Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #13 Mon, 5 Mar 01 00:13:01 EST Contents: Why do people continue to reply to Szopa? (Paul Crowley) Re: sci.crypt? (David A Molnar) Re: OverWrite freeware completely removes unwanted files fromharddrive (Benjamin Goldberg) How 'bout Borg whore Yelena Perhunkova? She's a Internet Cock Huntress - ask Igor Chudov {Re: Is BORG mental patient Linda Gore SSRIHater?? Re: Fake SSRIHATER ("--" <-->) Re: super strong crypto, phase 3 (John Savard) Re: Monty Hall problem (was Re: philosophical question?) (Adam Stephanides) Re: The Big Breach (book) available for download (Fogbottom) Re: "RSA vs. One-time-pad" or "the perfect enryption" (Steve Meyer) Re: super strong crypto, phase 3 (Steve Portly) Re: The Foolish Dozen or so in This News Group (Crypto Neophyte) Crossposted-To: alt.hacker Subject: Why do people continue to reply to Szopa? From: Paul Crowley <[EMAIL PROTECTED]> Date: Mon, 05 Mar 2001 01:54:54 GMT William Hugh Murray <[EMAIL PROTECTED]> writes: > Dan Beale wrote: > > > "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED]... > > > > > > Having cleared my kill-filter i am _amazed_ to find you still trolling the > > crypto groups Anthony. Have you learnt any math yet? > > No, but not because we have not tried to teach him. > > Would you leave if you were getting the attention he gets? Can someone explain this to me? I've never written an article that addressed Szopa directly, and I never plan to; he's clearly a loon who will never learn anything. The only reason to post a followup to something he's written is to warn off newcomers who might otherwise believe some outlandish claim or other. Yet many highly intelligent and knowledgable people waste a great deal of effort trying to explain basic facts about computer security to a man who is clearly unable to grasp them. Why? If you think he's a troll then don't feed him. If you think (as I do) that he's sincerely clue-resistant, what's the point? -- __ \/ o\ [EMAIL PROTECTED] /\__/ http://www.cluefactory.org.uk/paul/ -- From: David A Molnar <[EMAIL PROTECTED]> Subject: Re: sci.crypt? Date: 5 Mar 2001 02:09:54 GMT Tom St Denis <[EMAIL PROTECTED]> wrote: > Does anyone know the exact date sci.crypt was last a discussion forum about > "scientific cryptography"? there's some discussion here which is of scientific merit. it comes and goes. most recently, I've been skimming the discussion of Rabin's new scheme. almost all of it is civil, and most of it is thoughtful. I haven't had the time to read other threads. > I want to make a head stone for the group... hehehe I'm not sure that it's worse here than elsewhere on Usenet. > Can we come to a consensus of "on topic" traffic please? I see cross posts > from alt.kkk, alt.2600, alt.pedophile.looky.here, etc... seriously... who's "we" ? I doubt that any of the "regulars" are crossposting to these groups, and I also doubt that others will pay much attention to a followup scolding them for being off-topic. -David -- From: Benjamin Goldberg <[EMAIL PROTECTED]> Crossposted-To: alt.hacker Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive Date: Mon, 05 Mar 2001 02:33:06 GMT Anthony Stephen Szopa wrote: > > Benjamin Goldberg wrote: > > > > Szopa, you are an utter moron. Didn't you read what I wrote? > > > > A sucessful close operation merely means that the entry in the list > > of open files is removed. > > > > Sure, your program "closes" sucessfully. > > > > What does that have to do with disk writes? > > > > You call the fclose() instructioction, which in turn calls close() > > on the file descriptor. It's removed from the list of open files. > > The dirty pages remain in cache. (The OS will write them out, > > eventually, but nothing has yet happened to make this urgent.) You > > open the file again. This creates a new entry in the list of open > > files, and returns an index to that list (the file descriptor). > > IIRC, This becomes the _fildes element of the (FILE*) struct. You > > write to the file. The OS says to itself, hey, I still have some > > dirty pages in cache for that file, and so your write() operation > > modifies the contents of those pages. You call close again. It > > successfully removes the entry from the list of open files. It > > therefor returns a 'sucess'
