Re: [cryptography] Key escrow 2012

2012-03-30 Thread Adam Back
As I recall people were calling the PGP ADK feature corporate access to keys, which the worry was, was only policy + config away from government access to keys. I guess the sentiment still stands, and with some justification, people are still worried about law enforcement access mechanisms for

Re: [cryptography] Key escrow 2012

2012-03-30 Thread StealthMonger
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adam Back a...@cypherspace.org writes: Not sure that we lost the crypto wars. US companies export full strength crypto these days, and neither the US nor most other western counties have mandatory GAK. Seems like a win to me :) Nope. If we had

Re: [cryptography] Key escrow 2012

2012-03-30 Thread Nico Williams
On Fri, Mar 30, 2012 at 7:10 AM, StealthMonger stealthmon...@nym.mixmin.net wrote: Adam Back a...@cypherspace.org writes: Not sure that we lost the crypto wars.  US companies export full strength crypto these days, and neither the US nor most other western counties have mandatory GAK.  Seems

Re: [cryptography] Key escrow 2012

2012-03-30 Thread Jeffrey I. Schiller
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nope. If we had won, crypto would be in widespread use today for email. As it is, enough FUD and confusion was sown to avert that outcome. Even on geek mailing lists such as this, signatures are rare. Sorry, I beg to differ. The average folks

[cryptography] Key escrow 2012

2012-03-30 Thread mhey...@gmail.com
On Thu, Mar 29, 2012 at 6:38 PM, Jon Callas j...@callas.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mar 29, 2012, at 2:48 PM, mhey...@gmail.com wrote: On Tue, Mar 27, 2012 at 1:17 PM, Nico Williams n...@cryptonector.com wrote: On Tue, Mar 27, 2012 at 5:18 AM, Darren J

[cryptography] Crypto Fiddling?

2012-03-30 Thread Jeffrey Walton
Hi Guys, I'm aware of two standards where folks fiddled with a scheme and destroyed its security properties: * A5/3 based on Kasumi used in GSM networks * EAX' (EAX Prime) based on EAX mode Are there any other spectacular failures that come to mind? Jeff

Re: [cryptography] Crypto Fiddling?

2012-03-30 Thread Rose, Greg
On 2012 Mar 31, at 11:14 , Jeffrey Walton wrote: I'm aware of two standards where folks fiddled with a scheme and destroyed its security properties: * A5/3 based on Kasumi used in GSM networks * EAX' (EAX Prime) based on EAX mode Are there any other spectacular failures that come to

Re: [cryptography] Key escrow 2012

2012-03-30 Thread ianG
On 31/03/12 03:00 AM, Jeffrey I. Schiller wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nope. If we had won, crypto would be in widespread use today for email. As it is, enough FUD and confusion was sown to avert that outcome. Even on geek mailing lists such as this, signatures are

Re: [cryptography] Key escrow 2012

2012-03-30 Thread Randall Webmail
From: ianG i...@iang.org Sorry, I beg to differ. The average folks in the world today never heard of the crypto war and certainly were not influenced by it. A bit like saying that the average iPhone user never heard of GSM and was certainly not influenced in it :) I have an iPhone. I don't

[cryptography] Detecting Crypto Compromises

2012-03-30 Thread Landon Hurley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Does anyone have any knowledge of academic papers focused on methods of detecting whether a crypto scheme has been compromised in situ or on how to utilize intelligence gleaned from compromised cipher texts without giving away that compromise to the

Re: [cryptography] Crypto Fiddling?

2012-03-30 Thread ianG
On 31/03/12 11:14 AM, Jeffrey Walton wrote: Hi Guys, I'm aware of two standards where folks fiddled with a scheme and destroyed its security properties: * A5/3 based on Kasumi used in GSM networks * EAX' (EAX Prime) based on EAX mode Are there any other spectacular failures that come to mind?

Re: [cryptography] Detecting Crypto Compromises

2012-03-30 Thread ianG
On 31/03/12 13:23 PM, Landon Hurley wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Does anyone have any knowledge of academic papers focused on methods of detecting whether a crypto scheme has been compromised in situ or on how to utilize intelligence gleaned from compromised cipher

Re: [cryptography] Key escrow 2012

2012-03-30 Thread James A. Donald
On 2012-03-31 1:51 AM, Nico Williams wrote: We don't encrypt e-mail for other reasons, namely because key management for e-mail is hard. Key management is hard because it involves a third party, which third party is also the major security hole. We have been doing key management the wrong

Re: [cryptography] Key escrow 2012

2012-03-30 Thread James A. Donald
On 2012-03-30 10:10 PM, StealthMonger wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Adam Backa...@cypherspace.org writes: Not sure that we lost the crypto wars. US companies export full strength crypto these days, and neither the US nor most other western counties have

Re: [cryptography] Detecting Crypto Compromises

2012-03-30 Thread dan
I'm thinking in terms of scenarios like how could the Nazis have methodologically shown Enigma's compromise in a systematic manner; the converse as well though: has there been research into scenarios similar to the Allies and Enigma (i.e. how to not give the game away), or has it all just

Re: [cryptography] Key escrow 2012

2012-03-30 Thread StealthMonger
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James A. Donald jam...@echeque.com writes: On 2012-03-31 1:51 AM, Nico Williams wrote: We don't encrypt e-mail for other reasons, namely because key management for e-mail is hard. Key management is hard because it involves a third party,