Re: PGP master keys

2006-04-27 Thread Derek Atkins

Quoting Steven M. Bellovin [EMAIL PROTECTED]:


In an article on disk encryption
(http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following
paragraph appears:

BitLocker has landed Redmond in some hot water over its insistence
that there are no back doors for law enforcement. As its
encryption code is open source, PGP says it can guarantee no back
doors, but that cyber sleuths can use its master keys if
neccessary.

What is a master key in this context?


ADK, the Additional Decryption Key.   An enterprise with a Managed
PGP Desktop installed base can set up an ADK and all messages get
encrypted to the ADK in addition to the recipient's key.


--Steven M. Bellovin, http://www.cs.columbia.edu/~smb


-derek

--
  Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
  Member, MIT Student Information Processing Board  (SIPB)
  URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH
  [EMAIL PROTECTED]PGP key available


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: PGP master keys

2006-04-27 Thread David Shaw
On Wed, Apr 26, 2006 at 09:53:27PM -0400, Steven M. Bellovin wrote:
 In an article on disk encryption
 (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following
 paragraph appears:
 
   BitLocker has landed Redmond in some hot water over its insistence
   that there are no back doors for law enforcement. As its
   encryption code is open source, PGP says it can guarantee no back
   doors, but that cyber sleuths can use its master keys if
   neccessary.
 
 What is a master key in this context?

It sounds rather like a misunderstanding/mangling of PGP's Additional
Decryption Key feature.

David

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: PGP master keys

2006-04-27 Thread Steven M. Bellovin
On Wed, 26 Apr 2006 22:24:22 -0400, Derek Atkins [EMAIL PROTECTED] wrote:

 Quoting Steven M. Bellovin [EMAIL PROTECTED]:
 
  In an article on disk encryption
  (http://www.theregister.co.uk/2006/04/26/pgp_infosec/), the following
  paragraph appears:
 
  BitLocker has landed Redmond in some hot water over its insistence
  that there are no back doors for law enforcement. As its
  encryption code is open source, PGP says it can guarantee no back
  doors, but that cyber sleuths can use its master keys if
  neccessary.
 
  What is a master key in this context?
 
 ADK, the Additional Decryption Key.   An enterprise with a Managed
 PGP Desktop installed base can set up an ADK and all messages get
 encrypted to the ADK in addition to the recipient's key.
 
Ah -- corporate key escrow.  An overt back door for Little Brother, rather
than a covert one for Big Brother

--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Judge Hints at Code in 'Da Vinci' Ruling

2006-04-27 Thread David Chessler

http://www.helenair.com/articles/2006/04/26/ap/strange/d8h7t2f8n.txt
http://www.helenair.com/articles/2006/04/26/ap/strange/d8h7s6805.prt


Judge Hints at Code in 'Da Vinci' Ruling
By JENNIFER QUINN

LONDON - The judge who presided at the Da Vinci Code copyright 
infringement trial has put a code of his own into his ruling, and he said 
Wednesday he would probably confirm it to the person who breaks it.


Since Judge Peter Smith delivered his ruling April 7, lawyers in London and 
New York began noticing odd italicizations in the 71-page document.


In the weeks afterward, would-be code-breakers got to work on deciphering 
Smith's code.


I can't discuss the judgment, Smith said in a brief conversation with The 
Associated Press, but I don't see why a judgment should not be a matter of 
fun.


Italics are placed in strange spots: The first is found in the first 
paragraph of the 360-paragraph document. The letter s in the word 
claimants is italicized.


In the next paragraph, claimant is spelled with an italicized m, and so on.

The italicized letters in the first seven paragraphs spell out Smithy 
code, playing on the judge's name.


Lawyer Dan Tench, with the London firm Olswang, said he noticed the code 
when he spotted the striking italicized script in an online copy of the 
judgment.


To encrypt a message in this manner, in a High Court judgment no less? 
It's out there, Tench said. I think he was getting into the spirit of the 
thing. It doesn't take away from the validity of the judgment. He was just 
having a bit of fun.


Smith was arguably the highlight of the trial, with his acerbic questions 
and witty observations making the sometimes dry testimony more lively. 
Though Smith on Wednesday refused to discuss the judgment or acknowledge 
outright that he'd inserted a secret code in its pages, he said: They 
don't look like typos, do they?


When asked if someone would break the code, Smith said: I don't know. It's 
not a difficult thing to do. And when asked if he would confirm a correct 
guess to an aspiring code-breaker, he said, Probably.


Tench said the judge teasingly remarked that the code is a mixture of the 
italicized font code found in the book The Holy Blood and the Holy Grail 
_ whose authors were suing Dan Brown's publisher, Random House, for 
copyright infringement _ and the code found Brown's The Da Vinci Code.


