Re: PGP Encryption Proves Powerful

2003-05-31 Thread John Young
If the FBI cannot crack PGP that does not mean other
agencies with greater prowess cannot. It is unlikely that
the capability to crack PGP would be publicly revealed
for that would close an invaluable source of information.

Intel crackers hardly ever reveal their most essential
tools, though there are orchestrated releases of
capability to mislead.

In the case of the VENONA decrypts, there have been
only partial public releases, along with misleading stories
about how the decrypts were done -- the official story they
were done only by dedicated cryptanalysts without help
of code books or other assists, that Russian carelessness
of OTP preparation provided the crib. Unofficial stories are 
that Russian codebooks were used, at least for some of the
decrypts -- Thomas Powers, for one, recounts this version
in several reprinted essays in The Intelligence Wars. That
cover stories have been arranged for how the deciphering 
was actually done, some not privy to the hardworking NSA

An undisclosed amount of the VENONA messages remain
undeciphered, or at least not made public. Speculation is
that NSA and whomever do not want to tell the full story of
the decrypt capability, again, as with most intelligence 
agencies it is more beneficial to never reveal full capabilities,
in particular not to temporary allies with the understanding
that allies always spy on each other, whether those are US 
TLAs or foreign friends.

Ther recent opening of domestic cooperation among the intel
agencies and law enforcement will not likely get any of them
to share fully.

Still, it is impressive that PRZ valiantly argues that PGP is
algorithmically impregnable. That should satisfy its users as
well as its crackers. An uncracked code is the perfect spying
tool. Based on a mulitude of accounts of sophisticated 
espionage deceptions it might be suspected that is the origin 
of PK crypto, and why it was leaked, and leaked again, and
crypto export was eased, then greased again.

Presumably there will be periodic reports of cryptographic
impregnability to foster wider if not wiser use.

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Secrets of Computer Espionage: Tactics and Countermeasures

2003-06-11 Thread John Young
New book by Joel McNamara who runs the Tempest website:

Secrets of Computer Espionage: Tactics and Countermeasures

by Joel McNamara

Covers electronic and wireless eavesdropping, computer surveillance, 
intelligence gathering, password cracking, keylogging, data duplication, 
black bag computer spy jobs, reconnaissance, risk assessment, legal 
issues, and advanced spying techniques used by the government.

Author shares easily-implemented countermeasures against spying to 
detect and defeat eavesdroppers and other hostile individuals.

Addresses legal issues, including the U.S. Patriot Act, legal spying in 
the workplace, and computer fraud crimes. 

ISBN 0-7645-3710-5
384 Pages
June 2003


The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Pre-cursor to Non-Secret Encryption

2003-06-18 Thread John Young
James Ellis, GCHQ, in his account of the development of non-secret
encryption credits a Bell Laboratories 1944 report  on Project
C-43 for stimulating his conception:

  The Possibility of Secure Non-Secret Digital Encryption
  J. H. Ellis, January 1970

  Reference: (1) Final report on project C43. Bell Telephone 
  Laboratory, October, 1944, p.23.

The Bell lab paper appears not to be online.

Brian Durham notes that NSA has listed in its Open Door archive of 
declassified crypto papers several of which refer to a Project 
C-43 which investigated from 1941-1944 decoding of speech codes.

  NR 4242 ZEMA172 35374A 19410521 PROJECT C-43 PRELIMINARY 

  NR 4243 ZEMA172 35375A 19411215 PROJECT C43 PRELIMINARY 

  NR 4675 ZEMA43 21276A 19430130 PROJECT C-43 CONTINUATION 

  NR 3391 CBPM44 24215A 19441012 PROJECT C-43 DECODING 

The date of the last, October 12, 1944, corresponds to that of the
Ellis citation. If this is the paper Ellis is referring to, it is worth
the dates of the earlier reports, two in 1941 and one in 1943.

Two other reports in the NSA archive may be related:

  NR 2416 CBLM17 5452A 19420529 NRDC PROJECT C-32: AC 

  NR 4674 ZEMA43 21275A 19420131 FINAL REPORT ON 

Brian Durham will get copies of the paper for putting online,
but that may take a while. 

Meanwhile, we would appreciate hearing from anyone who 
has read the papers or may have copies of them to share
for publication.

Related: We have a three-year-old FOIA request to NSA for 
information on:

  The invention, discovery and development of non-secret 
  encryption (NSE) and public key cryptography (PKC) by 
  United Kingdom, United States, or any other nation's 
  intelligence and cryptology agencies, prior to, parallel with, 
  or subsequent to, the PKC work of Diffie-Hellman-Merkle. 

NSA has recently said that some responsive information 
may be released in the near future, although it is not clear if 
that is weeks or months or years away.

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

South African Crypto Regulation

2003-08-21 Thread John Young
We offer a recent South African government statement
on encryption import and export regulation:

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

GSM Crack Paper

2003-09-09 Thread John Young
Instant Ciphertext-Only Cryptanalysis of GSM Encrypted
Communications, by Elad Barkan, Eli Biham, Nathan Keller  (18 Pages, 234KB)

Abstract. In this paper we present a very practical cipher-text only
cryptanalysis of GSM encrypted communications, and various active
attacks on the GSM protocols. These attacks can even break into
GSM networks that use unbreakable ciphers. We describe a
ciphertext-only attack on A5/2 that requires a few dozen milliseconds
of encrypted off-the-air cellular conversation and finds the correct
key in less than a second on a personal computer. We then extend
this attack to a (more complex) ciphertext-only attack on A5/1. We
describe new attacks on the protocols of networks that use A5/1, A5/3,
or even GPRS. These attacks are based on security flaws of the GSM
protocols, and work whenever the mobile phone supports A5/2. We
emphasize that these attacks are on the protocols, and are thus
applicable whenever the cellular phone supports a weak cipher, for
instance they are also applicable using the cryptanalysis of A5/1.
Unlike previous attacks on GSM that require unrealistic information,
like long known plaintext periods, our attacks are very practical and
do not require any knowledge of the content of the conversation.
These attacks allow attackers to tap conversations and decrypt
them either in real-time, or at any later time. We also show active
attacks, such as call hijacking, altering data messages and call

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: End of the line for Ireland's dotcom star

2003-09-23 Thread John Young
Lynn and John Saylior have raised an important point. 

Who at Baltimore, or was once there, is likely to be able to
account for the security of the certs for customers who
still rely upon them? Not somebody to spin a fairy tale, but to 
truthfully explain what Baltimore has done to avoid betraying
the trust of its customers, or handing that trust over to others
who may not have Baltimore's scruples or be bound by its

Not that Baltimore's investors would give a hoot, but
customers might want to know who to challenge about
their private, once secure, data.

This matter is important for it is a bellweather of what's
to come with failure of other trusted parties or who or
bought by less scrupulous if more financially endowed
than always absolutely trustworthy crypto corporations.

The recent stink about betrayal of customer data with 
JetBlue, Acxiom and eBay is timely.

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]