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #12 Sat, 30 Sep 00 09:13:01 EDT Contents: Re: Deadline for AES... ("Brian Gladman") Re: IBM analysis secret. ("Brian Gladman") Re: Carnivore article in October CACM _Inside_Risks (Nemo psj) Re: AES annoucement due Monday 2nd October ("Brian Gladman") Re: Deadline for AES... (Mok-Kong Shen) Re: AES annoucement due Monday 2nd October (Mok-Kong Shen) Re: NIST Statistical Test Suite (Mok-Kong Shen) Re: Chaos theory (Mok-Kong Shen) Re: Deadline for AES... (Mok-Kong Shen) Re: Chaos theory (Tim Tyler) Re: Chaos theory (Tim Tyler) Re: Chaos theory (Tim Tyler) Re: Question on biases in random-numbers & decompression (Tim Tyler) Re: AES annoucement due Monday 2nd October ("Brian Gladman") Re: RSA and Chinese Reminder Theorem (Paul Schlyter) Re: NIST Statistical Test Suite (Mathew Hendry) Re: NIST Statistical Test Suite (Mark Carroll) From: "Brian Gladman" <[EMAIL PROTECTED]> Subject: Re: Deadline for AES... Date: Sat, 30 Sep 2000 08:24:42 +0100 "John Myre" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > Brian Gladman wrote: > > > > > In my view the purpose of the comment period will be to make the > > specifications of the algotihm(s) and the modes of operation as precise as > > possible in order to help ensure that different implementations can > > interoperate effectively whenever necessary. > > > I agree with all the points (including the snipped ones), except > to point out that it is possible (likely in my opinion) that > the modes of operation will be addressed in a separate document. > > That is the way they did it for DES; FIPS 46 for the algorithm > and FIPS 81 for the modes of operation. It doesn't look like > they've kept 81 up; all the latest stuff is in "special publications" > now (e.g. 800-20). I agree that there are likely to be two documents. Brian Gladman -- From: "Brian Gladman" <[EMAIL PROTECTED]> Subject: Re: IBM analysis secret. Date: Sat, 30 Sep 2000 08:30:33 +0100 "Sundial Services" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > Brian Gladman wrote: > > > > "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED]... > > > Brian Gladman wrote: > > > > "SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote: > > > > > Having worked in the government for 26 years. I would take anything > > > > > a corporation says with a grain of salt. Numberous times govenment > > > > > employess did all the work and then later the BIG CORPARATIONS with > > > > > money acted like they did something. My view is that the boys at IBM > > > > > never where given the reasons for DES and just went along with the NSA > > > > > just as they most likely were never given an honest reason why it was > > > > > 56 bytes instead of 64. > > > > bits, not bytes, if you are referring to the DES key length. > > > > And the earlier statement is about what Don Coppersmith has said, not > > about > > > > what IBM has said. > > > > > > Not only that, but he has the wrong idea of how the work > > > was done, by whom, and under what conditions. > > > > Agreed. > > > > Brian Gladman > > > NSA and CIA have been called "the real R&D department of the > technological world," because they are willing and able to spend for > [only] the latest and greatest -- provided you can keep it all secret, > even to the point of acting like no secret exists. Far from being an > enemy of "big corporations," they work quite closely with them. And DoD too. However, this is a different point to the one I was supporting. Brian Gladman -- From: [EMAIL PROTECTED] (Nemo psj) Subject: Re: Carnivore article in October CACM _Inside_Risks Date: 30 Sep 2000 07:53:18 GMT Ge and all my elders say 1984 will never be upon us... hmm i'd beg to differ it isnt already here and growing. -- From: "Brian Gladman" <[EMAIL PROTECTED]> Subject: Re: AES annoucement due Monday 2nd October Date: Sat, 30 Sep 2000 09:21:45 +0100 "John Savard" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > On Fri, 29 Sep 2000 17:09:27 -0600, John Myre <[EMAIL PROTECTED]> > wrote, in part: > >John Savard wrote: > > > >> This is the *first* time they have, to my knowledge, laid claim to >
