From ebrandt at jarthur.Claremont.EDU Sat May 1 00:29:16 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sat, 1 May 93 00:29:16 PDT Subject: validity of the RSA patent In-Reply-To: <9304300628.AA17668@soda.berkeley.edu> Message-ID: <9305010729.AA14153@toad.com> > Consider use of another public key encryption scheme, say LUC encryption. Which, of course, is patent-pending. It appears that we can no more make progress in cryptography in the face of algorithm patents than we could advance mathematics under the burden of theorem licensing. We can't afford to wait until 2001. > Eric Eli ebrandt at jarthur.claremont.edu (LPF member) From uni at acs.bu.edu Sat May 1 01:30:01 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 01:30:01 PDT Subject: Patent Bullshit and Crypto Restrictions. Message-ID: <9305010829.AA99367@acs.bu.edu> Eli, in his infinate wisdom, says: However, I don't see RSA doing a hell of a lot to promote crypto use -- the opposite, in fact. Their software output is hardly impressive for a corporation of a decade's standing. They won't sell me a license -- they'll sell it to Lotus, but I can't see their source code. The government hasn't banned public-key encryption, but it's banned patent-infringing public-key encryption. And for practical purposes, that's the only kind there is. The combined effect of present patent law and RSA's "sue first, write code later" approach has been to stifle the development of cryptography in this country and in the world. Perhaps if encryption algorithms were not encumbered, they would already be in common use, rendering Clipper untenable. If RSA Inc. wishes to sell me a license I shouldn't have to buy, that would be nice. If they wish to show their change of heart in some other way, that would be nice too, as long as it doesn't come with a licensing agreement like RSAREF's. But if they're going to continue to sit on their patents, I'll do without their blessing. Incidentally, I don't think the issue of algorithm patents is as minor as some have portrayed it. It has blocked the use of RSA, after all, giving Clipper a window. Furthermore, there are patents on approximately every other cryptographic technique: PK in general, exponential key exchange, LUC, IDEA, DigiCash, .... Patents may gut cryptology the way they have data compression, to pick one example. This would be a shame. Eli ebrandt at jarthur.claremont.edu I have to agree with much of what Eli says. I have been reluctant to speak out against Tim's words until now because I respected Tim's opinions, and value his judgement. I felt I should "reflect" on the issue a little longer, before coming to any hard and fast conclusions. I thought perhaps time would soften the anger in my heart. I thought wrong. I still respect Tim's approach, but I cannot agree with it. Patents were designed to protect the financial interests of inventors. I respect this. RSA Inc. owns the patent on the engine, fine. They deserve to be rewarded for their work, their interest in developing the method, and their investment. I don't mind paying for the right to use PGP, not in the least. I'd happily compensate both Phil and RSA Inc. and PKP or whoever. IMHO PGP is worth a good $200. I think many share my view, in concept if not in degree. When patents become bullshit is when they serve special interests before they serve economic interests, or the interests of progress. Fine, life isn't fair. If the oil companies own a patent on 200 mile per gallon fuel injectors or whatever, fine. They figure they'll make more dough if they bury the "secret plans" in the darkest corners of their sphincters, fine. That's the law. That's cool. But when those plans get out, and someone starts giving away the injectors for no fee, that's progress. Sure, illegal, but progress none the less. At what point do the interests of the oil companies conflict with the environment as a whole? This is the problem I have with the patents on RSA. No one is even interested in money, like the oil companies were. The goal seems to be to RESTRICT ACCESS TO CRYPTOGRAPHY> DES all over again. Cripple it. Weaken it, can't let the real thing out. That's bullshit. Just as the NSA sought to control NSF and restrict funding, it's backstabbing regulation. Thanks be for Dr. Weingarten, an enlightened enough soul to see through the NSA bullshit and keep cryptography out in the open when they tried to shut it away. I see PKP and RSA Inc. as partners in the whole mess. They sit nice and quiet on their patent, making some vague threats everwhy once in awhile until Clipper comes out, and then they start to threaten people with action. Should I be surprised? After all if RSA gets out in any REAL implementation, Clipper is useless, AT&T (those backstabbing two faced snakes with good PR) gets fucked and Clinton looks like an asshole (ok, more like an asshole) for proposing a plan that would never work because private industry had beat him to it. Sound familiar? Like IBM, lucifer and DES perhaps? Bow down to RSA Inc? Gimme a break. Why should they fight the government, they know their patent will get them some dough. I don't even want to begin with Denning. She's got feet in both worlds. The problem is no one is going to see it until shes buried the knife in the libertarians to the hilt. What sickens me the most is the rhetoric that flys around this dung pile like buzzing flies. Crap like "citizens right to privacy" when used in the same paragraph with "law enforcement requirements" Crap like "stronger than most algorithms now on the market." Crap like "to protect us from drug dealers and terrorists." Crap like "we don't plan to outlaw cryptography" Crap like... well anything AT&T says. It all smells the same to me. The bottom line seems to be if you lay with the whore you have to wake up with the whore. Play RSA Inc., AT&T and Dorthy's game today and... what? The'll pay you back tommorow when you need it? Bullshit. Fine, we may lose the battle because business interests are stronger than an internet mailing list and the american people have an average I.Q. of 80, but at lease >I< will wake up and be able to look in the mirror. Don't sell out cypherpunks, RSA Inc. will stab you in the back as quickly as anyone else. uni (Dark) From tcmay at netcom.com Sat May 1 01:51:23 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 1 May 93 01:51:23 PDT Subject: REALPOLITIK = Choosing Battles Carefully Message-ID: <9305010851.AA14117@netcom.netcom.com> (Cyphergang, this is going to have to be my last post for a while on this thread. The points have been made. Some agree with me, some call me treasonous. I say what I think. -TCM) Hal Finney writes: .....stuff elided.... >First, I don't see that the interests of RSADSI are fully aligned with >ours regarding Clipper. Despite PKP's success in accumulating patents, >Clipper per se does not appear to infringe, being based on a new symmetric >cryptosystem. So they don't have any direct leverage over the use of >Clipper. That's right, they don't. Clipper/Skipjack/Capstone looks to be well-planned move to reassert government control over crypto, with various government modules replacing existing modules (as with the DSS signature standard, which uses the El Gamal algorithm). Whether RSADSI is upset, I don't know. I suspect so. Bidzos was quoted as saying "Clipper is an arrow aimed at the heart of my company." (source: Eric, who saw it in a newspaper) ... >In fact, Clipper in some ways represents a major market opportunity for PKP. >To the extent that the publicity