Re: Who needs secure wireless / tappable wireless infrastructure

2003-09-09 Thread John Gilmore
And this says nothing at all about the need for tactical military wiretaps on GSM systems under battlefield conditions when soldiers lives may depend on determining what the enemy is saying over cellphones used to direct attacks against friendly forces. Or when innocent civilians need

Re: Code breakers crack GSM cellphone encryption

2003-09-09 Thread John Gilmore
See their paper at CRYPTO 2003 for more details. I am disappointed that you seem to be criticizing their work before even reading their paper. I encourage you to read the paper -- it really is interesting. OK, then, where is it? I looked on: under Crypto 2003 -- no papers

DirecTV Hacker Is First Person Convicted Under DMCA

2003-09-24 Thread John Gilmore DirecTV Hacker Is First Person Convicted Under Digital Millennium Copyright Act Man Faces 30 Years In Prison, Millions In Fines For Selling Illegal Hardware UPDATED: 1:51 p.m. PDT September 22, 2003 ... Spertus said Whitehead -- also known as

Re: Monoculture / Guild

2003-10-03 Thread John Gilmore
... it does look very much from the outside that there is an informal Cryptographers Guild in place... The Guild, such as it is, is a meritocracy; many previously unknown people have joined it since I started watching it in about 1990. The way to tell who's in the Guild is that they can break

US antispam bill is death to anonymity

2003-11-22 Thread John Gilmore
This bill makes it a crime to use any false or misleading information in a domain name or email account application, and then send an email. That would make a large fraction of hotmail users instant criminals. It also makes it a crime to remove or alter information in message headers in ways that

Re: US antispam bill is death to anonymity

2003-11-24 Thread John Gilmore
No, it only makes it illegal to use false or misleading information to send commercial e-mail. That's a rather important distinction. So, I get non-commercial emails all the time, from topica mailing lists and from people forwarding New York Times articles and such. They come with embedded

Re: Difference between TCPA-Hardware and other forms of trust

2003-12-18 Thread John Gilmore
| means that some entity is supposed to trust the kernel (what else?). If | two entities, who do not completely trust each other, are supposed to both | trust such a kernel, something very very fishy is going on. Why? If I'm going to use a time-shared machine, I have to trust that the OS

The RIAA Succeeds Where the CypherPunks Failed

2003-12-18 Thread John Gilmore
From: [EMAIL PROTECTED] Sent: Wednesday, December 17, 2003 12:29 PM To: [EMAIL PROTECTED] Subject: [NEC] #2.12: The RIAA Succeeds Where the CypherPunks Failed NEC @, a mailing list about Networks, Economics, and Culture Published periodically / #2.12 / December 17, 2003

Re: hiding attestation from the consumer

2003-12-31 Thread John Gilmore
of them actually do require it. John Gilmore - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: digsig - when a MAC or MD is good enough?

2004-01-03 Thread John Gilmore
Sarbanes-Oxley Act in the US. Section 1102 of that act: Whoever corruptly-- (1) alters, destroys, mutilates, or conceals a record, document, or other object, or attempts to do so, with the intent to impair the object's integrity or availability for use in an

Re: Passwords can sit on disk for years

2004-06-09 Thread John Gilmore
Really, a red page needs to be red all the way through all levels of virtualization. Very low level, or even hardware, support might even prove useful - e.g., if for whatever reason the data in the physical page frame needs to be copied (after a soft ECC error?), zero the previous page

Re: A National ID: AAMVA's Unique ID

2004-06-17 Thread John Gilmore
and service. Their mission appears to be to ram their secret policy down our throats. Their service is to take our tax money, use it to label all of us like cattle with ear-tags, and deny us our constitutional right to travel unless we submit to being tagged. We protest. Do you? John Gilmore

Re: EZ Pass and the fast lane ....

2004-07-09 Thread John Gilmore
It would be relatively easy to catch someone doing this - just cross-correlate with other information (address of home and work) and then photograph the car at the on-ramp. Am I missing something? It seems to me that EZ Pass spoofing should become as popular as cellphone cloning, until they

Re: EZ Pass and the fast lane ....