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #11 Wed, 17 May 00 16:13:01 EDT Contents: Re: Chosen plaintext attack, isn't it absurd? ("C. Prichard") Re: NIST releases final AES comments (David Crick) Re: Theoretical question (Mok-Kong Shen) Re: Jobs at Cloakware (David A Molnar) Re: Crypto & UNICODE??? (Mok-Kong Shen) Re: QUESTIONS About ALGOS !! (Eric Lee Green) Re: Diffie's Randomized Stream Cipher (Tim Tyler) Re: AES final comment deadline is May 15 ("Michael Scott") Re: Key generation (Eric Lee Green) Re: AES final comment deadline is May 15 (Roger Schlafly) Re: Turing's Treatise on Enigma (pink aka Chr. Boesgaard) Re: problem solving ("Axel Lindholm") From: "C. Prichard" <[EMAIL PROTECTED]> Subject: Re: Chosen plaintext attack, isn't it absurd? Date: Wed, 17 May 2000 15:53:23 GMT I don't think your decryption process is criticized. Message security has much to do with the perceived integrity of your = encryption, not your decryption process. The message actually contains = all the essence assuming you have done everything properly in your = algorithm. Key domain is important. This and the desire to compress data for = transmission were two of the biggest reasons to move to 'blocking' = ciphers with mapped output a few years ago. I'm still learning a few of = the peculiar seeming things about the reasons for believing that the = block ciphers are better. As for my own work I has developed a cipher that uses a restricted = domain in creating ciphered output that can be transmitted in the = default protocol. The problem with a restricted domain of input = characters is that the number of key combinations are reduced = proportionate to your restriction. I new about it but have been = demonstrating the performance of the cipher anyway looking for someone = to give me advice more positive than the "Why not use one that works?"=20 I come back to the cipher when there is time for it. Recently I learned = that security analysis is based on many things, but there is a nearly = universal expression for the relative strength assuming only a brute = force attack can convincingly deliver the plaintext message and key. Apparently a double cipher is considered a little silly, because if you = do can the job properly in one pass, why bother to do it over again? = This is one of the problems I have with CipherText in the community = because it was largely developed by an ignorant person and wreaks of it = with the atrocious double pass cipher.=20 Because I truly believed that there should be more analysis done than = merely calculating the extent of the possible key domain, I parlayed the = work. Its not difficult to do and will give you insight on the relative = strength of your encryption if you examine the key domain. For example 56 bit DES uses 7 keys all having 256 possible ordinate = values. 256 ^ 7 =3D 7.205 E + 16 is a relative indication that will tell = you how strong the encryption is. The calculation assumes a purely = random cipher and set of keys (theoretically possible but hardly ever = the case.) 128 bit DES gives you 3.402 E +38 for a strength index based = on the cipher key combinations. I took these numbers in and then I calculated the strength of my = CipherText cipher with the restricted key domain. With 8 key characters = each having 10 possible ordinate values, the calculation is 10 ^ 8 =3D 1 = E +8. This is the strength when using numeric values only for key = elements. To put things in perspective, there is quickly an assumption that the = DES cipher is superior to CipherText giving hundreds of millions of = times greater message diversity because of the key combinations. This is = where most cryptologists lose interest real fast in YOUR so called = 'work'. I used my algorithm to develop demonstrations of various uses within the = default protocol sending encrypted text back and forth at lightning = speed and giving myself all the credit in the world for a job well done = proving that it can still be done. You are aware that the US government is looking at 512 bit ciphers that = deliver E +300 possible encryption keys aren't you? Its mind boggling to = think that its even necessary, but the experts say it is. Anyway, I learned recently of an Old technique called 'the whitening' of = ciphered messages. Apparently in the days before block ciphers, someone = figured out that they could use numeric keys, and then use a set of = random ordinates to MASK the first message giving it a 'whiter' (more = random I assume) domain. The idea occurred plausible to me after = thinking about an analogy to creating a set of values called a number = and them articulating a change to its BASE. The result of course being a = different-looking number. In my m