leads to increased sales of encrypting >phones, PKP may benefit from the success of the Clipper. This could be. I don't think enough is known to answer this. I suspect the "end run" theory mentioned above. If Bidzos thought Clipper was a great thing for his company, he wouldn't be busily lobbying to help kill it, nor would he have shown up at ur emergency meeting to tell us what he knew. >(The follow-on Capstone project does appear to pose a greater threat to >PKP, since it will use DSS (for key exchange???).) Capstone is not really a "follow-on," in the sense that it is due to be announced *this month*, if I recall correctly. It's very far along, I believe. More like a "one-two punch." And, yes, it appears to be a major threat to us all. But we'll have to wait and see, I suppose. > >Furthermore, in any future government prohibition on non-Clipper cryptography, >our greatest nightmare, it is plausible that the government would "take care" >of PKP by making sure that they get a nice piece of the pie. I could easily >imagine a situation in which non-Clipper crypto is banned, Clipper is >widely distributed, and PKP is doing very well financially with a slice >of the profits from every sale. I think I mentioned somewhere that I put Bidzos on the spot with what I called "The 64-bit Question": Are you going to cut a deal and sell us out? Bidzos was very sober when he answered this, and said, roughly: "If you mean will I conspire with the government to deny strong crypto to users, no. But if Clipper and Capstone are destined for deployment and they come to us and offer royalties, what choice will we have? We have a duty to our shareholders." And as he was leaving for the day, he leaned in the door to our meeting and said, as if to reiterate the point, "Tim, I won't sell you out." (Please don't use this recollection of what he said for a dissection of what he really meant, what RSA is really doing, etc. I have already said that Bidzos said he knew nothing about the Clipper program until we all did. And so on.) >Even if Jim Bidzos were personally committed to widespread, strong, public >cryptography, and opposed Clipper for fundamental philosophical reasons >(just like us), he would be faced with a conflict of interest. As several This is not clear. Deploying strong crypto could be more lucrative to RSADSI than having the government deploy its own Capstone "CA" (Cryptographic Algorithm, the new acronym du jour) and paying RSADSI some token amount for some small piece of the package. >people have pointed out here, Bidzos has a fiduciary responsibility to >his shareholders to maximize profits for his twin companies. If it comes >down to a choice between opposing Clipper on principle and accepting it >along with guaranteed profits, he may be forced (in the same sense in which >he is forced to send threats to Stanton McCandlish) to back Clipper. > >So, even if Bidzos is personally a nice guy I think we need to remember >that his company may not be a natural ally of ours. I completely agree and nothing I have ever said suggests we place all our faith in his company or any other institution. What I have said--several times, now--is that a frontal attack on the RSA patents, via highly public postings of PGP and a "Fuck you!" approach to talking with patent owners, is not the best strategy at this time. >I like Tim's .sig and all it represents. But frankly, it is hard for me >to square a commitment to radical change with the proposed alliance with >PKP. Part of the trouble is that I still don't understand exactly what >our relationship with RSADSI is proposed to become. But at a minimum it >sounds like we would avoid supporting activities which would infringe >on their patents. There's no proposed alliance being talked about. See previous paragraph. I don't expect anyone to necessarily agree with my politics. > >That means that when we want to start working on some of those things in >Tim's .sig, we are in many cases going to have to get Jim Bidzos's >permission. Can you imagine asking something like this: > >"Dear Jim: We request permission to use the RSA algorithm for an >implementation of digital cash which we will distribute in an underground >way among BBS's all over the world, with the goal being the support of >"information markets, black markets, [and] smashing of governments" >(to quote Tim's excellent .sig). "Please sign on the dotted line >below. Yours truly, an anonymous Cypherpunk." Of course not! Nobody has suggested this. This is a straw man. Being nonconfrontational in some areas (aka "living to fight another day," aka "choosing your battles carefully") doesn't mean any kind of mutual approval pact has been signed. I want strong crypto first and foremost. Then the other stuff can perhaps follow. If crypto privacy is outlawed now, if the War on Drugs and "What have you got to hide?" approaches win out, then all is lost. >How, exactly, are we supposed to progress towards Crypto Anarchy if we >have to be sure not to step on PKP's toes? Do we just not ask him for >permission (in which case we are in PGP's boat)? Do we ask for permission >without revealing the full scope of the project (in which case it may be >rescinded later)? I am not being facetious here. I honestly don't see >how you can carry out Cypherpunk activities with a corporate sponsor. Asked and answered. Let me phrase the issue in slightly different terms. Which of the following strategies do you folks think will best improve the chances that strong crypto remains legal? 1. CONFRONTATION: We fight RSADSI at every step. We engage them in legal battles, we distribute infringing code whenever possible. We get PGP spread to thousands of users, perhaps tens of thousands of users at bootleg, underground sites. (Remember that businesses cannot use PGP without fear of prosecution, fines, whatever...unless the Cypherpunks win their lawsuit against RSADSI, sometime around 1997 or so, at the rate these cases move through the courts.) 2. REALPOLITIK: We concentrate instead on spreading strong crypto into as many ecological niches as possible: individuals, corporations, e-mail packages, attorney-client transactions, and so on. We emphasize the legal, constitutional right to communicate messages in the language of our choice (that is, we have no obligation to speak in languages eavesdroppers can more easily understand). To head off government moves to act against PGP and similar systems, the parts of PGP that conflict with RSA's patents are modified, thus becoming legal to use (and Phil even has a chance to make some money, which he sure as hell can't do now). I'll take #2 and worry about digital money and anonymous systems later. Strong crypto is logically prior to everything else. All I've argued is that the "in your face" approach has its limits. Most of the PGP users are, I think we'll all agree, hobbyists and hackers who downloaded it, played with it, learned some crypto from it, exchanged keys, etc. Probably not too many critical uses, YET. But the popularity suggests a hunger for strong crypto. The Clipper/Capstone move indicates the government wants to head this off at the pass. The question is whether the bootleg and infringing PGP (and Phil admits to all this in his docs, obviously) has a better chance of succeeding than a fully legal and already spreading RSA solution? (The issue of PGP's feature set versus that of MailSafe's is secondary to the main issues...between RSAREF, RIPEM, OCE, and other RSA-based systems, the features can be found. I expect a compromise along these lines, mixing parts of PGP with parts of RSAREF, is going to happen.) As for Stanton McLandish's removal of PGP from his site, Eric Hughes and others have explained the legal issues in great detail. Of course, anyone who really wishes to take on the RSA patents in a big way is perfectly free to place PGP on his U.S. site, advertise it heavily in sci.crypt so that RSADSI cannot possibly claim to have missed it, tell Bidzos to get lost when the inevitable "cease and desist" warning arrives, and then follow through with the several-year legal battle that will result. Strong crypto is far more important that this petty issue of patents. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement From uni at acs.bu.edu Sat May 1 03:23:34 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 03:23:34 PDT Subject: Tactics. Message-ID: <9305011023.AA176727@acs.bu.edu> Let me phrase the issue in slightly different terms. Which of the following strategies do you folks think will best improve the chances that strong crypto remains legal? 1. CONFRONTATION: We fight RSADSI at every step. We engage them in legal battles, we distribute infringing code whenever possible. We get PGP spread to thousands of users, perhaps tens of thousands of users at bootleg, underground sites. (Remember that businesses cannot use PGP without fear of prosecution, fines, whatever...unless the Cypherpunks win their lawsuit against RSADSI, sometime around 1997 or so, at the rate these cases move through the courts.) 2. REALPOLITIK: We concentrate instead on spreading strong crypto into as many ecological niches as possible: individuals, corporations, e-mail packages, attorney-client transactions, and so on. We emphasize the legal, constitutional right to communicate messages in the language of our choice (that is, we have no obligation to speak in languages eavesdroppers can more easily understand). To head off government moves to act against PGP and similar systems, the parts of PGP that conflict with RSA's patents are modified, thus becoming legal to use (and Phil even has a chance to make some money, which he sure as hell can't do now). *** So spoke Tim May. I don't see these issues as mutually exclusive. What may be necessary is to seperate the efforts, to bring the PGP operation farther underground. To remove the connection between PGP distrubtuion and the more "Realpolitik" move to keep crypto legal. I admit that some users like Tim, and the more progfessional of us might find this impossible, but for the academics and others who don't have to don a suit and work everyday, underground crypto might be the only real answer. Consider this, no one ever wins when you fight the government at its own game. If they plan to outlaw crypto (a very real possibility in my view, regardless of more realpolitik efforts) all that we have to rely on is the underground channels. It's time (IMHO) to find ways to disguise PGP output in other types of data, pict or whatever. At the same time, it is possible to pursue more overt and legit methods, my fear is these will produce less in terms of real crypto than will the underground movements. *** All I've argued is that the "in your face" approach has its limits. Most of the PGP users are, I think we'll all agree, hobbyists and hackers who downloaded it, played with it, learned some crypto from it, exchanged keys, etc. Probably not too many critical uses, YET. But the popularity suggests a hunger for strong crypto. *** So spoke Tim May. Yes... yes... LEARNED SOME CRYPTO FROM IT. This is the KEY point here. How many people out there joined cypherpunks and became interested in crypto because of PGP? (I'm raising my hand) Sure I was interested and even tinkered with my own code before I knew cypherpunks existed, but it was PGP that did it. Education is the key. I said before, and I will say again: Most people could give a squirt about crypto. 99% of people is my guess. You all saw how pro Clipper most of the newspaper reports were, how willing they were to change phrases like "more secure than many of the algorithms on the market" to "the most secure algorithm to date." A real politik method is limited because most people could give a care about the issue. The people who seem most passionate about it, in my experience are the ones who have played with PGP. I, for one cant seem to get anyone else to care. I've talked to about 15 people outside the internet about Clipper, and most forgot all about it when the next beer came. No one will learn jack from the bullshit crypto that Clipper represents. It will become a transparent process that anyone could care less about with regard to security. Back to the days of the Black Chamber. The Clipper/Capstone move indicates the government wants to head this off at the pass. The question is whether the bootleg and infringing PGP (and Phil admits to all this in his docs, obviously) has a better chance of succeeding than a fully legal and already spreading RSA solution? ^^^ So spoke Tim May. I don't think either will make much difference. Clipper has caught us before the danger has become apparent to most. You really think an RSA solution that is really secure is going to catch, especially if it conflicts with Clipper, if the government has anything to say about it? I've got to be real honest. I'm beginning to be afraid to open my mouth on this subject anymore. Maybe I'm paranoid, but I look at how hard the government is trying to sell Clipper and processes like it and I am stunned. Nothing works this fast. A company like AT&T is NOT about to jump on the bandwagon quickly unless they KNOW something. To me its plain that the intent is to regulate crypto. Before then I plan (hope) that PGP finds its way into MANY hands. That's the only real weapon I see. Consider it a safety net to catch us if Tim's REALPOLITIK fails. I hope it doesn't, Tim, I hope not but I'm going to hope for the best and prepare for the worst. I intend to use strong crypto when I like. uni (Dark) From gg at well.sf.ca.us Sat May 1 03:27:23 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Sat, 1 May 93 03:27:23 PDT Subject: 800 numbers Message-ID: <199305011026.AA07579@well.sf.ca.us> Outdial services: we most certainly will as soon as we install our first digital exchange (Community Dialtone; email me for more if you're interested). Now we've got a bit of a quandary here, what if someone uses it to make bomb threats or such? So I was thinking, save the CDR data on that and make it available under court order? What's the general consensus of opinion here as to our responsibility in these areas? More on outdial services: if you want to set up your own, I can provide a Teltone M-106 adaptor, for which you'll need a 24-volt key system power supply and some 8-pin phone hardware and two lines. Dial in on one, connect, and out on the other. We have a bunch of these in stock right now; I gave some to some friendly folks for setting up a service, but they haven't yet. So maybe giving them away means the price is too low...? Okay, send me $200 for one, or tell me you're definitely committed to using it once you have it. (gg at well.sf.ca.us) -gg .. From gg at well.sf.ca.us Sat May 1 03:42:24 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Sat, 1 May 93 03:42:24 PDT Subject: Tactics. Message-ID: <199305011041.AA08089@well.sf.ca.us> Re confrontation vs realpolitik: in political action there is something called "premature escalation of tactics." That means things like having a sit-in before you've even tried having a petition drive. Once you've escalated it's very very hard to go back to a less intense tactic, because it looks like you're vacking down. So good organisers escalate gradually: letter writing, then petitions, then voter initiatives, then maybe mass rallies, then maybe peaceful civil disobedience, and only if those things fail, then more confrontational tactics. We should take a clear lesson from that. Look at some of the ones who succeeded: Martin Luther King, Cesar Chavez, and so on. Start moderate, get more intense only if moderation fails. >From which: promulgating underground crypto *as a safety measure*, *just in case* is one thing, but doing it to get in RSA's face is way premature. I'd say start by working with RSA to the extent possible, keeping at it until there is success, and then if the govt tries to slam public key, that's the time to break out the insurrectional approach. But not before. The adrenaline rush of a big bad confrontation is a feel-good drug to a lot of people but we have to be *smarter than that.