Internet traffic is monitored.
Date: Tue, 28 May 1996 10:03:11 -0700 X-Sender: bstout@osc.hidata.com To: Firewalls@GreatCircle.COM, Return requested <firewalls@GreatCircle.COM> From: Bill Stout <bill.stout@hidata.com> Subject: Re: Encryption Technology Sender: firewalls-owner@GreatCircle.COM At 09:05 PM 5/22/96 -0700, Michael Dillon wrote:
... RTFM <SNIP - Other literary content deleted>
On the Encryption note, and I swear not along the lines of the 'DOJ' and 'FBI Snooping' Big-Brother events, I heard another story recently. # begin story A person working on the MBONE project did an unannounced experiment across the internet using Triple-DES for MBONE, and the very next day, 'ATF' agents knocked on his door and warned him against exporting munitions. The experimentor was shaken by the fact that agents approached him so quickly after the experiment. # end story Extrapolations of fact: 1. Internet traffic is monitored. 2. The ability to snoop for encrypted traffic is present 3. The ability to identify encryption levels is present (How else can they differentiate DES-1 from DES-3?) 4. The ability to crack DES-1 in near real-time mode is present. (See above). 5. If above=true, then Feds dropping the Zimmerman PGP case probably also points to it also being crackable in a similar manner. 6. Using encryption only flags traffic for capture and decryption, using strong encryption makes you all that more interesting. Sorry, couldn't resist. I'll try not to start a threads about electro-plasma propulsion craft at Area 51, metallic-ceramic skin and pulse-jets on the Aurora spy plane, heat-imaging video cameras on satellites and planes that can watch you through your houses' roof, etc. :) Bill
-----BEGIN PGP SIGNED MESSAGE----- On Wed, 29 May 1996, Anonymous wrote:
# begin story
A person working on the MBONE project did an unannounced experiment across the internet using Triple-DES for MBONE, and the very next day, 'ATF' agents knocked on his door and warned him against exporting munitions. The experimentor was shaken by the fact that agents approached him so quickly after the experiment.
# end story
Do you have any information to back this up? It sounds like an urban myth. Also, AFAIK the ATF isn't the agency that controls arms exports.
Extrapolations of fact: 1. Internet traffic is monitored.
Maybe. But I doubt that the above story is true.
2. The ability to snoop for encrypted traffic is present
And how exactly is this done? Unless data is tagged with a header, encrypted traffic is indistinguishable from random data.
3. The ability to identify encryption levels is present (How else can they differentiate DES-1 from DES-3?)
Same as above.
4. The ability to crack DES-1 in near real-time mode is present. (See above).
Several years ago, the cost of building a DES cracking machine was $100 million dollars. this value is now much smaller.
5. If above=true, then Feds dropping the Zimmerman PGP case probably also points to it also being crackable in a similar manner.
The Feds dropped the Zimmerman case because there wasn't any evidence to support the accusation that PRZ had exported PGP or broken any laws. Also, if someone was ever tried for ITAR violations, it would most likely be found unconstitutional.
6. Using encryption only flags traffic for capture and decryption, using strong encryption makes you all that more interesting.
This is why there is steganography. - -- Mark =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= markm@voicenet.com | finger -l for PGP key 0xe3bf2169 http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348 ((2b) || !(2b)) | Old key now used only for signatures "The concept of normalcy is just a conspiracy of the majority" -me -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQCVAwUBMayySbZc+sv5siulAQHw5QP7B6FhdMxpQQ/neNJcQnNG0hwu0bsDmmes Is6wC14qkIaKUSF2yak4cQDqwOMBj9O/0l357YDHFSXTsZm9Bq3pBYCDg8Ws55/0 1BUz6WEi+Clf2WQz4i9FVhYESPQ3zIIYTJMjn9H0v3KQqojQTP9Z4zhgFeRjHfjn rBfdvRDwCPw= =Zye2 -----END PGP SIGNATURE-----
"Mark M." writes:
Extrapolations of fact: 1. Internet traffic is monitored.
Maybe. But I doubt that the above story is true.
From what I can tell, the story is pure excrement.
Just to give everyone a reality check here, I routinely use encrypted links across the net, often internationally. A houseguest of mine used 3DES from my apartment to his office in Finland for days. No one has as much as sneezed at any of this. None of it is the least bit unusual or illegal to begin with. Perry
participants (3)
-
Mark M. -
nobody@REPLAY.COM -
Perry E. Metzger