New Global Directory of OpenPGP Keys

2004-12-09 Thread R.A. Hettinga 

--- begin forwarded text


Date: Thu, 9 Dec 2004 18:48:09 +0100
From: Eugen Leitl <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: New Global Directory of OpenPGP Keys
User-Agent: Mutt/1.4i
Sender: [EMAIL PROTECTED]

Link: http://slashdot.org/article.pl?sid=04/12/09/1446203
Posted by: michael, on 2004-12-09 15:50:00

   from the how-may-i-direct-your-call dept.
   Gemini writes "The [1]PGP company just announced a new type of
   [2]keyserver for all your OpenPGP keys. This server verifies (via
   mailback verification, like mailing lists) that the email address on
   the key actually reaches someone. Dead keys age off the server, and
   you can even remove keys if you forget the passphrase. In a classy
   move, they've included support for those parts of the OpenPGP standard
   that PGP doesn't use, but [3]GnuPG does."

   [4]Click Here

References

   1. http://www.pgp.com/downloads/beta/globaldirectory/index.html
   2. http://keyserver-beta.pgp.com/
   3. http://www.gnupg.org/
   4.
http://ads.osdn.com/?ad_id=5671&alloc_id=12342&site_id=1&request_id=2385427&o
p=click&page=%2farticle%2epl

- End forwarded message -
--
Eugen* Leitl http://leitl.org";>leitl
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net

[demime 1.01d removed an attachment of type application/pgp-signature]

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Australian snooping laws pass lower house

2004-12-09 Thread R.A. Hettinga 


Australian IT

Snooping laws pass lower house

DECEMBER 09, 2004

POLICE will be able to access stored voice mail, email and mobile phone
text messages under new laws passed by federal parliament today.

The laws recognise voice mail, email and SMS messages should fall outside
telecommunication interception laws originally designed to stop law
enforcement agencies from intercepting phone calls.

 Police and other law enforcement officers will still need a search warrant
or a right of access to communications or storage equipment to access voice
mail, email and SMS under the changes.

 "These amendments make it easier for our law enforcement and regulatory
agencies to access stored communications that could provide evidence of
criminal activity," Attorney-General Philip Ruddock said.

 "They will also assist in securing information systems by allowing network
administrators to review stored communications for viruses and other
inappropriate content."

 Labor referred the proposed law to a Senate committee three times before
agreeing to it today.

 Opposition homeland security spokesman Robert McClelland said there needed
to be a distinction between stored messages and live telephone
conversations.

 "There have been concerns expressed about privacy and there always has
been a distinction between an eavesdropper and the reader of other people's
correspondence," he said.

 "But written documents have always been susceptible to legal process, to
warrants.

 "Everyone that creates a document does so knowing that that document can
be read by others and can be subject to legal process.

 "I don't think anything turns on the fact the document is written on a
computer and sent by email as opposed to being written in long hand and
popped in the letter box."

 The laws are a temporary measure and will cease to have effect after 12
months when a review of the measures will be undertaken.

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

3DES performance - Thanks!

2004-12-09 Thread Lee Parkes 
Hi,
Many thanks for all of the information regarding performance of the various
algorithms!

Cheers,
Lee

-- 
--
[EMAIL PROTECTED] DOC #25 GLASS #136
You can never break the chain
There is never love without pain - Secret Touch, Rush

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: workshop on unwanted Internet traffic

2004-12-09 Thread Steven M. Bellovin 
In message <[EMAIL PROTECTED]>, Steve Bellov
in writes:
>Readers of this list may be interesting the the SRUTI -- Steps Towards 
>Reducing Unwanted Traffic on the Internet -- workshop.  See
>http://www.research.att.com/~bala/srut for details.
>

CORRECTION: it's http://www.research.att.com/~bala/sruti

--Steve Bellovin, http://www.research.att.com/~smb



-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

export regulations updated

2004-12-09 Thread Perry E. Metzger 

Cryptome just published some updates to the crypto export regulations:

http://cryptome.org/bis120904.txt

Perry

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Blinky Rides Again: RCMP suspect al-Qaida messages

2004-12-09 Thread R.A. Hettinga 
Lions and Tigers and Steganography, Nell...

