttle (John Savard)
Date: Thu, 31 Aug 2000 14:12:19 -0700
From: "A. Melon" <[EMAIL PROTECTED]>
Subject: Post-ADK bug blues
The discovery that Mallory can tamper with PGP v4 self-signatures
to insert ADK's and thus trick certain newer versions of PGP into
giving the session key to Mallory is pretty upsetting, especially
in view of the fact that (1) GnuPG uses the v4 format (even though
it isn't vulnerable to ADK's itself, Mallory can still tamper with
keys generated by GnuPG to trick PGP users of the key), and (2) the
other family of freeware public key systems, namely Pegwit and its
derivatives (Pegwit-W and CryptoKong), has also bit the dust.
It appears that if you want a general PC cryptosystem that can
generate a public key that is secure, we are stuck with the ADK-free
PGP v3 signature format, which means using software from the PGP v2.6
stable and its derivatives. However, PGP 2.6.3i (the most popular
in this category, especially after the RSA patent expires and
Americans can start using it legally) is not without its problems.
Ideally, I would like a system where the public key is at least as
secure as the 128-bit symmetric session key, which is not the case
when you are limited to 2048-bit RSA. Likewise, the hash function
ought to achieve that level of security too, especially if you plan to
use the cryptosystem for clearsigs - but MD5 comes up short in this
regard.
My question is: what is the best software option for minimizing these
shortcomings? I know the Cyber-Knights Templar have come up with a
derivative of PGP 2.6 that allows bigger RSA key sizes. Likewise, the
pgpi.org page has links to a variant called Even-Better Privacy v2.7,
that allows one to subsitute HAVAL for MD5 as the hash function.
Unfortunately, there doesn't seem to be a PGP 2.6 variant that does
both, and I have no idea how trustworthy either the CKT or EBP
software is. Has anyone taken a careful look at these PGP v2.6
variants? And assuming that they are both trustworthy, which is the
lesser of two evils - MD5+big RSA keys, or HAVAL+2048-bit RSA? Or is
there some other software I'm overlooking?
Maybe these "evils" aren't really that much of a problem in practical
terms, but a lot of people said the same thing about using the v4
signature format too. In this business, one can't be too paranoid.
--
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: sci.space.shuttle,talk.politics.crypto
Subject: Re: QKD and The Space Shuttle
Date: Thu, 31 Aug 2000 14:59:47 -0600
In article <[EMAIL PROTECTED]>, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
> David A Molnar wrote:
> >
> [snip]
> > The problem with all of these protocols is that if an adversary can
> > replace the random beacon with his own source, all bets are off.
> > So some people would *like* to see a satellite in the sky broadcasting
> > random bits to the world. There will still be issues with ground-side
> > jamming and with authentication of the satellite, though, which are
> > not yet fully ironed out (at least not that I've seen).
>
> Isn't the trouble in principle the same with certification
> where one needs some trust/belief on a third party, in
> other words there is some non-objectivity that can NEVER
> be entirely disposed of?
>
> M. K. Shen
Yes, just when are you ready to trust imperfect strangers who interests
are likely to viewed by them as superior to your own. All the propaganda
to the contrary is the real snake oil.
--
A Pangram:
Fast girls show jugs to vex quizical boys, plus mankind.
--
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Remark on practical predictability of sequences
Date: Fri, 01 Sep 2000 00:01:31 +0200
"John A. Malley" wrote:
>
> Does enciphering the output of a fast and predictable PRNG always
> generate an unpredictable output sequence if the applied cipher is
> secure? A draft paper considering a specific example is no
Cryptography-Digest Digest #583
Cryptography-Digest Digest #583, Volume #11 Thu, 20 Apr 00 06:13:00 EDT
Contents:
Help With PGP's Newest TLS/SSL toolkit for linux. ("Jeff Hamilton")
Review of CryptoBag (Tom St Denis)
Re: Q: NTRU's encryption algorithm (David A Molnar)
Re: Text File Encryption ("Joseph Ashwood")
Re: GSM Man-in-the-Middle (David Hopwood)
Re: password generator ("Trevor L. Jackson, III")
Re: password generator (Tom St Denis)
Re: diff between Symetric and Asymetric Keys (JPeschel)
Re: Q: NTRU's encryption algorithm (Diet NSA)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Anthony Stephen Szopa)
From: "Jeff Hamilton" <[EMAIL PROTECTED]>
Subject: Help With PGP's Newest TLS/SSL toolkit for linux.