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #10 Tue, 28 Dec 99 13:13:01 EST Contents: Re: More idiot "security problems" (CLSV) Re: Economic Espionage Act of 1996 and the U.S.A. government's violations (Eric Chomko) Re: Secure Delete Not Smart ("Trevor Jackson, III") Re: More idiot "security problems" ("Brian Gladman") Re: Employing digits of pi (James Felling) Re: unbreakable? (Keith Monahan) Re: Encryption: Do Not Be Complacent (Steve K) Re: unbreakable? (John Savard) Re: Secure Delete Not Smart (John Savard) Re: Employing digits of pi (Mok-Kong Shen) Re: Employing digits of pi (Mok-Kong Shen) Re: Secure Delete Not Smart (Steve K) From: CLSV <[EMAIL PROTECTED]> Subject: Re: More idiot "security problems" Date: Tue, 28 Dec 1999 15:27:38 + "Terry Ritter" <[EMAIL PROTECTED]> wrote: > > >> Just to keep things honest, I would say the real situation is even > > >> more general: > > >> *Any* *group* can create an encryption algorithm that no-one in the > > >> group can break. [ * rule 1 * ] > > >> Here "group" includes individuals, academics, AES participants, etc. > > Brian Gladman wrote: > > > Including the group of 'all human beings'. > "CLSV" <[EMAIL PROTECTED]> wrote: > > A cipher designed by all human beings, > > what is that supposed to mean? Brian Gladman wrote: > [...] The group of 'all human beings' has created > a large number of ciphers already and will continue to do so. > Hence the rule implies that it is possible for human beings > to produce ciphers that human beings cannot break. This really doesn't sound right from a logical point of view. You say: ciphers are created by the group consisting of 'all human beings' (*). As far as I know aliens nor dolphins have contributed anything yet to the crypto field so I agree. Then you go on and say that by applying rule 1 you can conclude that it is possible for human beings (**) to produce ciphers that human beings (***) cannot break. So you are identifying (*) with (**) and (***). But the group (*) = (***) is larger than (**) because it consists of all human beings that have ever existed, are existing, and will exist in the future while (**) consists of all the human beings existing up to the point of the creation of the 'unbreakable' cipher. I wouldn't generalize Terry Ritter's statement any further. Regards, CLSV -- From: Eric Chomko <[EMAIL PROTECTED]> Crossposted-To: alt.politics.org.cia Subject: Re: Economic Espionage Act of 1996 and the U.S.A. government's violations Date: 28 Dec 1999 15:48:06 GMT In alt.politics.org.cia Jim <[EMAIL PROTECTED]> wrote: : On 22 Dec 1999 18:20:50 GMT, Eric Chomko <[EMAIL PROTECTED]> wrote: : >One world economy and that many more lawyers. Man, to think how much : >litigation we have in the US over corporate squabbles and now its going : >worldwide. I shutter to think about needing more lawyers and on a global : >scale. : Just how do you do that? Shutter. Ah yes, another Americanism of the English language: shutter. It would mean to writhe in disgust. Sort of like drinking a shot of really lousy whiskey. Eric -- Date: Tue, 28 Dec 1999 11:04:52 -0500 From: "Trevor Jackson, III" <[EMAIL PROTECTED]> Subject: Re: Secure Delete Not Smart UBCHI2 wrote: > Data has been recovered after 9 overwriting wipes according to the PGP manual. > It seems foolish to secure delete something without encrypting it first. Why > isn't this ever suggested in the manuals? It you already have a plain copy stored, encrypting it will not prevent someone from recovering the plain copy, because the encryption does not replace the plain copy. The encrypted file is a separate representaiton of the information in the plain file.So the plain file still exists to be recovered. Even if the excrypted copy replaced the plain copy sector for sector it would not hide the plain version of the file because the replacement would only write each sector once. To fully erase the plain version of the file you need many writes to each sector. The best answer is to never store plaintext. The information must be encrypted as it is stored. Disk encryption software does this for you. -- From: "Brian Gladman" <[EMAIL PROTECTED]> Subject: Re: More idiot "security problems" Date: Tue, 28 Dec 1999 16:07:20 - "CLSV" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > "Terry Ritter" <[EMAIL PROTECTED]> wrote: > > > >> Just