Authors Michael Baigent and Richard Leigh had sued Random House Inc., 
claiming Brown's best-selling novel appropriated the architecture of 
their 1982 nonfiction book, The Holy Blood and the Holy Grail.


Both books explore theories that Jesus married Mary Magdalene, the couple 
had a child and the bloodline survives, ideas dismissed by most historians 
and theologians.


The Da Vinci Code has sold more than 40 million copies _ including 12 
million hardcovers in the United States _ since its release in March 2003. 
It came out in paperback in the United States earlier this year, and 
quickly sold more than 500,000 copies. An initial print run of 5 million 
has already been raised to 6 million.


Since the judgment was handed down three weeks ago, Tench said it took 
several weeks _ and several watchful eyes _ to catch the code. Now, London 
and New York attorneys are scrambling to solve it.


I think it has caught the particular imagination of Americans, Tench 
said. To have a British, staid High Court judge encrypt a judgment in this 
manner, it's jolly fun.


I'm definitely going to try to break the code, said attorney Mark 
Stephens, when learning of its existence.


Judges have been known to write very sophisticated and amusing judgments, 
Stephens said. This trend started long ago ... one did a judgment in 
rhyme, another in couplets. There has been precedent for this.


It adds a bit of fun of what might have been a dusty text, he said.

On the Net:

http://www.hmcourts-service.gov.uk/HMCSJudgments

A service of the Associated Press(AP)


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

*** FAIR USE NOTICE. This message contains copyrighted material the use of 
which has not been specifically authorized by the copyright owner. This 
Internet discussion group is making it available without profit to group 
members who have expressed a prior interest in receiving the included 
information in their efforts to advance the understanding of literary, 
educational, political, and economic issues, for non-profit research and 
educational purposes only. I believe that this constitutes a 'fair use' of 
the copyrighted material as provided for in section 107 of the U.S. 
Copyright Law. If you wish to use this copyrighted material for purposes of 
your own that go beyond 'fair use,' you must obtain permission from the 
copyright owner.


For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml

-


-
The Cryptography 

Re: History and definition of the term 'principal'?

2006-04-27 Thread dan


I was manager of development for Project Athena beginning
in 1985.  Amongst our projects was Kerberos, and, as you
know, it was a direct implementation of Needham-Schroeder.
Schroeder had been Jerome Saltzer's Ph.D. student and 
Saltzer was the MIT faculty member in charge of the
technical side of Athena, and to whom I reported.  The
word principal was solidly in place from the moment
the Kerberos work began, and comes directly from the
work of Saltzer and Schroeder.  At least as early as
1975 the term principal was in use in their work;
see [1] for my own earliest reference.  I suspect it
was in place at Project MAC and might thus have some
lineage with Multics, but now I am speculating.

Needham is sadly gone, but Schroeder and Saltzer are
still with us.  If it is worth my pursuit of the matter
I'll make the time for it, but I now forget why this
was asked.  If it is curiousity, perhaps the canoe is
now far enough upriver.  If it is a patent claim or the
like and one needs to find the exact wet spot in the
ground that the river starts, well, let me know.

--dan


[1] Proceedings of the IEEE. Vol. 63, No. 9 (September 1975), pp.
1278-1308; Manuscript received October 11, 1974; revised April 17,
1975. Copyright 1975 by J. H. Saltzer.  The authors are with Project
MAC and the Department of Electrical Engineering and Computer Science,
Massachusetts Institute of Technology Cambridge, Mass. 02139.


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: History and definition of the term 'principal'?

2006-04-27 Thread Ed Gerck

tmcghan quoted:
SDSI's active agents (principals) are keys: specifically, the private keys 
that sign statements. We identify a principal with the 
corresponding verification (public) key...


Calling a key a principal (and saying that a key speaks) is just
a poetic language used in SDSI/SPKI. The goal was to eliminate liability
by using keys as syntactic elements - a digital signature reduced to
mathematics. This did not, however, turn out to be a real-world model
because someone must have allowed the software to use that key or, at least,
turned the computer on (even if by a cron job).

Usually (but not always consistently) cryptography's use of principal is
not what the dictionary says.

Here, principal conveys the idea of owning or operating.

In this sense, SDSI is somewhat right -- the private key seems to
operate the signature -- but fails to recognize that, ultimately, the key
by itself cannot operate(or own) anything.

Being responsible for an account, or creating keys or passwords, is within
the idea of owing or operating.