* -gg From uni at acs.bu.edu Sat May 1 03:53:41 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 03:53:41 PDT Subject: Tactics. Message-ID: <9305011053.AA133338@acs.bu.edu> >From which: promulgating underground crypto *as a safety measure*, *just in case* is one thing, but doing it to get in RSA's face is way premature. I'd say start by working with RSA to the extent possible, keeping at it until there is success, and then if the govt tries to slam public key, that's the time to break out the insurrectional approach. But not before. The adrenaline rush of a big bad confrontation is a feel-good drug to a lot of people but we have to be *smarter than that.* -gg *** So spoke gg at well.sf.ca.us I agree.... After reading my message over, I realized that many might see what I said as a call to arms. It is not. Instead I suggest we all stay OUT of RSA's face. But neither in my opinion shall we find outselves unwitting partners with RSA only to find ourselves sold out. uni (Dark) From svp at gtoal.com Sat May 1 05:02:56 1993 From: svp at gtoal.com (Sy Verpunc) Date: Sat, 1 May 93 05:02:56 PDT Subject: Tactics. Message-ID: <9304301204.AA23052@pizzabox.demon.co.uk> From: Shaen Bernhardt To me its plain that the intent is to regulate crypto. Before then I plan (hope) that PGP finds its way into MANY hands. That's the only real weapon I see. Consider it a safety net to catch us if Tim's REALPOLITIK fails. I hope it doesn't, Tim, I hope not but I'm going to hope for the best and prepare for the worst. I intend to use strong crypto when I like. And to think I got flame mail less than two months ago when I said on alt.security.pgp that I was pissed off because someone put my key on a public server... I bet there's a few other people wishing now they hadn't put their keys in an 'arrest me' list... G From x62727g2 at usma8.USMA.EDU Sat May 1 05:41:09 1993 From: x62727g2 at usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sat, 1 May 93 05:41:09 PDT Subject: Crytography Message-ID: <9305011238.AA27003@usma8.usma.edu> I thought this list was supposed to have a lot of technical stuff--something on the order of disseminating new ideas on the cutting edge of crypto-technology. Most everything I see these days seems purely political. If there are problems with RSA v. PGP or the Wiretap Chip (and there definitely are!!!) then we should concentrate on designing our own. We can do things like redesign and code the engine in PGP which is normally handled by the RSA proprietary code and we can work to come up with voice encryption alternatives to the Wiretap chip. In other words, let's start using resources other than talk. Talk is cheap but actions are the catalysts of change. I am interested in working with people (perhaps you) on projects involving crypto, computers, and telecommunications. If any of you are serious enough to do more than talk, perhaps we can organize a team to vigorously pursue these projects. Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From x62727g2 at usma8.USMA.EDU Sat May 1 05:43:11 1993 From: x62727g2 at usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sat, 1 May 93 05:43:11 PDT Subject: *** ACT NOW !!! *** Message-ID: <9305011240.AA27038@usma8.usma.edu> I thought this list was supposed to have a lot of technical stuff--something on the order of disseminating new ideas on the cutting edge of crypto-technology. Most everything I see these days seems purely political. If there are problems with RSA v. PGP or the Wiretap Chip (and there definitely are!!!) then we should concentrate on designing our own. We can do things like redesign and code the engine in PGP which is normally handled by the RSA proprietary code and we can work to come up with voice encryption alternatives to the Wiretap chip. In other words, let's start using resources other than talk. Talk is cheap but actions are the catalysts of change. I am interested in working with people (perhaps you) on projects involving crypto, computers, and telecommunications. If any of you are serious enough to do more than talk, perhaps we can organize a team to vigorously pursue these projects. Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From mnemonic at eff.org Sat May 1 09:08:57 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sat, 1 May 93 09:08:57 PDT Subject: PGP In-Reply-To: <01GXMXWJVE4Y95NBR5@delphi.com> Message-ID: <199305011608.AA04241@eff.org> > I know there is a great deal of > difference between death and software .... I'd say this depends on the software. --Mike Mike Godwin, | Ariel Rose Godwin mnemonic at eff.org| Born 4-15-93 at 4:34 pm in Cambridge (617) 576-4510 | 7 pounds, 1.5 ounces, 19.75 inches long EFF, Cambridge | A new citizen of the Electronic Frontier From 74076.1041 at CompuServe.COM Sat May 1 10:02:47 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Sat, 1 May 93 10:02:47 PDT Subject: PGP on soda.berkely.edu Message-ID: <930501165557_74076.1041_FHD12-1@CompuServe.COM> -----BEGIN PGP SIGNED MESSAGE----- I want to thank Tim for taking the time to help clarify what he had in mind in proposing that we reconsider our support for PGP in the face of PKP's assertion of patent rights: > I completely agree and nothing I have ever said suggests we place all our > faith in his company or any other institution. What I have said--several > times, now--is that a frontal attack on the RSA patents, via highly public > postings of PGP and a "Fuck you!" approach to talking with patent owners, > is not the best strategy at this time. Speaking in generalizations can only go so far. It's more useful to consider specific actions which might be in keeping with this philosophical approach. I don't have many problems with our being civil to RSADSI. We don't need to spit in Bidzos' face whenever we meet him, refuse to shake his hand, whatever. Tact is OK. And the proposal to make a U.S.-legal version of PGP can't hurt anything, either. Moves in this direction have been going on for some time. Several months ago a patch was inserted to make certain data structures be compatible with RSA's PKCS standards, and therefore with RSAREF. This would allow RSAREF to be used if permission were gained to call it at an entry point not on the allowed list. However, this version of PGP would still be incompatible with pre-2.2 versions. To make a fully compatible version of PGP you not only have to call RSAREF at an undocumented entry point, you also have to modify the code slightly. All this has been going on for a few months. Eric Hughes deserves a lot of credit for encouraging progress in this direction, but I think Phil fundamentally agrees as well. One advantage of a U.S.