Date: Wed, 19 Apr 2000 17:23:38 -0700
Has anyone had much luck developing with PGP's Newest TLS/SSL toolkit?
I received a trial version for developersbut it is not intuitive to say
the least. Also, they said it performs RSA Key-Gen and Verification, and I
see RSA referenced in the lib functionsbut I can't implement them. If
you have worked with it please let me know. I'm simply trying to create
either a Key-Gen Function or have a simple SSL client to make a connection
and verify a cert.
Thanks,
Jeff
--
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Review of CryptoBag
Date: Thu, 20 Apr 2000 00:42:42 GMT
I was wondering if some of the people who downloaded CryptoBag could
post a short reply to this message about their impressions? I need some
references that I could use in an introductory letter for university.
Generally what did you think of my coding style, and efficiency,
praticallity.
Thanks,
Tom
--
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Q: NTRU's encryption algorithm
Date: 20 Apr 2000 00:40:00 GMT
David Hopwood <[EMAIL PROTECTED]> wrote:
> I don't remember the discussion a few months ago, but I'm extremely
> skeptical of any claim that lattice-based cryptosystems are necessarily
> secure against quantum computers.
As I understand it, the reasoning goes like this :
* The closest vector problem (CVP) is NP-hard for exact answers, and for
constant approximation factors (not sure what the sharpest factor
is, exactly).
* There are results which show that Grover's algorithm on a quantum
computer, with its sqrt(n) speedup, is optimal in the model of
computation where all you can do is check to see if you have the
right answer. Put another way, if you're not allowed to look at
any "extra structure" beyond the fact that the problem is in NP,
then you can only get sqrt(n) speedup over a classical computer.
Yet another way of saying it might be that there is no "generic"
quantum algorithm which can solve every problem in NP in polynomial
time.
I can't remember the references now, but I think there's a paper due
to Jozsa in the lanl archives on the subject.
* This seems to support a conjecture that BQP != NP -- that is, the
class of languages decidable in a polynomial number of measurements
on a quantum computer isn't the same as NP. It's not conclusive,
because it could still be the case that every NP problem has a
separate fast quantum algorithm tailor made for it.
In fact, we know of at least two NP problems which _do_ have separate
fast quantum algorithms tailor made for them -- factoring and discrete
logarithms. Unfortunately.
* If you could solve the Closest Vector Problem exactly using a fast
quantum algorithm, then you can solve for everything in NP.
This would imply that BQP \superseteq NP, contrary to the conjecture
above.
* Therefore, a "lattice based cryptosystem" which relies on the CVP
probably doesn't have a fast quantum algorithm, right??
* Except one or two things :
- It's not clear to me if a fast quantum algorithm for
CVP would contradict the optimality results on Grover's
algorithm. Why? Because the algorithm + the reduction
from each problem to SVP would clearly use some special
"structure" of the problem which I do not know to be
covered by the optimality results.
Then again, I have _not_ made any kind of comprehensive
study on these results. I just read over a paper or two
last year which mentioned this...
There may be other reasons to believe BQP != NP.
