A New Crypto Announcement--Could be Ominous
(My traffic from the Cypherpunks list comes in bursts interspersed by long gaps, so I don't know if this has been reported. It seems significant to me.) A few excerpts: H-P ( Hewlett-Packard Co ) says RSA Data ( Security Dynamics Technologies Inc ) in codes deal PALO ALTO, Calif., Nov 15 (Reuter) - Hewlett-Packard Co. said Security Dynamics Technologies Inc's RSA Data Security Inc electronic encryption company is involved in its planned announcement Monday of new advance in encryption technology. Hewlett-Packard said technology the company's Chairman and Chief Executive Lewis Platt is due to detail at the National Press Club on Monday aims to resolve this roadblock in the use of electronic commerce over the Internet. ^^^^^^^^^^^^^^^^^^^^^^[emphasis added by Tim] Hewlett-Packard officials declined to give precise details, but said the technology has already received backing from the U.S. government and other ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ governments which it did not name, as well as major industry players. Senior executives of Microsoft Corp and Intel Corp are among those scheduled to make presentations on Monday, Hewlett-Packard said, but it declined to identify other companies whose technologies will be involved. ----end of item--- It sounds ominous to me. Another backroom deal, probably for some form of key recovery strategy, aka GAK. --Tim May, awaiting Monday's announcement with trepidation "The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
-----BEGIN PGP SIGNED MESSAGE----- On Fri, 15 Nov 1996 12:49:55 -0800, you wrote: [snip]
----end of item---
It sounds ominous to me. Another backroom deal, probably for some form of key recovery strategy, aka GAK. [snip]
It sure looks like it, the following quotes from CNN's web page: http://www.cnn.com/TECH/9611/15/encryption.reut/index.html make it pretty clear that US government-approved export of strong cryptography is part of the announcement. What else could it be except gak? "If the encryption technology has won the backing of industry and the U.S. and other governments -- which Hewlett-Packard officials say is the case -- the development could eliminate a key obstacle to the growth of electronic commerce via the Internet. " and "The technology will make it possible to export products containing so-called "strong encryption," which have not been exportable under national security laws dating back to the Cold War. " Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBMo3R9N36bir1/qfZAQFGvgMAv274G+Gqaf5RsKkcofh4LJfDjHioKqVU bc+TPQZJSqDRnXbEpdkKlRGznN7+LPCKXyq/tsIT5PpNBJdyLDJJ9pzrwpGIHDCK 6Qiwa4qWEeye9Lj2YTvLLyQNXcDYgMLr =O/qi -----END PGP SIGNATURE-----
What the US government will allow to be exported is not "strong encryption." It is encryption only slightly too strong to be broken by an amateur effort. For the right investment in custom hardware, it falls quickly. (500,000 $US = 3.5 hour avg break). Contrast this to strong cryptography, which if you spent the entire US GDP on cracking hardware, you have a chance of breaking it before the heat death of the universe. (Of course, thats a smaller probability than winning the lottery on a single ticket.) They're not letting out anything that they couldn't break years ago. They're not really improving the competitiveness of American business. They may be allowing change in what will be deployed in the US, but it won't really change becuase of the paperwork requirements. In other words, the surveilance state is still winning, and American business is still losing. Adam | It sure looks like it, the following quotes from CNN's web page: | | http://www.cnn.com/TECH/9611/15/encryption.reut/index.html | "The technology will make it possible to export products containing | so-called "strong encryption," which have not been exportable under | national security laws dating back to the Cold War. " -- "It is seldom that liberty of any kind is lost all at once." -Hume
-----BEGIN PGP SIGNED MESSAGE----- Adam Shostack <adam@homeport.org> writes:
What the US government will allow to be exported is not "strong encryption." It is encryption only slightly too strong to be broken by an amateur effort. For the right investment in custom hardware, it falls quickly. (500,000 $US = 3.5 hour avg break).
<snip>
In other words, the surveilance state is still winning, and American business is still losing.