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #9 Tue, 29 Jun 99 16:13:04 EDT Contents: Re: MP3 Piracy Prevention is Impossible ("Else") Re: PIII Random Number Generator? ([EMAIL PROTECTED]) Re: Tough crypt question: how to break AT&T's monopoly??? (Bill Unruh) Re: Tough crypt question: how to break AT&T's monopoly??? (Bill Unruh) Re: Windows9x Crypt Function (David A Molnar) Re: Tough crypt question: how to break AT&T's monopoly??? (JPeschel) Re: Tough crypt question: how to break AT&T's monopoly??? (Bill Unruh) Re: How do you make RSA symmetrical? (Bill Unruh) Re: Hamming Weight (Mok-Kong Shen) Re: Can Anyone Help Me Crack A Simple Code? (William Tanksley) Re: MP3 Piracy Prevention is Impossible (Bill Unruh) Re: Tough crypt question: how to break AT&T's monopoly??? (David A Molnar) Re: trapdoor one way functions (Medical Electronics Lab) Re: Secure link over Inet if ISP is compromized. ("Else") Re: MP3 Piracy Prevention is Impossible (John Savard) Re: trapdoor one way functions (Jonathan Katz) Re: MP3 Piracy Prevention is Impossible (Vernon Schryver) Re: The One-Time Pad Paradox (Patrick Juola) Re: Secure link over Inet if ISP is compromized. (Jim Felling) Re: trapdoor one way functions (David A Molnar) Re: Secure link over Inet if ISP is compromized. (Thomas Wu) Re: one time pad (William Tanksley) From: "Else" <[EMAIL PROTECTED]> Subject: Re: MP3 Piracy Prevention is Impossible Date: Tue, 29 Jun 1999 22:08:17 +0400 [EMAIL PROTECTED] wrote in message <7lapgp$ok4$[EMAIL PROTECTED]>... >It's completely impossible to make sure that somebody can't share >the plaintext of a document with somebody else. Why try? It does not have to be "completely impossible". "Too expensive" would do just fine. -- Date: Tue, 29 Jun 1999 00:52:59 -0400 From: [EMAIL PROTECTED] Subject: Re: PIII Random Number Generator? [EMAIL PROTECTED] wrote: > > In article <[EMAIL PROTECTED]>, > Ed Yang <[EMAIL PROTECTED]> wrote: > > > How 'random' are these? Do you have a standard unit of meausre of > > > 'randomness'? > > > > > > M. K. Shen > > > > Yes, the unit of measure is the "knauer", which dimensionless, > > since it measures non-deterministic bits per bits available. > > The imaginary part of the knauer is called "true" and the real > > part is called "written". The complex conjugate of the knauer, > > when multiplied by the measured knauer value is called the > > size of the random string. > > > > I like 'entropy' or H(M) myself... I have never heard of a 'Knauer'. > Are there any good online links/papers on it (sounds a bit vague to me). You post via Deja.com, so use their archives. Look up Knauer in the sci.crypt archives. As Author: not as Subject:. -- From: [EMAIL PROTECTED] (Bill Unruh) Subject: Re: Tough crypt question: how to break AT&T's monopoly??? Date: 29 Jun 1999 17:06:26 GMT In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (JPeschel) writes: >in Canada. I am pretty sure Canada's export restrictions are the same >those in the US by mutual agreement. John Savard might speak to this. No they are not the same. Canada has much more lenient regulations. In particular the General Software exemption is valid in Canada, while EAR specifically overrules it in th eUSA. This means that any software which is generally available "over the counter" is free for export without a license. Unfortunately as is so often the case in Canada, there is a secrtion of the Export Control List which means it is required to get a license to export ANYTHING (including that Pen in your pocket) which originates in the USA. -- From: [EMAIL PROTECTED] (Bill Unruh) Subject: Re: Tough crypt question: how to break AT&T's monopoly??? Date: 29 Jun 1999 17:08:36 GMT In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Christopher) writes: >For a twist, what if the ciphertext were part of the binary itself. If >there is no separation of program and data, would that be restricted? It >certainly isn't a general purpose cipher program anymore, and is arguably >more message than program. Probably yes. If it were solely for purposes of validation, then if the user were unable to get at and use the decryption program it would probably be OK. But if the purpose is hiding communications, then it would not be OK, at least as I as a non-lawyer read the EAR -- From: David A Molnar <[EMAIL PROTECTED]> Subject: Re: Windows9x Crypt Function Date: 29 Jun
Cryptography-Digest Digest #802