2004-07-09 Thread John Gilmore
[By the way, [EMAIL PROTECTED] is being left out of this conversation, by his own configuration, because his site censors all emails from me. --gnu] Well, I am presuming that ... the EZ Pass does have an account number, right? And then, the car does have a licence place? So, just correlate

Re: Linux-based wireless mesh suite adds crypto engine support

2004-10-04 Thread John Gilmore
- sufficient documentation and really transparent provable details so that users could trust and verify that the hardware and software were doing what they claimed to be doing and weren't doing anything evil that they didn't admit to, such as including backdoors or bad random number

Interesting report on Dutch non-use of traffic data

2004-10-06 Thread John Gilmore
From EDRI-gram via Wendy Seltzer: 4. Dutch police report: traffic data seldom essential Telephone traffic data are only necessary to solve crimes in a minority of police

Re: MCI set to offer secure two-way messaging with strong encryption

2004-10-28 Thread John Gilmore
MCI Inc. will offer secure two-way messaging through its SkyTel Communications subsidiary next month, encrypting wireless text with the Advanced Encryption Algorithm. Note that they don't say it's end to end encryption: Messages are encrypted between the device and an encryption server at

Re: Gov't Orders Air Passenger Data for Test

2004-11-22 Thread John Gilmore
... they can't really test how effective the system is ... Effective at what? Preventing people from traveling? The whole exercise ignores the question of whether the Executive Branch has the power to make a list of citizens (or lawfully admitted non-citizens) and refuse those people their

Network World: NIST dubious about 802.11 TKIP; wants AES

2005-01-26 Thread John Gilmore
NIST mulls new WLAN security guidelines By Ellen Messmer The National Institute of Standards and Technology, the federal agency responsible for defining security standards and practices for the government, plans to issue new guidelines pertaining to wireless LANs in the near future. The

SSL Cert prices ($10 to $1500, you choose!)

2005-03-05 Thread John Gilmore
For the privilege of being able to communicate securely using SSL and a popular web browser, you can pay anything from $10 to $1500. Clif Cox researched cert prices from various vendors: John

DOT neg rulemaking re ID standardization (call for membership of advisory committee)

2005-03-25 Thread John Gilmore
[Here's where an unconstitutional National ID will get created by the back door. Do we have anybody in this community who cares? I can't participate, because I can't travel to Washington for meetings, because I don't have the proper ID documents. I note that they did not think to include a

DRM comes to digital cameras: Lexar LockTight

2005-05-20 Thread John Gilmore
Lexar Media has come up with a Compact Flash card that won't actually work until you do a nonstandard, proprietary handshake with it. They worked with a couple of camera makers (and built their own CF reader and Windows software) to implement it. Amazingly, it doesn't actually store the photos

Export controls kill Virgin SpaceShipTwo

2005-05-20 Thread John Gilmore First crypto, now space travel. The lunatics in Washington are working hard to drive another industry that's critical to US interests overseas. Did they think that after collecting $20M in prepayments from passengers, Sir Richard Branson would

Network World: 10-node Quantum Crypto net under Boston streets

2005-05-20 Thread John Gilmore
NETWORK WORLD NEWSLETTER: OPTICAL NETWORKING 05/04/05 Today's focus: Hooked on photonics By Amy Schurr CAMBRIDGE, MASS. - Chip Elliott is every hacker's worst nightmare. Elliott, principal scientist at BBN Technologies, leads a team building the world's first continuously operating quantum

Export controls: US wants to export-license fundamental research again

2005-05-20 Thread John Gilmore
be considered Chinese under these rules. The racist implications seem to be strongly focused on denying access to high-tech equipment to people of Chinese and Muslim descent when they're studying or working in the United States. John Gilmore Electronic Frontier Foundation Forwarded

Re: Digital signatures have a big problem with meaning

2005-06-03 Thread John Gilmore
That cuts both ways though. Since so many systems *do* screw with data (in insignificant ways, e.g. stripping trailing blanks), anyone who does massage data in such a way that any trivial change will be detected is going to be inundated with false positives. Just ask any OpenPGP implementor

