Trusted Computing news

[JMBCV]

New Scientist reports on a new document released by the Trusted Computing
Group, http://www.trustedcomputinggroup.org/.  This is the reconstitued
and renamed TCPA, which triggered such controversy a year ago.  The
article, http://www.newscientist.com/news/news.jsp?id=ns4171, reports:

   The US music industry's legal clampdown on online music piracy could
   soon be supplemented by technical measures that will make it harder
   to make unauthorised copies of digital files.

   A new set of programming standards, released by a consortium of
   the world's largest software and hardware companies on Tuesday,
   specify methods for developing software for hardware security modules
   increasingly being built into many personal computers.

   The Trusted Computing Group's new security standards promise to shore
   up personal computer security by linking software to tamper-resistant
   hardware modules in which cryptographic keys and other tools are
   stored. This could be used to increase the security of files or
   authenticate messages.

The new document, described in the press release at
https://www.trustedcomputinggroup.org/press/news/TSS_IDF_release_final_sept_12_2003.pdf,
is an API for the Trusted Software Stack (TSS), which will interface to
the secure hardware component, called a TPM (trusted platform module).

In other news, Sun Microsystems has announced that it is joining the TCG.
Amazingly, Whit Diffie, a well known privacy advocate with cypherpunk
leanings, is quoted in the press release:

   "As the world becomes more connected, secure computing is fundamental
   to protecting our critical infrastructure, our enterprise networks,
   and our personal computers." said Dr.  Whitfield Diffie, Chief Security
   Officer, Sun Microsystems.  "Sun is committed to security and open
   standards. We're excited to join TCG as a Promoter Member and help
   to move security into the technologies on which the future depends."

Back in April, Diffie was questioning the goals of Trusted Computing,
http://www.eetimes.com/story/OEG20030415S0013.  Wonder what changed
his mind?

A final note, Ross Anderson's so-called Trusted Computing FAQ was updated
last month to version 1.1, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html.
It's still full of utterly unsupported allegations, such as the claim
that TCPA was going to delete "pirated" applications and documents.
And of course there is no apology for those charges which he has had to
eliminate or water down from the first version of the FAQ.  Read at your
own risk; it's not exactly a "no spin zone".

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Quantum cryptography finally commercialized?

[R. A. Hettinga]

Help Net Security -

Quantum cryptography finally commercialized?
Posted by Mirko Zorz - LogError
Tuesday, 16 September 2003, 1:23 PM CET


Start-up MagiQ Technologies, from Somerville, Massachusetts, has released
the first commercial implementation of quantum cryptography, the
much-heralded solution to the perfect encryption cipher. Theoretically,
encryption ciphers created using quantum physics are unbreakable.

While MagiQ Technologies' product, Navajo, isn't itself a quantum device it
uses one of the fundamental tenets of quantum theory: Heisenberg's
Uncertainty Principle, to create a Quantum Key Distribution (QKD) network.
Werner Heisenberg first published his theory in 1927, stating that the more
precisely the position of is known, the less precisely the momentum is
known. This succinct statement addresses the uncertain relationship between
the position and the momentum (mass times velocity) of a subatomic
particle, such as an electron, and has profound impact on the development
of future information systems.


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Baltimore Break-up to Continue

[R. A. Hettinga]

OnBusiness

  š Tues, Sept 16, 2003

BALTIMORE BREAK-UP TO CONTINUE - Baltimore Technologies has reported
sharply lower first-half pre-tax losses of £9m, compared with £43m in the
same period last year. Losses before exceptional items were slashed from
£9.9m to £2.2m.

Total revenues dropped from £22.1m to £9.7m, while sales from continuing
businesses fell from £13.2m to £9.3m.

The company had cash balances of £14.6m at the end of the period, but
expects a further £15.9m from a series of disposals. Staff levels at
Baltimore have been cut from 422 to 255 in the period and the company says
this process will continue.


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: PGP makes email encryption easier

[Ian Grigg]

Eric Murray wrote:

> > For the record, AFAIK, this approach was invented and
> > deployed by Dr. Ian Brown as his undergraduate thesis,
> > back in 1996 or so.
> 
> Not to take anything away from Dr Brown, but I wrote something very
> similar to what PGP's selling for internal use at SUN in 1995 (to secure
> communications between some eastern european offices).   I'd thought
> about it a couple years before that as I needed something to secure
> communications between the company I worked for and their law firm,
> and teaching executives and chip designers to use PGP wasn't working
> very well.

Thanks for the correction!  Was this project ever released
or documented?  I never heard of it before.

> I don't beleive that I was the first to think of it or the first to
> do it; it's a pretty obvious solution.

:-)  Many inventions are obvious once well understood.