Umm, I'm not expert, but it seems to me that the proposal removes the "munitions" classification. It seems the USG has removed its defense in court chanllenges to export restrictions. Am I totally off-base here? Jer "standing on top of the world/ never knew how you never could/ never knew why you never could live/ innocent life that everyone did" -Wormhole -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBMo5nCMkz/YzIV3P5AQGV6wMAgvyLL+A+aYqDFJIPoXSA5g9Bl2NHObJs wduNAvsxKSWANYRAOpEm+HKlhVCIHH0ZGQvRTVTrcsLn2AV56HuaR9xOX4dud3kZ F0rYapIKCyfyj7E3RagYGigXcDSXIWe2 =lKg5 -----END PGP SIGNATURE-----
Jeremiah A Blatz wrote: | Adam Shostack <adam@homeport.org> writes: | > What the US government will allow to be exported is not "strong | > encryption." It is encryption only slightly too strong to be broken | > by an amateur effort. For the right investment in custom hardware, it | > falls quickly. (500,000 $US = 3.5 hour avg break). | <snip> | > In other words, the surveilance state is still winning, and | > American business is still losing. | | Umm, I'm not expert, but it seems to me that the proposal removes the | "munitions" classification. It seems the USG has removed its defense | in court chanllenges to export restrictions. Am I totally off-base | here? No, but they were going to lose in court anyway. They're losing in the marketplace, and they throw us a bone. We don't want bones, we want a full lifting of the restrictions. We want to stop wasting time on these silly fights, and start selling things on the net. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Timothy C. May wrote:
(My traffic from the Cypherpunks list comes in bursts interspersed by long gaps, so I don't know if this has been reported. It seems significant to me.) A few excerpts: H-P ( Hewlett-Packard Co ) says RSA Data ( Security Dynamics Technologies Inc ) in codes deal PALO ALTO, Calif., Nov 15 (Reuter) - Hewlett-Packard Co. said Security Dynamics Technologies Inc's RSA Data Security Inc electronic encryption company is involved in its planned announcement Monday of new advance in encryption technology. Hewlett-Packard said technology the company's Chairman and Chief Executive Lewis Platt is due to detail at the National Press Club on Monday aims to resolve this roadblock in the use of electronic commerce over the Internet. ^^^^^^^^^^^^^^^^^^^^^^[emphasis added by Tim] Hewlett-Packard officials declined to give precise details, but said the technology has already received backing from the U.S. government and other ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ governments which it did not name, as well as major industry players. Senior executives of Microsoft Corp and Intel Corp are among those scheduled to make presentations on Monday, Hewlett-Packard said, but it declined to identify other companies whose technologies will be involved. It sounds ominous to me. Another backroom deal, probably for some form of key recovery strategy, aka GAK.
In my dealings with Platt's office, I discovered an interesting thing. His staffers are retired people, who have no mailboxes at HP, and who you reach only through a single individual, kinda like the concept of compartmentalization used in military operations. And believe me, that isn't the only peculiar thing going on there. Let's just say that HP is a shrewd survivor in a sea of nasty predators.
Mark Heaney wrote:
It sounds ominous to me. Another backroom deal, probably for some form of key recovery strategy, aka GAK.
It sure looks like it, the following quotes from CNN's web page: http://www.cnn.com/TECH/9611/15/encryption.reut/index.html make it pretty clear that US government-approved export of strong cryptography is part of the announcement. What else could it be except gak? "If the encryption technology has won the backing of industry and the U.S. and other governments -- which Hewlett-Packard officials say is the case -- the development could eliminate a key obstacle to the growth of electronic commerce via the Internet. " "The technology will make it possible to export products containing so-called "strong encryption," which have not been exportable under national security laws dating back to the Cold War. "
Just a thought: You remember that Uncle Dave (Packard, now deceased) was the assistant Sec. of Defense, etc. Don't think for a minute Lew Platt and his boys don't have this one in the bag. I once asked a couple of their PR engineers (they used to have those) if HP would ever release (for example) the internals of their 1MB1 Capricorn chip, which ran at 0.6 mhz (that's 640 khz!), and their answer as best I remember was words and gestures to the effect of "no f______ way". HP knows what's breakable and what's not, unlike you and me, and you just know they're not going to put anything *really* important out there where Bill and Hillary can get their paws on it. Seems to me it's a matter of who are you gonna line up with when the shit comes down, so to speak.
participants (5)
-
Adam Shostack -
apteryx@super.zippo.com -
Dale Thorn -
Jeremiah A Blatz -
Timothy C. May