Re: [Clips] Venona Ten Years Later: Lessons for Today

2005-07-22 Thread John Gilmore
, kiddies, and every totalitarian stste tells its citizens how they are the freest country in the world. Get out and compare for yourself! Then tell me what the basic tenets of modern society are. John Gilmore (posting from Greece) PS: Add in a lapdog press too. Try reading the foreign press

Re: Clearing sensitive in-memory data in perl

2005-09-17 Thread John Gilmore
Generally speaking, I think software with a security impact should not be written in C. Hooey. The C language is not the problem. The C library is not the problem. Both of these things were fixed during ANSI standardization, so that standard-conforming programs will not fail runtime checks

Re: [Clips] Contactless payments and the security challenges

2005-09-19 Thread John Gilmore Interesting article, but despite the title, there seems to be no mention of any of the actual security (or privacy) challenges involved in deploying massive RFID payment systems. E.g. I can extract money

Re: Defending users of unprotected login pages with TrustBar

2005-09-20 Thread John Gilmore
Perhaps the idea of automatically redirecting people to alternative pages goes a bit too far: 1. TrustBar will automatically download from our own server, periodically, a list of all of the unprotected login sites, including any alternate protected login pages we are aware of. By default,

Re: An overview of cryptographic protocols to prevent spam

2005-09-26 Thread John Gilmore
moral problems. Interspersed were discussions of various kinds of port blocking. The Internet is too good for people who'd censor other peoples' communications, whether by port number (application) or by IP address (person). It saddens me to see many of my friends among that lot. John

Re: [Clips] Banks Seek Better Online-Security Tools

2005-12-03 Thread John Gilmore many people on this list use or have used online banking? To start the ball rolling, I have not and won't. Dan, that makes two of us. John - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Live Tracking of Mobile Phones Prompts Court Fights on Privacy

2005-12-13 Thread John Gilmore
[See the details at EFF: including the three court orders, and EFF's argument to the first court. The real story is that for years prosecutors have been asking magistrates to issue court orders to track cellphones in real time WITHOUT

NSA director on NSA domestic wiretaps (to Cong in Oct 2002)

2005-12-19 Thread John Gilmore
Paragraph 40, below, is about as bald a statement as an NSA director could make, saying he needs help to decide what he should be allowed to wiretap about US persons. We, the privacy community, did not respond. We were a bit surprised, but that was about the extent of the support we offered. Of

GnuTLS 1.2.10 - Security release

2006-02-10 Thread John Gilmore
From: Simon Josefsson [EMAIL PROTECTED] To: [EMAIL PROTECTED],, OpenPGP: id=B565716F; url= X-Hashcash: 1:21:060209:[EMAIL PROTECTED]::zaOuZtWmJFhp9CnX:7K5h X-Hashcash:

HDCP support in PCs is nonexistent now?

2006-02-14 Thread John Gilmore HDCP is Intel-designed copy prevention that uses strong crypto to encrypt the digital video signal on the cable between your video card (or TV or DVD player) and your monitor. There is no need for it -- you are seeing the signal that

Re: Unforgeable Blinded Credentials

2006-04-05 Thread John Gilmore
I am aware of, Direct Anonymous Attestation proposed for the Trusted Computing group, . DAA provides optionally unlinkable credential showing and relies on blacklisting to counter credential sharing. Hmm, why doesn't this blacklisting get mentioned in

May 24: National Day of Outrage at NSA/Telco surveillance

2006-05-22 Thread John Gilmore
Some alternative media groups have called for a national day of protests against the telcos' latest sleazy activities, including their cooperation in NSA's illegal surveillance of innocent citizens. Events are already scheduled in Boston, Chicago, San Francisco, and NYC.