Cryptography-Digest Digest #802, Volume #8 Sun, 27 Dec 98 05:13:04 EST Contents: U.S. Spying On Friend And Foe (Mark Adkins) Date: Sun, 27 Dec 1998 04:24:49 -0500 (EST) From: Mark Adkins <[EMAIL PROTECTED]> Subject: U.S. Spying On Friend And Foe You know, I wasn't going to post this, but I've just caught part of a debate on C-SPAN regarding whether Jonathan Pollard should be released early, and I was offended by the sanctimonious bleating of people like David Klinghoffer of National Review, who have the audacity to compare the revelation of technical intelligence to a foreign ally by Pollard to the case of Aldrich Ames. The United States has some nerve! (For those who may be interested, I am neither Jewish nor pro-Israel. I simply find the hypocrisy of the United States Government appalling.) It's also enlightening to bear in mind what follows when considering U.S. Government proposals for cryptological systems and standards for domestic and export use. There is also some information regarding intelligence intercepts of Iranian (not Libyan) communications about the bombing of PanAm Flight 103. The article is particularly interesting since the United States spies on every country in the world except for Great Britain, Australia, and Canada -- see Ronald Kessler, _Inside The CIA_ (NY: Pocket Books, 1992) -- and quite frankly I'd be surprised if we abide even by those agreements. The position of the U.S. intelligence community has always been that since governments and leadership change, what is today a cooperative ally may tommorrow become obstructionist if not hostile ("obstructionism" being judged by the compliance of foreign leaders with the values and priorities of U.S. foreign policy) and that therefore it is a good idea to spy on allies as well as enemies since one cannot set up an espionage infrastructure in a foreign country overnight. We also spy on economic competitors like Japan. (Kessler, pp. 9-12) Generally speaking, these countries spy on us as well. What follows is the full text, including a sidebar article (which I have placed at the end of the main article) and footnotes, of an article by Wayne Madsen, an Arlington, VA based journalist specializing in computer security, privacy, and intelligence, who is also the author of _Handbook of Personal Data Protection_ (NY: Stockton, 1992). The article appeared in the Winter 1998 issue of CovertAction Quarterly, pp. 36-42. CAQ can be reached at (202) 331-9763 (voice), (202) 331-9751 (fax), or [EMAIL PROTECTED] Their snail mail address is 1500 Massachusetts Avenue, N.W., #732, Washington, D.C. 20005. By way of disclosure to readers of this newsgroup, CAQ is an unabashedly left-wing periodical which sometimes produces intelligence-related articles of some interest and validity (and occasionally some embarrassing stinkers). As for this article, read it and decide for yourself. * * * CRYPTO AG: THE NSA's TROJAN WHORE? by Wayne Madsen copyright 1998 by CovertAction Quarterly It may be the greatest intelligence scam of the century. For decades the U.S. has routinely intercepted and deciphered top secret messages of 120 countries. These nations had bought the world's most sophisticated and supposedly secure commercial encryption technology from Crypto AG, a Swiss company that staked its reputation and the security concerns of its clients on its neutrality. The purchasing nations, confident that their communications were protected, sent messages from their capitals to embassies, military missions, trade offices, and espionage dens around the world, via telex, radio, teletype, and facsimile. They not only conducted sensitive albeit legal business and diplomacy, but sometimes strayed into criminal matters, issuing orders to assassinate political leaders, bomb commercial buildings, and engage in drug and arms smuggling. All the while, because of a secret agreement between the National Security Agency (NSA) and Crypto AG, they might as well have been hand-delivering the messages to Washington. Their Crypto AG machines had been rigged so that when customers used them, the random encryption key could be auto- matically and clandestinely transmitted with the enciphered message. (1) NSA analysts could read the message traffic as easily as they could the morning paper. The cover shielding the NSA-Crypto AG relationship was torn in March, 1992 when the Iranian military counterintelligence service arrested Hans Buehler, Crypto AG's marketing representative in Tehran. The Iranian government charged the tall, 50ish businessman with spying for "the intelligence services of the Federal Republic of Germany and the United States of America." (2) "I was questioned for five hours a day for nine months," B