Although I would agree that such an invention should not
deserve to be patented.  Whether that's because it is too
obvious, or too useful, depends on ones pov...

> > It's a good approach.  It trades some sysadmin complexity
> > for the key admin complexity, but it also raises some
> > interesting challenges for deciding when to encrypt,
> > when not to encrypt, and also, when to block outgoing
> > mail that should be encrypted...
> 
> Yep.
> 
> Eric

iang

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: quantum hype

[John Lowry]

QC is currently a one-time pad distribution mechanism - or at lower rates a
key establishment mechanism most suitable for symmetric algorithms.

You are correct that authentication is not inherent.  Then again, this is
also true for "classical" symmetric and PKI schemes.  To be usable, all
crypto requires some kind of authentication mechanism or scheme.

The QC community is well aware of this problem and is working on it.
Please don't give up yet !  In the mean time, manual establishment of an
authentication secret works as do physical means e.g., optical viewing of a
satellite from a ground station.

Please remember that it's early days yet; the problems are real and hard.
Come join the fun.

And watch out for snake oil from early attempts at commercialization  ;-)

John
PS: a small nit.  The quantum channel is tamper _detectable_.  There is no
claim to being "untamperable".  You can always detect tampering (and throw
away those bits) regardless of who you are talking to.  Multiple "reads" of
a photon (several approaches have been considered) is either equivalent to
tampering or yields no information.  Physics is fun !


On 9/16/03 16:03, "Hadmut Danisch" <[EMAIL PROTECTED]> wrote:

> On Sat, Sep 13, 2003 at 09:06:56PM +, David Wagner wrote:
>> 
>> You're absolutely right.  Quantum cryptography *assumes* that you
>> have an authentic, untamperable channel between sender and receiver.
> 
> So as a result, Quantum cryptography depends on the known
> methods to provide authenticity and integrity. Thus it can not
> be any stronger than the known methods. Since the known methods
> are basically the same a for confidentiality (DLP, Factoring),
> and authentic channels can be turned into confidential channels
> by the same methods (e.g. DH), Quantum cryptography can not be
> stronger than known methods, I guess.
> 
> On the other hand, quantum cryptography is based on several
> assumptions. Is there any proof that the polarisation of a
> photon can be read only once and only if you know how to turn
> your detector? 
> 
> AFAIK quantum cryptography completey lacks the binding to
> an identity of the receiver. Even if it is true that just a single
> receiver can read the information, it is still unknown, _who_
> it is. All you know is that you send information which can be read
> by a single receiver only. And you hope that this receiver was the
> good guy.
> 
> Hadmut
> 
> -
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: quantum hype

[Hadmut Danisch]

On Sat, Sep 13, 2003 at 09:06:56PM +, David Wagner wrote:
> 
> You're absolutely right.  Quantum cryptography *assumes* that you
> have an authentic, untamperable channel between sender and receiver.

So as a result, Quantum cryptography depends on the known 
methods to provide authenticity and integrity. Thus it can not 
be any stronger than the known methods. Since the known methods
are basically the same a for confidentiality (DLP, Factoring), 
and authentic channels can be turned into confidential channels
by the same methods (e.g. DH), Quantum cryptography can not be
stronger than known methods, I guess.

On the other hand, quantum cryptography is based on several 
assumptions. Is there any proof that the polarisation of a 
photon can be read only once and only if you know how to turn 
your detector? 

AFAIK quantum cryptography completey lacks the binding to 
an identity of the receiver. Even if it is true that just a single
receiver can read the information, it is still unknown, _who_
it is. All you know is that you send information which can be read
by a single receiver only. And you hope that this receiver was the
good guy.

Hadmut

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: PGP makes email encryption easier

[Ian Grigg]

"R. A. Hettinga" wrote:

> PGP Corp has taken a slightly different tack, adapting its software so that it can 
> be loaded onto x86 servers to create an email encryption appliance. These proxy 
> servers live between an email server and client machine or in an enterprise's DMZ; 
> they are responsible for generating encryption keys and managing the encryption and 
> digital signing of email, according to enterprise security policies. The appliances 
> can be clustered for higher availability.

For the record, AFAIK, this approach was invented and
deployed by Dr. Ian Brown as his undergraduate thesis,
back in 1996 or so.  His Enigma used the now ancient
Cryptix 2.6 PGP code.  I used it for a long time, as
my personal proxy, until the newer PGP 4 formats started
to dominate.

It's a good approach.  It trades some sysadmin complexity
for the key admin complexity, but it also raises some
interesting challenges for deciding when to encrypt,
when not to encrypt, and also, when to block outgoing
mail that should be encrypted...