Hayden's statement from Oct 2002 on liberty and security

2006-05-28 Thread John Gilmore While testifying to a joint hearing of the House and Senate intelligence committees a year after 9/11, Michael Hayden, as NSA Director, testified about NSA's response to 9/11. In closing, he said: 38. When I spoke with our workforce shortly after the

SSL Cert Prices Notes

2006-08-08 Thread John Gilmore
Date: Sun, 6 Aug 2006 23:37:30 -0700 (PDT) From: [EMAIL PROTECTED] Subject: SSL Cert Notes Howdy Hackers, Here is the latest quick update on SSL Certs. It's interesting that generally prices have risen. Though ev1servers are still the best commercial deal out there. The good news is that

National Security Agency ex-classified publication indexes now online

2006-09-28 Thread John Gilmore
[The Memory Hole also publishes an interesting list of FOIA logs, listing who asked NSA for what, across many years. I see a lot of friends in there. -- gnu] HUGE CACHE OF NATIONAL SECURITY AGENCY INDEXES PUBLISHED ONLINE By Michael Ravnitzky ,

Re: TPM disk crypto

2006-10-12 Thread John Gilmore
What we want is that a bank client can prove to the bank it is the real client, and not trojaned. What the evil guys at RIAA want is that their music player can prove it is their real music player, and not hacked by the end user. Having a system that will only boot up in a known state is

Big NSA expansion in Augusta, GA

2006-12-24 Thread John Gilmore This comes from an interesting SIGINT and more blog from the Augusta Metro Spirit, a local weekly newspaper. Excerpts: ... Augusta is about to get a $340-million taste of Sweet Tea. The National Security Agency is building a massive IBM donates new privacy tool to open-source Higgins

2007-01-30 Thread John Gilmore IBM donates new privacy tool to open-source By Joris Evers Staff Writer, CNET Published: January 25, 2007, 9:00 PM PST IBM has developed software designed to let people keep personal

Intel finally plans to add the NSA instruction

2007-02-15 Thread John Gilmore Page 7 of the PDF describes the POPCNT application-targeted accelerator. John PS: They don't give much detail, but they seem to be adding a grep

Man sues Microsoft for snake oil security that lets the FBI in

2007-03-07 Thread John Gilmore
Forwarded-By: Brad Templeton [EMAIL PROTECTED] The plaintiff is suing Microsoft (and already got a settlement from Compaq and Circuit City) because in spite of the security tools they sold him, the FBI forensic lab was

Re: Was a mistake made in the design of AACS?

2007-05-09 Thread John Gilmore
Well, there's an idea: use different physical media formats for entertainment and non-entertainment content (meaning, content created by MPAA members vs. not) and don't sell writable media nor devices capable of writing it for the former, not to the public, keeping very tight controls on the

LA Times: US funds super wiretap system for Mexico

2007-06-09 Thread John Gilmore,0,7011563.story?coll=la-home-center Mexico to boost tapping of phones and e-mail with U.S. aid Calderon is seeking to expand monitoring of drug gangs; Washington also may have access to the data. By Sam Enriquez, Times Staff

NSA solicited illegal Qwest mass wiretaps right after Bush inauguration

2007-10-23 Thread John Gilmore Nacchio affects spy probe His court filings point to government surveillance months before 9/11 By Andy Vuong The Denver Post Article Last Updated: 10/20/2007 11:38:08 PM MDT Extras Previously sealed documents filed by former

Wikileaks: NSA funding of academics

2007-11-21 Thread John Gilmore Grant code 'MDA904' - National Security Agency The NSA has pushed tens or hundreds of millions into the academy through research grants using one particular grant code. ... John

Re: Why doesn't Sun release the crypto module of the OpenSPARC? Crypto export restrictions

2008-06-12 Thread John Gilmore
or Verilog source code that implements crypto under an open source license. And I'd be happy to point them at good lawyers who'd be happy to be paid to render a more definitive opinion. John Gilmore - The Cryptography

WPost: Cybersecurity Will Take A Big Bite of the Budget

2008-07-21 Thread John Gilmore
[News report below.] This highly classified little-publicized multi-billion dollar vague program to secure Federal computers seems doomed to failure. People like you and I, in the unclassified private sector, design and build and program all those computers and networks. But of course we've

Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'

2008-10-24 Thread John Gilmore
[British shoppers were promised high security by switching from credit cards to cards that have a chip in them and require that a PIN be entered for each transaction. That was the reason for changing everything over, at high cost in both money and inconvenience to shops and shoppers. Perhaps

Re: data rape once more, with feeling.

