Re: [Cryptography] End to end

2013-09-18 Thread Christoph Gruber
On 2013-09-17 Max Kington wrote:

 Hence, store in the clear, keep safe at rest using today's archival mechanism 
 and when that starts to get dated move onto the next one en-masse, for all 
 your media not just emails.

I would tend to agree for environments with very high regulations, where the 
need to comply with regulations is more important than the need to keep data 
I would suggest to balance that for every organisation. The risk to disclosure 
is much higher if data is stored unprotected. Any admin with access to the file 
system is able to read it.
Maybe this could be a cultural difference between US and Europe, the regulative 
pressure in US is higher, in Europe the privacy is more important or more 
I agree that both ways may be the right implementation for an organisation, but 
this has to be a management decision, balancing the needs.

Best regards

Christoph Gruber
If privacy is outlawed, only outlaws will have privacy. Phil Zimmermann

The cryptography mailing list

Re: [Cryptography] End to end

2013-09-17 Thread Christoph Gruber
On 2013-09-16 Phillip Hallam-Baker wrote:
 If people are sending email through the corporate email system then in many 
 cases the corporation has a need/right to see what they are sending/receiving.

Even if an organisation has a need/right to look into people's email, it is 
necessary to protect the communication on transport and storage. Of course a 
certain way of key recovery has to be in place.

Just my 2 cents

 The cryptography mailing list
The cryptography mailing list

Re: English 19-year-old jailed for refusal to disclose decryption key

2010-10-07 Thread Christoph Gruber
Am 06.10.2010 um 22:57 schrieb Marsh Ray:

 On 10/06/2010 01:57 PM, Ray Dillinger wrote:
 a 19-year-old just got a 16-month jail sentence for his refusal to
 disclose the password that would have allowed investigators to see
 what was on his hard drive.
 I am thankful to not be an English subject.

What about
Could this be used?

Christoph Gruber
If privacy is outlawed, only outlaws will have privacy. Phil Zimmermann

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to

Re: Spy/Counterspy

2010-07-11 Thread Christoph Gruber

Christoph Gruber
If privacy is outlawed, only outlaws will have privacy. Phil Zimmermann

Am 10.07.2010 um 12:57 schrieb Jerry Leichter

 On Jul 9, 2010, at 1:00 PM, Pawel wrote:
 On Apr 27, 2010, at 5:38 AM, Peter Gutmann (alt) wrote:
 GPS tracking units that you can fit to your car to track where your kids 
 are taking it [T]he sorts of places that'll sell you card skimmers and 
 RFID cloners have started selling miniature GPS jammers that plug
 into cigarette-lighter sockets on cars  In other words these are 
 specifically designed to stop cars from being tracked.
 (Some of the more sophisticated trackers will fall back to 3G GSM-based
 tracking via UMTS modems if they lose the GPS signal, it'll be interested 
 to see how long it takes before the jammers are updated to deal with 3G 
 signals as well, hopefully while leaving 2G intact for phonecalls).
 Just wondering, why wouldn't GPS trackers use 2G to determine the location?
 And, also, does it even need a cell service subscription for location 
 determination, or is it enough to query the cell towers (through some 
 handshake protocols) to figure out the proximities and coordinates?
 The 2G stuff wasn't designed to provide location information; that was hacked 
 in (by triangulating information received at multiple towers) after the fact. 
 I don't know that anyone has tried to do it from the receiver side - it seems 
 difficult, and would probably require building specialized receiver modules 
 (expensive).  3G provides location information as a standard service, so it's 
 cheap and easy.
 The next attack, of course, is to use WiFi base station triangulation.  
 That's widely and cheaply available already, and quite accurate in many 
 areas.  (It doesn't work out in the countryside if you're far enough from 
 buildings, but then you don't have to go more than 60 miles or so from NYC to 
 get to areas with no cell service, either.)  The signals are much stronger, 
 and you can get location data with much less information, so jamming would be 
 more of a challenge.  Still, I expect we'll see that in the spy vs. spy race.
 I wrote message to Risks - that seems to never have appeared - citing an 
 article about GPS spoofing.  (I've included it below.)  In the spy vs. spy 
 game, of course, it's much more suspicious if the GPS suddenly stops working 
 than if it shows you've gone to the supermarket.  Of course, WiFi (and 
 presumably UMTS equipment, though that might be harder) can also be spoofed.  
 I had an experience - described in another RISKS article - in which 
 WiFi-based location suddenly teleported me from Manhattan to the Riviera - 
 apparently because I was driving past a cruise ship in dock and its on-board 
 WiFi had been sampled while it was in Europe.
-- Jerry
 The BBC reports ( on 
 the growing threat of jamming to satellite navigation systems.  The 
 fundamental vulnerability of all the systems - GPS, the Russian Glonass, and 
 the European Galileo - is the very low power of the transmissions.  (Nice 
 analogy:  A satellite puts out less power than a car headlight, illuminating 
 more than a third of the Earth's surface from 20,000 kilometers.)  Jammers - 
 which simply overwhelm the satellite signal - are increasingly available 
 on-line.  According to the article, low-powered hand-held versions cost less 
 than £100, run for hours on a battery, and can confuse receivers tens of 
 kilometers away.
 The newer threat is from spoofers, which can project a false location.  This 
 still costs thousands, but the price will inevitably come down.
 A test done in 2008 showed that it was easy to badly spoof ships off the 
 English coast, causing them to read locations anywhere from Ireland to 
 Beyond simple hacking - someone is quoted saying You can consider GPS a 
 little like computers before the first virus - if I had stood here before 
 then and cried about the risks, you would've asked 'why would anyone 
 bother?'. - among the possible vulnerabilities are to high-value cargo, 
 armored cars, and rental cars tracked by GPS. As we build more and more 
 location-aware services, we are inherently building more 
 false-location-vulnerable services at the same time.
 The Cryptography Mailing List
 Unsubscribe by sending unsubscribe cryptography to

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to

Re: Blackberries insecure?

2007-06-21 Thread Christoph Gruber



It could be that the linkage between user ids and auth keys is too weak,
allowing a MITM attack to be undetected that sniffs the data encryption
key. This seems to be common problem with many of the secure protocols 
I've examined.

- Alex


Nobody knows, what the blackberry does with the decrypted data. The 
whole device is a black-box, so it is able to do anything it is 
programmed for, with all the data transmitted to it.


- Original Message -
From: Steven M. Bellovin [EMAIL PROTECTED]
Subject: Blackberries insecure?
Date: Wed, 20 Jun 2007 23:41:20 -0400

According to the AP (which is quoting Le Monde), French government
defense experts have advised officials in France's corridors of power
to stop using BlackBerry, reportedly to avoid snooping by U.S.
intelligence agencies.

That's a bit puzzling.  My understanding is that email is encrypted
from the organization's (Exchange?) server to the receiving Blackberry,
and that it's not in the clear while in transit or on RIM's servers.
In fact, I found this text on Blackberry's site:

Private encryption keys are generated in a secure, two-way
authenticated environment and are assigned to each BlackBerry
device user. Each secret key is stored only in the user's secure
regenerated by the user wirelessly.

Data sent to the BlackBerry device is encrypted by the
BlackBerry Enterprise Server using the private key retrieved
from the user's mailbox. The encrypted information travels
securely across the network to the device where it is decrypted
with the key stored there.

Data remains encrypted in transit and is never decrypted outside
of the corporate firewall.

Of course, we all know there are ways that keys can be leaked.

--Steve Bellovin,

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]