- Solving the SVP exactly is NP-hard. Solving the CVP
to within an error factor of O(2^n) is doable in
polytime by the LLL basis reduct
Cryptography-Digest Digest #583
Cryptography-Digest Digest #583, Volume #10 Wed, 17 Nov 99 18:13:03 EST
Contents:
Re: AES cyphers leak information like sieves ("Douglas T. Yoest")
Re: AES cyphers leak information like sieves (SCOTT19U.ZIP_GUY)
Re: ATTN Scott Nelson (Scott Nelson)
Re: weak ciphers and their usage ("Gary")
Re: AES cyphers leak information like sieves (SCOTT19U.ZIP_GUY)
Re: AES cyphers leak information like sieves (SCOTT19U.ZIP_GUY)
Re: NSA should do a cryptoanalysis of AES (albert)
Serpent speeds tested (albert)
Weak keys in Rijndael? What happened to that? (albert)
What part of 'You need the key to know' don't you people get? (Tom St Denis)
Date: Wed, 17 Nov 1999 15:38:29 -0800
From: "Douglas T. Yoest" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: AES cyphers leak information like sieves
Not everyone is only interested in cryptography for the internet. While
global, its very narrowing.
Doug
"SCOTT19U.ZIP_GUY" wrote:
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
wrote:
>DJohn37050 <[EMAIL PROTECTED]> wrote:
>
>: This is known as the self-syncronizing property of CBC mode.
You only lose 2
>: blocks due to a bit flip. Check it out if you do not believe
it.
>
>OK, then - I'll look it up.
It is well known back in the morsecode
days one needed a way to
get back in synch. Today it called error correcting and all the 3 letter
ways of chaining have this "feature" but the only people who can really
use the feature today are those breaking codes. The system protocol
of the internet should keep your messages intact. It is foolish in
todays
world to have these features part of encrption. The only reason it
is still
there is inertia of the public crypto community and the fact the NSA
likes people to use these old ways of chaining blocks.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip">http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm">http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm">http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm">http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
--
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: AES cyphers leak information like sieves
Date: Wed, 17 Nov 1999 21:47:49 GMT
In article <[EMAIL PROTECTED]>, Volker Hetzer
<[EMAIL PROTECTED]> wrote:
>SCOTT19U.ZIP_GUY wrote:
>> True but the purpose of some encryption is to make the data as hard as
>> possible for the attacker to recover. So you can add security by hiding the
>> information through out the whole file.
>How much security do you gain over a bidirectional CBC with a cipher of
>a blocksize of 128 bit?
>How much over a normal CBC with a cipher of a blocksize of 128 bit?
>
>The fact that in case of modifications not everything decrypts to garbage
>is no problem at all as long as a hash is included in the plaintext.
>
>> Standard 3 letter chaining methods
>> give a false since of security by giving the illusion of hiding data through
>> out the whole file.
>They don't give a false sense of security and no illusion either. They just
> exist
>and have properties that are easy to see for everyone.
>
>> As my procedure shows. When you edit a file that uses block encyption
>> with standard 3 letter chaining even if you do several passes of CBC when
>> you decrypt the modifed file only a small set of blocks come bach with
> errors.
>What's the point?
>The modes are there to hide plaintext patterns and to prevent dictionary
>attacks. They do exactly that.
>
The point is they don not spread information through the file so that
a code breaker needs to only analyize a small fragment of the file.
If one wants true security one should have the option of using chaining
that does not mod the file length and does spread information through the
file. Of course your happy with the status quo and may the NSA bless you
for your weak sighted beliefs.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
--
From: [EMAIL PROTECTED] (Scott
Cryptography-Digest Digest #583
Cryptography-Digest Digest #583, Volume #9 Sun, 23 May 99 11:13:02 EDT
Contents:
Re-post (Off Topic) ("rosi")
Data dependant bit permutation ([EMAIL PROTECTED])
Re: HushMail -- Free Secure Email
Re: HushMail -- Free Secure Email
Re: HushMail -- Free Secure Email (John Kennedy)
Re: Biprime Cryptography, Part II (wtshaw)
ASDIC ("Skint")
Re: ASDIC ("Åke Hellgren")
Re: Cryptonomicon Review (David Wadsworth)
SV: Europe and USA encryption export restrictions ("Claes & Gunn Irene")
Re: HushMail -- Free Secure Email (David Crick)
SV: Oh! Before I get some sleep is DES international yet? ("Claes & Gunn Irene")
Re: HushMail -- Free Secure Email (John Kennedy)
Can I have some opinions please? (Pwrk)
Re: HushMail -- Free Secure Email
Re: HushMail -- Free Secure Email
From: "rosi" <[EMAIL PROTECTED]>
Subject: Re-post (Off Topic)
Date: Sat, 22 May 1999 17:50:14 -0400
Sorry to post here (again). However, some people might be interested or know
people who might.