2008-10-27 Thread John Gilmore
Usability research about how to track web users? How Google-like. Can't you just dump a 25-year cookie on them from twelve different directions, and be done with it? Federated Login has been a holy grail in the identity community for a long time. We have known how to do the technical part

Re: Proof of Work - atmospheric carbon

2009-01-26 Thread John Gilmore
If POW tokens do become useful, and especially if they become money, machines will no longer sit idle. Users will expect their computers to be earning them money (assuming the reward is greater than the cost to operate). Computers are already designed to consume much less electricity when

Re: full-disk subversion standards released

2009-01-30 Thread John Gilmore
If it comes from the Trusted Computing Group, you can pretty much assume that it will make your computer *less* trustworthy. Their idea of a trusted computer is one that random unrelated third parties can trust to subvert the will of the computer's owner. John

Re: full-disk subversion standards released

2009-01-31 Thread John Gilmore To: Jerrold Leichter cc:, gnu Subject: Re: Difference between TCPA-Hardware and other forms of trust In-reply-to: pine.gso.4.58.0312151831570.3...@frame Date: Tue, 16 Dec 2003 13:53:24 -0800 From: John Gilmore | means

Re: Activation protocol for car-stopping devices

2009-03-03 Thread John Gilmore
* Is there any standard cryptographic hash function with an output of about 64 bits? It's OK for our scenario if finding a preimage for a particular signature takes 5 days. Not if it takes 5 minutes. This is a protocol designed for nasty guys who want to steal your car, which would

Re: Judge orders defendant to decrypt PGP-protected laptop

2009-03-03 Thread John Gilmore
I would not read too much into this ruling -- I think that this is a special situation, and does not address the more important general issue. In other cases, where alternative evidence is not available to the government, and where government agents have not already had a look at the

Chinese hackers break iTunes gift certificate algorithm

2009-04-30 Thread John Gilmore Chinese hackers crack iTunes Store gift codes, sell certificates By Charles Starrett Senior Editor, iLounge Published: Tuesday, March 10, 2009 A group of Chinese hackers has

Re: consulting question.... (DRM)

2009-05-26 Thread John Gilmore
It's a little hard to help without knowing more about the situation. I.e. is this a software company? Hardware? Music? Movies? Documents? E-Books? Is it trying to prevent access to something, or the copying of something? What's the something? What's the threat model? Why is the company

Re: consulting question.... (DRM)

2009-05-29 Thread John Gilmore
that. John Gilmore PS: Our trade-show giveaway button one year was License Managers Suck; it was very popular. PPS: On a consulting job one time, I helped my customer patch out the license check for some expensive Unix circuit simulation software they were running. They had bought

Re: Fast MAC algorithms?

2009-07-24 Thread John Gilmore
2) If you throw TCP processing in there, unless you are consistantly going to have packets on the order of at least 1000 bytes, your crypto algorithm is almost _irrelevant_. This is my experience, too. And I would add and lots of packets. The only crypto overhead that really mattered in a

Re: The latest Flash vulnerability and monoculture

2009-07-27 Thread John Gilmore
While I agree with the sentiment and the theory, I'm not sure that it really works that way. How many actual implementations of typical protocols are there? For Adobe Flash, there are three separate implementations -- Adobe's proprietary one, GNU Gnash, and Swfdec. Gnash is focused on

2 serving time in UK prisons for refusing to decrypt on demand

2009-08-18 Thread John Gilmore
[But we don't know who they are! --gnu] Two convicted for refusal to decrypt data Up to five years in jail after landmark prosecutions By Chris Williams Posted in Policing, 11th August 2009 13:17 GMT Two people have been successfully