For those of you without a program, here is the new, official, Horsemen of
the Infocalypse Scorecard:

At 3:14 PM -0400 10/3/04, R. A. Hettinga wrote:
>   Horseman Color  Character   Nickname
>
>1  TerrorismRedShadow  "Blinky"
>2  NarcoticsPink   Speedy  "Pinky"
>3  Money Laundering Aqua   Bashful "Inky"
>4  Paedophilia  Yellow Pokey   "Clyde"

Cheers,
RAH
---


 December 8, 2004

 RCMP suspect al-Qaida messages
By JIM BRONSKILL

 OTTAWA (CP) - The RCMP has warned its investigators to be on the lookout
for cleverly disguised messages embedded by al-Qaida in digital files
police seize from terror suspects.

 An internal report obtained by The Canadian Press gives credence to the
long-rumoured possibility Osama bin Laden's terrorist network and other
extremist groups are using a technique known as steganography to hide the
existence of sensitive communications.

 Steganography, from the Greek word stegos, meaning covered, and graphie,
or writing, involves concealing a secret message or image within an
apparently innocuous one.

 For instance, a seemingly innocent digital photo of a dog could be
doctored to contain a picture of an explosive device or hidden wording.

 "Investigators in the course of their work on terrorist organizations and
their members, including al-Qaida and affiliated groups, need to consider
the possible use of steganography and seek to identify when steganography
is known or suspected of being used," the report says.

 It recommends investigators consult the RCMP's technological crime program
for assistance, including "comprehensive forensic examinations" of seized
digital media.

 A heavily edited copy of the January 2004 report, Computer-assisted and
Digital Steganography: Use by Al-Qaida and Affiliated Terrorist
Organizations, was recently obtained from the Mounties under the Access to
Information Act.

 Among the material stripped from the document is information on how best
to detect, extract and view surreptitious messages.

 Steganography dates to before 400 B.C. The ancient Greeks hid messages in
wax tablets, while invisible inks have long been used to convey secrets.

 Simple computer-assisted steganography helps apply such traditional
methods in an electronic environment, the report notes. The messages may
also be scrambled using cryptography to prevent them falling into the wrong
hands.

 The RCMP seems especially concerned, however, about digital steganography
- the use of special computer programs to embed messages.

 "There now exist nearly 200 software packages which perform digital
steganography," the report says.

 A limited number of publicly available software tools are designed to
detect the use of steganography, but the "success rate of these tools is
questionable," the RCMP adds.

 Some only detect the use of specific software, while others are useful for
scouring only certain types of files in which the secret message may be
hidden.

 There have been numerous media reports in recent years that terrorist
groups, including al-Qaida, were using steganographic techniques.

 The phenomenon is "deeply troubling," said David Harris, a former Canadian
Security Intelligence Service officer now with Ottawa-based Insignis
Strategic Research.

 He suggested any delay in detecting disguised messages could be disastrous.

 "We're talking very often about time-sensitive issues: where is the bomb?
Who's operating in connection with whom?" he said.

 "On that kind of basis, this is really, really disturbing as a development."

 Harris also questioned whether western security agencies have sufficient
personnel and resources to uncover the messages.



-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: 3DES performance

2004-12-09 Thread Sandy Harris 
Lee Parkes wrote:
Hi,
I'm working on a project for a company that involves the use of 3DES. They have
asked me to find out what the overheads are ...
 

Some info at:
http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/performance.html
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: 3DES performance

2004-12-09 Thread Joseph Ashwood 
- Original Message - 
From: "Lee Parkes" <[EMAIL PROTECTED]>
Subject: 3DES performance


I'm working on a project for a company that involves the use of 3DES. They 
have
asked me to find out what the overheads are for encrypting a binary file. 
There
will be quite a lot of traffic coming in (in the region of hundreds of
thousands of files per hour). Has anyone got any figures for 3DES 
performance?
I've tried bdes on OpenBSD which has given me some useful results.
Good estimates for the speed of many algorithms can be found at 
http://www.eskimo.com/~weidai/benchmarks.html , while the system is a bit 
old, the numbers are still relatively valid, considering that you will have 
other overheads involved. Just to save you a trip 3DES comes in around 
10MByte/second, and AES up to 6 times that speed.
   Joe

Trust Laboratories
Changing Software Development
http://www.trustlaboratories.com 

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

workshop on unwanted Internet traffic

2004-12-09 Thread Steve Bellovin 
Readers of this list may be interesting the the SRUTI -- Steps Towards 
Reducing Unwanted Traffic on the Internet -- workshop.  See
http://www.research.att.com/~bala/srut for details.


--Steve Bellovin, http://www.research.att.com/~smb



-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]