-legal version of PGP is that its very existence would mean that no one HAD to use it. Sending out a PGP signed message would no longer be incriminating, even if you used the older (and presumably faster) version of PGP. There would be no way to tell from external observation which PGP users were using the legal one and which were using the illegal one. They would be functionally equivalent, but the legal one would be slower. (I find this rather amusing, actually, as it just goes to show the illogic of PKP's position.) What are some other issues that might arise in a move away from PGP, and an adoption of a less confrontational attitude towards RSADSI? One is the existance of PGP on the Cypherpunks server. Presumably this could be replaced by the legal version once that becomes available, but in the mean time it might have to disappear. I would oppose removing it unless a legal replacement were ready. Another suggestion that I have heard rumored is that Bidzos might be invited to join the list. I would strongly oppose this. I am also not comfortable with having him be a participant at Cypherpunks meetings but since I don't attend them I don't really have the right to complain. Tim has suggested, if I understand him, that we in some sense work to improve MailSafe and other RSA products. I don't really like the idea of doing unpaid consulting work for a commercial outfit. If I am going to work for free, on my own time, I'd like to see the software made freely available. So any work with RSA should be on freeware products, in my opinion. Improve RSAREF, not MailSafe. Another issue is whether people would be discouraged from discussing infringing projects on the Cypherpunks list or at the meetings. Suppose somebody wants to talk about a socket-based DC net protocol which uses Diffie-Hellman key exchange to initialize a shared PRNG for random bit generation. Oops, DH is a PKP patent. Again, I feel that this kind of project is entirely appropriate for the list and the group. Does this fall into Tim's confrontational category: "distributing infringing code whenever possible"? I'm not sure. (I have to confess, given the 15 hour delay in my message posting the other day (while a short message I dashed off 12 hours later appeared in a few minutes), that I thought perhaps a filter had been installed to prevent PGP-signed messages from appearing. Of course, my message did eventually appear, the delay being just a technical glitch. I assume that no one would support banning PGP-signed messages from appearing on the list.) A really sticky issue is our public attitude towards Bidzos cracking down on unauthorized crypto. What if some lone wolf out there does decide to go to the mat on PGP or some other infringing software? Whose side do we take? (Refusing to take a position is a de facto support of PKP, IMO.) I guess we'd have to hope that this never happens. Gee, it sure seems strange to HOPE that no one ever stands up to PKP. I have to say on this point that I can't accept the idea of Cypherpunks moving into a Sternlight position of support for PKP's crackdowns. I'd be interested in hearing other specific suggestions for changes which might result from Tim's suggestion. This might help focus the discussion better. === To the extent that Tim is proposing that we encourage efforts to make a U.S. legal version of PGP, and even replace the current version of PGP on the Cypherpunks FTP site with the legal version when that becomes available, I have no problem with it. To the extent that he suggests that we be polite and courteous in our public talk about RSADSI, I can accept that as well. But to the extent that anyone is proposing to go beyond this into some of the other areas I listed above (and I have no idea exactly what anyone has in mind specifically), I think the many problems I and others have listed in earlier messages provide strong arguments against such measures. Hal 74076.1041 at compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+KBE6gTA69YIUw3AQE77QQAnbYSx8cqvvraaJGeUXDKJT0mQVv/HbAj r5IehVCB5/fMeZiaY9ERdBOwllgvJiTRzN3tsHJAkd8QTz9Puv5UgVXLbjPWdQvS 5XPYFkH+A4Kaos+Rlwo1ufLQ1S3eFyV35L6e9CptgYqni/QQoZFhU7Wjqlv5QQmH KcE2xEMLMas= =JL8R -----END PGP SIGNATURE----- From 76114.2307 at CompuServe.COM Sat May 1 11:07:22 1993 From: 76114.2307 at CompuServe.COM (William Oldacre) Date: Sat, 1 May 93 11:07:22 PDT Subject: A legal way to use RSA! Message-ID: <930501180040_76114.2307_BHA70-1@CompuServe.COM> To: cypherpunks at toad.com A Legal Way To Use RSA ---------------------- There is a LEGAL way to establish the free use of PGP and the RSA algorithm by anyone who wishes to preserve their constitutional right to privacy. No licensing or fees are involved. The RSA algorithm is not copyrighted software, it's a patented technique (presumably in the form of a mathematical algorithm). Under patent law, it is legal to manufacture anything that someone has patented for your own use. If the item is an improved can opener, for example, then you can make one for yourself directly from the patent office drawings if you like. You cannot offer them for sale. So anyone is free to create a computer program which utilizes the RSA algorithm so long as it's just for them. All mathematical equations, no matter how large and complex, consist of smaller terms or sub calculations. In the instant case of the RSA algorithm, these smaller terms consist of prime numbers, Euler's quotient function, and operations like calculating the greatest common divisor and modular arithmetic. It's all about as patentable as long division. No one could be prevented from using such ordinary mathematics. PGP performs other tasks besides RSA related calculations. It supports IDEA and XXENCODE which are in the public domain. So it's only necessary to rewrite the RSA section to avoid conflict with the patent. This could be accomplished by arranging the section into a few mathematical modules or "building blocks." These could then be rearranged by the user into several different configurations for encryption ------ with only one supporting the actual RSA algorithm. After all, large prime numbers can legitimately be used as keys for almost any encryption technique and the arithmetic operations may be called as subroutines for a variety purposes. By stacking the un patentable "building blocks" into the particular sequence which implements the RSA algorithm, the users would, in essence, be employing their own tools (the computer and it's software) to create a copy of the RSA algorithm for their individual use. Programming skills would not be required since the inexpert user could simply employ a setup program and select from a menu of different encryption modes. Alternatively, a DEBUG script could be circulated separately to appropriately reshuffle the object code. Legal action to prevent such a program from being distributed could be very difficult. What reasonable argument could be set forth against someone using the mathematical functions? Arguing that someone -might- use the program to create RSA would make no more sense than arguing that a drill press -might- be used to make a patented can opener. Besides, if it's legal for someone to make their own can opener, how can it be illegal to sell them the tools and materials to do it with? Providing instructions on how to do it can hardly be attacked because the U.S. Patent