Re: Certainty

2009-08-21 Thread John Gilmore
: John To:, Subject: SHA1 is broken; be sure to parameterize your hash function Date: Sat, 23 Apr 2005 15:21:07 -0700 From: John Gilmore It's interesting watching git evolve. I have one

EFF Warns Texas Instruments to Stop Harassing Calculator Hobbyists (for cracking public keys)

2009-10-14 Thread John Gilmore
FYI. As I understand it, TI calculator boot ROMs use a 512 bit RSA public key to check the signature of the software they're loading. When hobbyists who wanted to run their own alternative OS software on their calculator calculated the corresponding private key and were thus able to sign their

Re: Possibly questionable security decisions in DNS root management

2009-10-20 Thread John Gilmore
designed 25 years ago would not scale to today's load. There was a crucial design mistake: DNS packets were limited to 512 bytes. As a result, there are 10s or 100s of millions of machines that read *only* 512 bytes. Yes, that was stupid, but it was done very early in the evolution of

Re: Possibly questionable security decisions in DNS root management

2009-10-20 Thread John Gilmore
ts a fun story, but... RFC 4034 says RSA/SHA1 is mandatory and DSA is optional. I was looking at RFC 2536 from March 1999, which says Implementation of DSA is mandatory for DNS security. (Page 2.) I guess by March 2005 (RFC 4034), something closer to sanity had prevailed.

Re: What if you had a very good patent lawyer...

2010-07-23 Thread John Gilmore
It's pretty outrageous that anyone would try to patent rolling barcoded dice to generate random numbers. I've been generating random strings from dice for years. I find that gamers' 20-sided dice are great; each roll gives you a hex digit, and anytime you roll a 17 thru 20, you just roll again.

Re: lawful eavesdropping by governments - on you, via Google

2010-08-03 Thread John Gilmore
There is no guarantee, once an eavesdropping system is implemented, that it will be used only for legitimate purposes -- see, for example, the scandal in which Greek government ministers were listened to using the lawful intercept features of cellphone equipment. And, by the way, what ever

Re: non 2048-bit keys

2010-08-15 Thread John Gilmore
... 2048-bit keys performing at 1/9th of 1024-bit. My own internal benchmarks have been closer to 1/7th to 1/8th. Either way, that's back in line with the above stated 90-95% overhead. Meaning, in Dan's words 2048 ain't happening. Can I abuse a phrase and

Re: 2048-bit RSA keys

2010-08-18 Thread John Gilmore
It's worth a quote from the paper at CRYPTO '10 on factorization of a 768-bit number: A good paper by top academics. Another conclusion from our work is that we can confidently say that if we restrict ourselves to an open community, academic effort such as ours and unless something

Re: Something you have, something else you have, and, uh, something else you have

2010-09-27 Thread John Gilmore
I don't know how NZ banks do it; in the US, they use the phone number you're calling from. Yes, it's spoofable, but most folks (a) don't know it, and (b) don't know how. No, they don't use the phone number to validate anything. I routinely ignore the instructions to call from your home

Re: Computer health certificate plan: Charney of DoJ/MS

2010-10-07 Thread John Gilmore
software for any Apple platform except the Mac is already like that. John Gilmore - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to

[Cryptography] Snowden fabricated digital keys to get access to NSA servers?

2013-06-28 Thread John Gilmore The Daily Beast Greenwald: Snowden's Files Are Out There if 'Anything Happens' to Him by Eli Lake Jun 25, 2013 1:36 PM EDT Snowden has shared encoded copies of all the

Re: [Cryptography] IA side subverted by SIGINT side

2013-09-06 Thread John Gilmore
I have a small amount of raised eyebrow because the greatest bulwark we have against the SIGINT capabilities of any intelligence agency are that agency's IA cousins. I don't think that the Suite B curves would have been intentionally weak. That would be a shock. Then be shocked, shocked that

Re: [Cryptography] NSA hates sunshine

2013-09-06 Thread John Gilmore
through no fault of your own. John Gilmore ___ The cryptography mailing list