Cheers,
Ed Gerck

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Latest Da Vinci mystery: judge's own secret code

2006-04-27 Thread Jeffrey Altman
Latest Da Vinci mystery: judge's own secret code
Thu Apr 27, 2006 8:11 AM ET

By Peter Graff

LONDON (Reuters) - Three weeks after a British court passed judgment in
the copyright case involving Dan Brown's bestseller The Da Vinci Code,
a lawyer has uncovered what may be a secret message buried in the text
of the ruling.

Lawyer Dan Tench noticed some letters in the judgment had been
italicized, and it suddenly dawned on him that they spelled a phrase
that included the name of the judge: Smith code.

Justice Peter Smith, who during the trial displayed a sense of humor
unusual in the rarified world of bewigged barristers and ancient
tradition, appears to have embraced the mysterious world of codes and
conspiracy that run through the novel.

I thought it was a mistake, that there were some stray letters that had
been italicized because the word processor had gone wrong, Tench told
Reuters.

Tench initially told The Times newspaper that apparently random letters
in the judge's ruling appeared in italics. Wouldn't it be clever if the
judge had embedded a secret message in the text? The Times ran a jokey item.

And then I got an e-mail from the judge, said Tench.

He said Smith told him to look back at the first paragraphs. The
italicized letters scattered throughout the judgment spell out:
smithcodeJaeiextostpsacgreamqwfkadpmqz.

Those in the first paragraphs spell out smith code.

But what does the rest mean?

The novel, and upcoming movie starring Tom Hanks, are about a secret
code that reveals ancient mysteries about Jesus Christ.

Smith, who ruled that author Brown had not plagiarized his hugely
popular thriller from another book, The Holy Blood and the Holy Grail,
has so far not given any clues to his own mystery code.

For now, the judge is not speaking. His clerk said he is refusing
interviews. She would not confirm whether there truly was a secret
mystery embedded in his judgment.

But she did confirm that he is, generally speaking, a humorous type of
person.


smime.p7s
Description: S/MIME Cryptographic Signature


VoIP and phishing

2006-04-27 Thread leichter_jerrold
From Computerworld:


New phishing scam model leverages VoIP
Novelty of dialing a phone number lures in the unwary
  News Story by Cara Garretson

APRIL 26, 2006
(NETWORK WORLD) - Small businesses and consumers aren't the only ones
enjoying the cost savings of switching to voice over IP
(VoIP). According to messaging security company Cloudmark Inc., phishers
have begun using the technology to help them steal personal and
financial information over the phone.

Earlier this month, San Francisco-based Cloudmark trapped an e-mailed
phishing attack in its security filters that appeared to come from a
small bank in a big city and directed recipients to verify their account
information by dialing a certain phone number. The Cloudmark user who
received the e-mail and alerted the company knew it was a phishing scam
because he's not a customer of this bank.

Usually phishing scams are e-mail messages that direct unwitting
recipients to a Web site where they're tricked into giving up their
personal or financial information. But because much of the public is
learning not to visit the Web sites these messages try to direct them
to, phishers believe asking recipients to dial a phone number instead is
novel enough that people will do it, says Adam O'Donnell, senior
research scientist at Cloudmark.

And that's where VoIP comes in. By simply acquiring a VoIP account,
associating it with a phone number and backing it up with an interactive
voice-recognition system and free PBX software running on a cheap PC,
phishers can build phone systems that appear as elaborate as those used
by banks, O'Donnell says. They're leveraging the same economies that
make VoIP attractive for small businesses, he says.

Cloudmark has no proof that the phishing e-mail it snagged was using a
VoIP system, but O'Donnell says it's the only way that staging such an
attack could make economic sense for the phisher.

The company expects to see more of this new form of phishing. Once a
phished e-mail with a phone number is identified, Cloudmark's security
network can filter inbound e-mail messages and block those that contain
the number, says O'Donnell.

-- Jerry

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: VoIP and phishing

2006-04-27 Thread mis
the other point that should be made about voip is that
callerid is trivial to spoof.  

so if you are counting on the calling party being who they say the are,
or even within your company, based on callerid, don't.

i predict a round of targeted attacks on help desks and customer
service, as well as more general scams with callerid set to (say) 
Visa  Security.

does anyone know if time ANI from toll free services is still unspoofable?

some of my clients have been receiving targeted phishes recently that correctly 
name
their bank and property address and claim to be about their mortgage.
this is information obtainable from public records.



On Thu, Apr 27, 2006 at 12:07:20PM -0400, [EMAIL PROTECTED] wrote:
 From Computerworld:
 
 
 New phishing scam model leverages VoIP
 Novelty of dialing a phone number lures in the unwary
   News Story by Cara Garretson
 
 APRIL 26, 2006
 (NETWORK WORLD) - Small businesses and consumers aren't the only ones
 enjoying the cost savings of switching to voice over IP
 (VoIP). According to messaging security company Cloudmark Inc., phishers
 have begun using the technology to help them steal personal and
 financial information over the phone.
 