Office, itself, publishes the plans (technically, they appear to violate the law whenever they send copies outside U.S. borders). By now, you get the point. There's a well anchored legal loophole in the patent law big enough to sail a ship through. It may render patents of formulae used in computer software worthless (as they ought to be). I sympathize with Public Key Partners. The venture must have looked awfully good on paper, but their position is fundamentally untenable. Sooner or later the subject of their exclusive rights over RSA will reach the courtroom. There is legal precedent for allowing private corporations to market products developed with public funds. However, a case might very well be made that MIT erred in granting an exclusive license. It would be to the greater public good (the underlying principal) to release RSA into the public domain so a range of competing businesses could provide it to the public. Because the right to privacy is involved, rather than valves for a rocket engine, a federal court could take licensing entirely out of Massachusetts' and MIT's hands if any federal funds could be traced to RSA's development. Once in court, it will make the newspapers. A private company profiteering from something the taxpayers paid for ----- denying privacy to the average American with heavy handed tactics. The simple fact is, I don't like it and I have a feeling most people won't like the sound of it. The press, a major user of electronic mail and a jealous guardian of sources, is not likely to take a sympathetic stance. There is a large organized body of opposed computer users poised to launch letter writing campaigns and many congressional "waste slayers" are apt to show real interest in the matter. Foundations which fund lawsuits on freedom issues abound. As courtroom and legislative arguments are raised against the license or patent, what foolish company is going to risk paying the license fee? The RSA license quivers on a bowl of Jello. I know financial misadventure when I see it. I'm glad none of my money is invested in Public Key Partners. Bon Voyage! From markh at wimsey.bc.ca Sat May 1 11:56:15 1993 From: markh at wimsey.bc.ca (Mark C. Henderson) Date: Sat, 1 May 93 11:56:15 PDT Subject: validity of the RSA patent Message-ID: > > Consider use of another public key encryption scheme, say LUC encryption. > > Which, of course, is patent-pending. It appears that we can no more > make progress in cryptography in the face of algorithm patents than > we could advance mathematics under the burden of theorem licensing. > We can't afford to wait until 2001. On the other hand, perhaps the patent holder of LUC would be willing to licence LUC for use in a PGP-like tool (or PGP 3.0) on the same basis IDEA is now licenced to PGP users. (i.e. non-commerical use is OK. Even certain commercial use is OK.) This might solve a lot of our problems. Has anybody asked? I can't be the first person to have considered asking. Mark -- Mark Henderson markh at wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From marc at GZA.COM Sat May 1 12:07:17 1993 From: marc at GZA.COM (Marc Horowitz) Date: Sat, 1 May 93 12:07:17 PDT Subject: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <199304300123.AA27903@bvsd.Co.EDU> Message-ID: <9305011908.AA26541@pad-thai.aktis.com> >> If they are so willing to let us do this, then will they tell us why >> we have to use their code? If they are willing to do it, it shouldn't >> matter what code we use. Wrong. The RSAREF code is *licensed* to you for non-commercial use. They are explicitly not giving it away, or making it "freely available". By allowing you to use it under their license, they are not leaving themselves open to claims of non-enforcement of their patent. If they let you write your own code, then, strictly speaking, you would need a license to use it. Negotiating such a license is expensive and time-consuming. You don't want to do it. If RSA is willing to let you use their code, do so. It's probably the best compromise you're going to get unless you have a lot of money and lawyers to spare. I have the source code, and I can read it. If there are any back doors, I (or someone with more experience) can find them. That's enough security for me. Marc P.S. I don't like software and algorithm patents, and said so to Jim Bidzos's virtual face during the conference last weekend. But the law still stands, and although IMHO it is flawed, it's not inconsistent, so I'll obey it. If the gov't outlaws strong crypto, then they've just done something illegal w.r.t. the Constitution in my mind, and I will feel free to disobey that law, should it come about. In civil disobedience (which is essentally what people are arguing for), you disobey laws you find so immoral or so evil that you cannot conscionably obey them. I don't like the current patent law in this country, but my disagreements are in the details of the law, not in it's very nature. I don't think any of my fundamental rights are being violated, so I'll complain and disagree, but not disobey. From hughes at soda.berkeley.edu Sat May 1 12:54:38 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sat, 1 May 93 12:54:38 PDT Subject: clipper and public key Message-ID: <9305011951.AA27289@soda.berkeley.edu> Tim mentions that the Clipper chip requires public key in order to be useful. This is not quite right. The clipper chip is only a symmetric-keyed block cipher with a peculiar (and condemnable) key setup feature. the chip _per se_ does not involved public key. The problem is that you have to get the same key on both end of the link without transmitting it. There is a "public key" way of doing this: Diffie-Hellman key exchange. That would require licensing from RSADSI. This is not, however, the only way to do this. If you have a symmetric cipher and a secret system key not known to the participants, i.e. embedded in hardware, then you can also transmit a session key simply by encrypting it. Of course if you know the system key then you can read the traffic, LEEF's aside. Such a system master key could fairly easily be discovered, unless it's burned into the chip by the manufacturer and the secret ends there. (Yeah, right) Hence in order for a reasonably (?) secure implementation of a telephone which uses the clipper chip, D-H seems to be necessary. In fact, the AT&T 3600 phone does use D-H for key exchange. Some have asked how come AT&T doesn't get sued by RSADSI. Easy: they're a licensee. In summary: Does clipper require public key? In itself, no. In implementation, likely. Eruc From phr at america.Telebit.COM Sat May 1 14:06:45 1993 From: phr at america.Telebit.COM (Paul Rubin) Date: Sat, 1 May 93 14:06:45 PDT Subject: clipper poll Message-ID: <9305012106.AA01079@america.TELEBIT.COM> Date: Sat, 1 May 93 08:28:04 PDT From: wuthel!brand at drums.reasoning.com (Russell Brand) To: brand at drums.reasoning.com Subject: CLIPPER POLL please propigate this to like minded people I am one of the many concerned computer scientists opposing the `Clipper Chip Initiative' that would waste the better part of eight billion dollars, interfere with individual privacy, promote harassment of individuals, threaten US competiveness and in fact simplify many types of criminal activity. It is important to take this opportunity to show the level of public opposition to this extension of domestic spying and abuse of government funds. Given the congressional vote to allow even more telephone taps WITHOUT warrents earlier this month, this is even a more pressing