I am offering my cryptographic invention for 'free', i.e. If you are
interested in paying for the filing and maintenance in exchange for the
exclusive patent rights, please go to the news group
alt.inventors
and look for a thread, subject titled:
Cryptographic Invention
Sorry for any inconvenience this causes.
--- (My Signature)
P.S.
Last I checked the previous post could be seen but now I can't.
Sorry to waste the bandwidth. I always seem to have problems
to have my server working right.
--
From: [EMAIL PROTECTED]
Subject: Data dependant bit permutation
Date: Sun, 23 May 1999 01:55:45 GMT
I found in ICE a keyed bit-permutation which is quite interesting to
look at. It doesn't however deter differntial analysis well.
Are there any data-dependant bit permutations of the same genre out
there?
Tom
--
PGP public keys. SPARE key is for daily work, WORK key is for
published work. The spare is at
'http://members.tripod.com/~tomstdenis/key_s.pgp'. Work key is at
'http://members.tripod.com/~tomstdenis/key.pgp'. Try SPARE first!
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
--
From: [EMAIL PROTECTED] ()
Subject: Re: HushMail -- Free Secure Email
Date: 23 May 99 03:10:44 GMT
[EMAIL PROTECTED] wrote:
: Other than that, it is of great importance (and the only real way of
: being sure that hushmail is what it's pretending to be) that their
: source is analysed COMPLETELY.
I could be worrying needlessly, but of course it's just as important to
compare the object code against the source, to ensure they match. That it
doesn't let me download first, and install (maybe after upgrading my
browser later) later, completely off-line, is worrisome.
This doesn't prove there's anything wrong, but obviously it will provoke
some concern.
And compiling a list of the E-mail addresses of people interested in
encrypting their communications...
John Savard
--
From: [EMAIL PROTECTED] ()
Subject: Re: HushMail -- Free Secure Email
Date: 23 May 99 03:15:17 GMT
Roger Schlafly ([EMAIL PROTECTED]) wrote:
: Terry Ritter wrote in message <[EMAIL PROTECTED]>...
: >But even if not, if the code was developed outside the US, how is
: >*importing* it a problem?
: I don't know. If circumventing the US export laws were that simple,
: Microsoft and others would user a foreign unit to develop outside the
: US.
Well, Sun does do something like that.
Essentially, the export laws prohibit a U.S. resident or citizen from
- exporting cryptographic software,
- writing such software while abroad,
- directly assisting people abroad who are writing such software,
- having foreign employees write such software abroad.
But they *can* purchase encryption software from a foreign firm, whether
it is off-the-shelf, or _custom-designed to their specifications_. That is
the only "loophole" in the export laws as they now stand, and it takes
good legal advice to walk through it.
John Savard
--
From: [EMAIL PROTECTED] (John Kennedy)
Subject: Re: HushMail -- Free Secure Email
Reply-To: [EMAIL PROTECTED]
Date: Sun, 23 May 1999 04:22:01 GMT
On Sat, 22 May 1999 11:18:07 +0100, David Crick <[EMAIL PROTECTED]>
wrote:
>Total security would also require users to be running 128-bit crypto
>browsers, something which isn't clearly stated on the web site.
>
>public/private keys are stored on their server, encrypted with Blowfish.
>
>Assuming this isn't some Three Letter Agency scam (*g*), they appear
>to have reproduced the nym system, but without the remailing.
Assuming the source code checks out