 Earlier this month, San Francisco-based Cloudmark trapped an e-mailed
 phishing attack in its security filters that appeared to come from a
 small bank in a big city and directed recipients to verify their account
 information by dialing a certain phone number. The Cloudmark user who
 received the e-mail and alerted the company knew it was a phishing scam
 because he's not a customer of this bank.
 
 Usually phishing scams are e-mail messages that direct unwitting
 recipients to a Web site where they're tricked into giving up their
 personal or financial information. But because much of the public is
 learning not to visit the Web sites these messages try to direct them
 to, phishers believe asking recipients to dial a phone number instead is
 novel enough that people will do it, says Adam O'Donnell, senior
 research scientist at Cloudmark.
 
 And that's where VoIP comes in. By simply acquiring a VoIP account,
 associating it with a phone number and backing it up with an interactive
 voice-recognition system and free PBX software running on a cheap PC,
 phishers can build phone systems that appear as elaborate as those used
 by banks, O'Donnell says. They're leveraging the same economies that
 make VoIP attractive for small businesses, he says.
 
 Cloudmark has no proof that the phishing e-mail it snagged was using a
 VoIP system, but O'Donnell says it's the only way that staging such an
 attack could make economic sense for the phisher.
 
 The company expects to see more of this new form of phishing. Once a
 phished e-mail with a phone number is identified, Cloudmark's security
 network can filter inbound e-mail messages and block those that contain
 the number, says O'Donnell.
 
   -- Jerry
 
 -
 The Cryptography Mailing List
 Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: VoIP and phishing

2006-04-27 Thread leichter_jerrold
| the other point that should be made about voip is that callerid is
| trivial to spoof.
| 
| so if you are counting on the calling party being who they say the
| are, or even within your company, based on callerid, don't.
| 
| i predict a round of targeted attacks on help desks and customer
| service, as well as more general scams with callerid set to (say)
| Visa Security.
To open a trouble ticket with IT where I work, you go to a Web page; or,
if you have problems using the network, you can use the phone.  When the
phone is replaced by one that use VoIP, just how will one report network
outages?  I can't wait

| does anyone know if time ANI from toll free services is still
| unspoofable?
The last I heard, it was fairly easy to *suppress* ANI (using games that
redirected calls the network saw as going to toll-free numbers), but
still difficult to *spoof* it.  Since ANI drives Telco billing - unlike
Caller ID, which is simply delivered to customers - the Telco's have an
interest in making it difficult to fake.  On the other hand, LD revenues
have been falling for years, so the funding to attack LD fraud has
probably been falling, too - given how many people now have all you
can eat plans, there's less and less reason to worry about them
stealing.

| some of my clients have been receiving targeted phishes recently that
| correctly name their bank and property address and claim to be about
| their mortgage.  this is information obtainable from public records.
I probably get an offer to refinance my mortgage every other week or
so.  The letters cite real information about me and my mortgage:  They
know its size, or at least the know the amount at the time I took out
the mortgage.

In low-income areas, there's a long history of fraudulent refinancing -
claiming you are getting a better loan for the person but really getting
him deeper and deeper in the hole while you pocket various fees.  I
wouldn't want bet that all the come-on letters I receive are legitimate!
The only difference between some of this stuff and phishing is the
medium used.
-- Jerry

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: VoIP and phishing

2006-04-27 Thread mis
On Thu, Apr 27, 2006 at 01:12:43PM -0700, [EMAIL PROTECTED] wrote:

 so if you are counting on the calling party being who they say the are,
 or even within your company, based on callerid, don't.
 
 does anyone know if time ANI from toll free services is still unspoofable?

make that real-time ANI

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: VoIP and phishing

2006-04-27 Thread James Cloos
 mis == mis  [EMAIL PROTECTED] writes:

mis does anyone know if [real-]time ANI from
mis toll free services is still unspoofable?

No, in general it is not unspoofable.

But you probably need the gateway into the PSTN to use SS7 and IMT
trunks; and that probably means a CLEC license in the US, or similar
elsewhere.  That presumably means more substantial civil and criminal
penalties for spoofing with criminal intent, not to mention the
potential loss of the operating license for doing so.

So although it is certainly doable, it'll be expensive and likely
beyond the means of small-time players.

In short, if you have direct SS7 access, there isn't much you cannot
do to screw over other providers and their customers.  Hense all of
the rules and regs for getting such access.

-JimC
-- 
James H. Cloos, Jr. [EMAIL PROTECTED]

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]