issue than it would otherwise be. Of course you should show your opposition in other ways as well, but this is a FREE and EZ first step. If you aren't sufficiently familiar with the issues, please feel free to send me email on the topic /Russell Communications Week magazine has a weekly telephone response poll. This week's question is: Do you agree with the Clinton administration's Public Encryption Management directive for communications equipment? Yes: 800-242-CWKY No: 800-242-CWKN Excerpted from `Boston Globe' of April 11, 1993, page 16. New England Votes in Congress Roll Call Report Syndicate WASHINGTON - This is how New England members of Congress were recorded on major roll-call votes last week. ... TO EXPAND FBI PHONE ACCESS: By a vote of 367-6, the House sent the Senate a bill expanding the FBI's power to obtain, without court warrants, telephone records and conversations in investigations of international terrorism and espionage. The bill grants the FBI access in such investigations to information on unlisted numbers that phone companies cannot now divulge. It also enables FBI counterintelligence agents to obtain a broader range of telephone conversations involving suspected terrorists and spies. A yes vote was to pass the bill. .. From 00MYRICHARDS at leo.bsuvc.bsu.edu Sat May 1 14:20:46 1993 From: 00MYRICHARDS at leo.bsuvc.bsu.edu (00MYRICHARDS at leo.bsuvc.bsu.edu) Date: Sat, 1 May 93 14:20:46 PDT Subject: hello Message-ID: <736291213.234107.00MYRICHARDS@bsuvc.bsu.edu> Have I managed to reach you? (If so, please reply.) From warlord at Athena.MIT.EDU Sat May 1 14:23:48 1993 From: warlord at Athena.MIT.EDU (Derek Atkins) Date: Sat, 1 May 93 14:23:48 PDT Subject: A legal way to use RSA! In-Reply-To: <930501180040_76114.2307_BHA70-1@CompuServe.COM> Message-ID: <9305012123.AA17107@podge> > Once in court, it will make the newspapers. A private company > profiteering from something the taxpayers paid for Uhh, I hate to inform you, but this was discussed back in the Congress in the 1960's. It was decided, then, that patents COULD be obtained fromm research done using gov't funding. Therefore, this is nothing new. In fact, I doubt a paper would even touch this "scoop"... As to whether or no I agree with this, well, thats a different topic. (I happen to believe that patents on algorithms are stupid, but that's besides the point). In other words, there was nothing illegal in the RSA patent, even if there was gov't funding.... -derek From mnemonic at eff.org Sat May 1 15:56:46 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sat, 1 May 93 15:56:46 PDT Subject: Crytography In-Reply-To: <9305011238.AA27003@usma8.usma.edu> Message-ID: <199305012255.AA13267@eff.org> Gatlin writes: > In other words, let's start using resources other than talk. Talk is > cheap but actions are the catalysts of change. Talk may also be the catalyst for change. See, e.g., the Federalist Papers and the First Amendment. --Mike From wuthel!noisy at drums.reasoning.com Sat May 1 16:11:37 1993 From: wuthel!noisy at drums.reasoning.com (wuthel!noisy at drums.reasoning.com) Date: Sat, 1 May 93 16:11:37 PDT Subject: Patent fallacies Message-ID: <9305012121.AA07256@wuthel.uucp> There seems to be some misunderstanding of how patent protection works. Page numbers in square brackets are references to _Patent_It_Yourself_ by David Pressman (Nolo Press) 2nd edition. Page numbers in angle brackets are to ``Intellectual Property'' by Miller & Davis (West) 2nd edition. CONTRIBUTOR INFRINGEMENT ``If your claims don't read on the infringnid device, but the infringing device is a specially made compenent tha't nly useful in a machine covered by your patent, the ingringer may be liable under the doctrine of `Contributroy infringment' '' [page 15-9] ``If a person actively encourages another to make, user or sell the inventino without permission, the psers so inducing is liable for INDIRECT infringment. CONTRIBUTORY infringment can be commmitted by know selling or supplying a non-stape item for which the only or predominant use is in connecitno with a patented invention.'' <130> ``Contributory infringement can occur only in connection with a SALE . . . Thus, a contributory infringer can be liable for infringment even though what he has sold is completey i the public domain and has no patent protection itself.'' <131> HOME INFRINGEMENT ``While 'home infrignement' may be difficult to detect, nevertheless it is a form in infringment which is legally actionable and can subject the infringer to paying damages and/or an injunction prohibiting futher infringement '' [page 15-12] ''A patenet ahs the EXCLUSIVE right to MAKE, USE or SELL the invention. 35 SUCA Par 154 <128> .... The owner of a patent ... has the right to exclude all others from using ... it. SELECTIVE ENFORCEMENT IS OK ``. . . a patent owner is not prejudiced by the fact that antoher infringer has prodcuded the item without notice of the paten even though a later second infrigner could legitimately claim that he copies an unmarked product.'' <129> /w From ghoast at gnu.ai.mit.edu Sat May 1 16:48:49 1993 From: ghoast at gnu.ai.mit.edu (ghoast at gnu.ai.mit.edu) Date: Sat, 1 May 93 16:48:49 PDT Subject: OUTDIAL SERVICE Message-ID: <9305012348.AA24681@hal.gnu.ai.mit.edu> I don't know if this is consistant with what everyone here is talking about in regards to "outdialing serivce," but some time ago I heard about a 900 number that a person could call, that would redirect their call so as to avoid being traced, etc. Oddly enough, I think they advertised that all the calls are logged and kept in some vault in another state. I may be confusing something here though. (As if this is the case, they've probably gone out of buisness.) ---- ghoast at gnu.ai.mit.edu ---- From 00MYRICHARDS at leo.bsuvc.bsu.edu Sat May 1 16:49:18 1993 From: 00MYRICHARDS at leo.bsuvc.bsu.edu (00MYRICHARDS at leo.bsuvc.bsu.edu) Date: Sat, 1 May 93 16:49:18 PDT Subject: my last post Message-ID: <736300145.687107.00MYRICHARDS@bsuvc.bsu.edu> Sorry if I'm just wasting bandwidth here. I just asked if I'd gotten through because I couldn't find any reference to this list on the system and I figured the people at Mondo 2000 probably just made it up. I guess not. Cool. I got a message telling me how to subscribe, so I guess I'll talk to y'all later. -SMR From uni at acs.bu.edu Sat May 1 17:17:41 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Sat, 1 May 93 17:17:41 PDT Subject: OUTDIAL SERVICE Message-ID: <9305020017.AA68213@acs.bu.edu> I don't know if this is consistant with what everyone here is talking about in regards to "outdialing serivce," but some time ago I heard about a 900 number that a person could call, that would redirect their call so as to avoid being traced, etc. Oddly enough, I think they advertised that all the calls are logged and kept in some vault in another state. I may be confusing something here though. (As if this is the case, they've probably gone out of buisness.) ---- ghoast at gnu.ai.mit.edu ---- Yeah, I've heard of the system too. They claim they wont let their info out without a court order. I feel that there are a good deal of legal problems with this. It wont take much to get a court order and the ONLY reason worth the 2 bucks or whatever they want to add to what would otherwise be a local call (for caller ID evasion anyhow) would be to avoid legal action of one type or another. I suspect that the calls that go through this system are monitored occasionally too. From 74076.1041 at CompuServe.COM Sat May 1 17:27:10 