(I commend the PGP Inc company for being careful with
their marketing spiel!)

iang

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

PGP makes email encryption easier

[R. A. Hettinga]

The Register

  15 September 2003 
  Updated: 15:06 GMT 



PGP makes email encryption easier 
By John Leyden 
Posted: 15/09/2003 at 14:06 GMT 


 
PGP Corporation today introduced simpler email encryption in which the burden of 
securing email messages is shifted from the client to the network. 

PGP Universal software suite, launched today, represents a new architecture for the 
company. The complexity of email encryption systems has long been a factor holding 
back deployment. Some vendors have responded to by repackaging encrypted email as a 
Web-based service. 

PGP Corp has taken a slightly different tack, adapting its software so that it can be 
loaded onto x86 servers to create an email encryption appliance. These proxy servers 
live between an email server and client machine or in an enterprise's DMZ; they are 
responsible for generating encryption keys and managing the encryption and digital 
signing of email, according to enterprise security policies. The appliances can be 
clustered for higher availability. 

Transmissions between a client machine and PGP can themselves be encrypted using SSL. 

The technology was launched at a Gartner security conference in London this morning. 
Stephan Somogyi, director of products at PGP Corp, told delegates that PGP Universal 
radically simplifies the support and training requirements normally associated with 
deploying enterprise encryption products. 

"Desktop solution hit a wall when you hit deployment of 15 per cent within companies 
because of training and deployment issues," Somogyi told The Register . "With desktop 
solutions you also have a problem of people accidentally failiing to comply with 
security policies, for example by forgeting to digitally sign email, that's why we're 
moving to a network-based approach." 

But couldn't an enterprise set up a similar system using digital certificates and 
email sent using the TLS protocol, Somogyi was asked. Up to a point, he replied; such 
an approach would only work effectively for site to site email and sets up a 
computational overhead which PGP's architecture is better suited to manage. 

PGP Universal support POP3 and IMAP clients, as well as Lotus Notes systems. Exchange 
support is more problematic, but the PGP Corp intends to support Exchange 2003 support 
via OUtlook HTTPS. 

PGP Corp intends to add support for S/MIME encryption and X.509 certificates to PGP 
Universal later this year. And it aims, at some point, to support secure instant 
messaging and a greater range of mobile devices - PGP has already developed a client 
that works on a Handspring Treo. 

PGP Universal interoperates with AV and content filtering scanners, where messages are 
be checked before encryption and after decryption. Alex Doll, CFO at PGP Corporation 
said the company was in talks with one particular AV vendor, which he declined to name 
as yet, about a possible OEM deal. The company is also in talks with an ISP and 
managed service provider about setting up a premium service based on PGP's technology. 

Pricing for the PGP Universal, which the company says is suitable for companies 
ranging for a handful of employees to thousands, is based on the number of end users, 
gateway and supported domains. Costs are similar to AV pricing, according to Steve 
Abbott, VP of sales at PGP Corp. ® 


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

JetBlue: Code Red

[R. A. Hettinga]

DontSpyOnUs :: 

First In Line for Fascism 
Galileo: Police State Collaborator 
Meet Sam Katz: Galileo's Collaborator-in-Chief How CAPPS II Works Why CAPPS II Makes 
Flying MORE Dangerous What's in a PNR? Why This Site Exists Plead the Fourth Press 
Room Mail Bag 

JetBlue: Code Red 
An offer by JetBlue Airways to test the CAPPS II internal border control system has 
been accepted by the Department of Homeland Security's Transportation Security 
Administration. 

In a secret, off-the-record meeting held recently at TSA headquarters, TSA chief James 
M. Loy informed an elite audience of conservative opinion-makers that JetBlue Airways 
is replacing Delta Airlines as the "testing platform" for the CAPPS II internal border 
control system.  The meeting was attended by former US Representative Bob Barr as well 
as leaders from several conservative public policy groups. 

JetBlue Airways has shown its true spirit by pushing to be first in line for fascism. 

Rather than being merely the airline with free DirecTV, JetBlue shall henceforth be 
known as the airline with thousands of daily, non-stop trips from Washington, DC into 
the private lives of Americans foolish enough to fly their Orwellian, unpatriotic 
airline. 

It's time for all patriotic Americans to share with JetBlue a little of that Boycott 
Delta love.  If the JetBlue leadership hadn't been under a rock for the past six 
months, they would be well aware of the pillorying in the media and the countless 
millions of dollars in lost revenue borne by Delta by participating in the first round 
of CAPPS II testing. 

Until JetBlue publicly withdraws from any and all CAPPS II testing and apologizes to 
the American people for their reckless disregard for the US Constitution, a boycott of 
JetBlue Airways is in effect. 


 




 
"They that can give up essential liberty to obtain a little 
temporary safety deserve neither liberty nor safety." 
- Benjamin Franklin 

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]