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-08 Thread John Gilmore
First, DNSSEC does not provide confidentiality. Given that, it's not clear to me why the NSA would try to stop or slow its deployment. DNSSEC authenticates keys that can be used to bootstrap confidentiality. And it does so in a globally distributed, high performance, high reliability

Re: [Cryptography] Points of compromise

2013-09-09 Thread John Gilmore
Phillip Hallam-Baker wrote: 5) Protocol vulnerability that IETF might have fixed but was discouraged from fixing. By the way, it was a very interesting exercise to actually write out on graph paper the bytes that would be sent in a TLS exchange. I did this with Paul Wouters

Re: [Cryptography] Perfection versus Forward Secrecy

2013-09-12 Thread John Gilmore
I wouldn't mind if it had been called Pretty Good Forward Secrecy instead, but it really is a lot better than regular public key. My point was that the name is misleading and causes people to look for more than is there. There doesn't seem to be much downside to just calling it Forward

Re: [Cryptography] Matthew Green on BULLRUN: briefly censored

2013-09-12 Thread John Gilmore Johns Hopkins University censored this exact blog post by Prof. Green, because of a complaint from its local defense contractor affiliated with NSA, the Applied Physics Laboratory

[Cryptography] An NSA mathematician shares his from-the-trenches view of the agency's surveillance activities

2013-09-17 Thread John Gilmore
Forwarded-By: David Farber Forwarded-By: Annie I. Anton Ph.D. NSA cryptanalyst: We, too, are Americans Summary: ZDNet Exclusive: An NSA mathematician shares his from-the-trenches view

[Cryptography] Gilmore response to NSA mathematician's make rules for NSA appeal

2013-09-17 Thread John Gilmore
wiretapped Big Data that led the prosecutors to you. Defending the citizens from the excesses of government isn't their job. Defending their turf, their budget, and their powers is their job. John Gilmore ___ The cryptography mailing list cryptography

Re: [Cryptography] An NSA mathematician shares his from-the-trenches view of the agency's surveillance activities

2013-09-17 Thread John Gilmore
Techdirt takes apart his statement here: NSA Needs To Give Its Rank-and-File New Talking Points Defending Surveillance; The Old

[Cryptography] FISA court releases its Primary Order re telephone metadata

2013-09-17 Thread John Gilmore
The FISA court has a web site (newly, this year): Today they released a Memorandum Opinion and Primary Order in case BR 13-109 (Business Records, 2013, case 109), which lays out the legal reasoning behind ordering several telephone

Re: [Cryptography] RSA equivalent key length/strength

2013-09-28 Thread John Gilmore
And the problem appears to be compounded by dofus legacy implementations that don't support PFS greater than 1024 bits. This comes from a misunderstanding that DH keysizes only need to be half the RSA length. So to go above 1024 bits PFS we have to either 1) Wait for all the servers to

Re: [Cryptography] encoding formats should not be committee'ized

2013-10-01 Thread John Gilmore
Here's a crazy idea: instead of using one of these formats, use a human readable format that can be described by a formal grammar which is hopefully regular, context-free, or context-sensitive in a limited manner If only we could channel the late Jon Postel. Didn't you ever notice how

[Cryptography] System level security in low end environments

2013-10-05 Thread John Gilmore
b. There are low-end environments where performance really does matter. Those often have rather different properties than other environments--for example, RAM or ROM (for program code and S-boxes) may be at a premium. Such environments are getting very rare these days. For example, an

Re: [Cryptography] PGP Key Signing parties

2013-10-10 Thread John Gilmore
Does PGP have any particular support for key signing parties built in or is this just something that has grown up as a practice of use? It's just a practice. I agree that building a small amount of automation for key signing parties would improve the web of trust. I have started on a

Re: [Cryptography] /dev/random is not robust

2013-10-14 Thread John Gilmore I'll be the first to admit that I don't understand this paper. I'm just an engineer, not a mathematician. But it looks to me like the authors are academics, who create an imaginary construction method for a random number generator, then prove that