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Sat, 1 May 93 17:27:10 PDT Subject: Patent fallacies Message-ID: <930502002101_74076.1041_FHD63-1@CompuServe.COM> Another patent misconception, from what I understand, is that an unenforced patent becomes invalid. It is said that PKP is "forced" to go after PGP because if they don't their patent will lose its force. Several days ago Tom Morrow on the Extropians list said that this doctrine applies to trademarks but not to patents. Patents have a fixed 17 year lifetime and failure to enforce against one user does not preclude the patent owner from enforcing against another. The folklore about the loss of intellectual property rights that we are all familiar with (aspirin, zippers, etc.) are all cases of trademark losses. Tom is a law student, not a lawyer; also, I am a few days behind on my Extropians reading so I don't know whether any follow-ups or corrections were posted since his message. But this principle seems to be in accordance with what was posted here about selective enforcement of patents. If this is in fact how patents behave, it is one less justification for PKP's heavy-handed enforcement efforts against PGP. It means that PKP could choose not to enforce against PGP (or any other freeware program) without losing any rights to enforce against others. It would be interesting to hear an authoritative opinion on this from a lawyer. Hal From gnu Sat May 1 18:20:03 1993 From: gnu (John Gilmore) Date: Sat, 1 May 93 18:20:03 PDT Subject: [Gavin Doughtie: Electronic escrow?] Message-ID: <9305020120.AA27878@toad.com> ------- Forwarded Message Date: Wed, 28 Apr 1993 17:56:13 -0700 From: Gavin Doughtie Message-Id: <199304290056.AA26690 at well.sf.ca.us> To: gnu at toad.com Subject: Electronic escrow? How could two paranoid entities make use of digital cash and encryption to sell a chunk of data (letUs say something really valuable like a list of famous women linked to Elvis Presley in 1992) without 1) revealing their identities to each other or 2) involving a third party to act as an RescrowS agent. The paradox IUm thinking about is one where the purchaser of the information doesnUt want the sellerUs digital cash to be worth anything until the data being sold can be provably decrypted, and the seller doesnUt want the info being sold to be decryptable until the cash turns out to be genuine. You're a well-known cryptography person; I'm a struggling writer. If you're not inclined to respond, perhaps you can direct this message to someone who can. Thanks very much! Gavin. ------- End of Forwarded Message From jdblair at nextsrv.cas.muohio.edu Sat May 1 19:15:31 1993 From: jdblair at nextsrv.cas.muohio.edu (John Blair) Date: Sat, 1 May 93 19:15:31 PDT Subject: questions... Message-ID: <9305020221.AA04215@ nextsrv.cas.muohio.EDU > Hello, all. I'm new to this mailing list, but I've been following it for about 1/2 a week now, and I think I've found my niche. However, I've got a few questions that I was wondering if someone could help me with. 1) Is there a suggested, general purpose book on cryptography that would introduce me to the basics, and expand into more of the theory? I'm decent at math, but its definately not me strong point. 2) I've downloaded to source code for Mac PGP from soda.berkeley.edu. Is there an executable version available? I haven't learned C yet, and I don't have easy access to a C compiler, although I'm pretty sure I can take care of it if I have to. Also, on another note. I've noticed the discussion about passing out information at Raves. The idea sounds like a good one, but is IMHO a definite long shot. Most of the ravers that I know a definate math-phobes, and paradoxically practically technophobes. If not technophobes, they would rather not deal with it except for their weekly rush. Still, I like the idea of passing stuff out there. For at least every 50 people who go "huh?" there will be someone who goes "yeah!" and explains it to his friends. I would pass out info here in the Cincinatti area when I go, and at other times I could give the leaflets to a friend who is more of a raver, and just tell him to scatter them about. Someone will read it, and catch on, and that will be worth it. Now, this may sound like a stupid q, but does gzip decompress the ZIP format that you say the info you have is in? In my experience, ZIP has been a DOS compressor, and I am more of a Mac/Unix person. Again, if necessary, I can take care of it. later, john blair. jdblair at nextsrv.cas.muohio.edu data is fluid. will do multimedia for food- contact me. From wcs at anchor.ho.att.com Sat May 1 21:29:15 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Sat, 1 May 93 21:29:15 PDT Subject: TALK, ACTION, CHANGE Re: Cryptography Message-ID: <9305020429.AA22762@anchor.ho.att.com> Anthony Gatlin writes: > > In other words, let's start using resources other than talk. > > Talk is cheap but actions are the catalysts of change. Mike Godwin replies: > Talk may also be the catalyst for change. See, e.g., the Federalist > Papers and the First Amendment. Both of you are, of course, right :-) One of the valuable things about cypherpunks is that there *has* been a fair amount of action, though every once in a while we need to step back and ask "What are we DOING here?". As one of the manifestoes around says, "Cypherpunks write code." PGP has had a remarkable success in getting strong crypto out to thousands of people, increasing the interest in the technical community and reaching out to other communities, and giving us something that, if push comes to shove, we can use to communicate with no chance of government eavesdropping. That's good. When it first came out, I got a copy for just that reason, because strong crypto may later be banned. I've also got RIPEM, which is legally kosher, though it doesn't have the key distribution / certification infrastructure that's been built with PGP. (Yet!) PGP has been a really useful research tool for that. However, for many of us, using PGP for non-research applications, like sending messages to our friends, IS in violation of RSA's patents. Ripping off your allies is a bad policy; better to turn competitors into friends. I don't happen to like algorithm patents, and I especially dislike the overbroad claims made by the collection of patents held by PKP, but R,S,&A, and Diffie and Hellman, HAVE given us some really powerful techniques that we wouldn't have had if they hadn't developed or published. They've been relatively flexible about free licenses, the RSAREF code lets us do real work within a reasonably broad framework, and while they've written some heavy cease-and-desist threats to some of us, they *haven't actually sued any of us, and as far as I can tell they're basically on our side of the people-vs-government-control game. We need to work together with them, though obviously we need to keep trying to convince them to let us do more, either for free or for money; I hope they'll turn around. PGP has certainly been a catalyst for getting them to address our part of the market.... Whenever possible, at least for the next 5-7 years until the patents expire, I'm planning to put up with the limits of their licenses for production code, though research is a different story. Besides, there's a certain amount of hack value in programming with one hand tied behind your back :-) ; we can do just about everything we need using the RSAREF interface, though some applications would be simpler and cleaner without its limitations. One especially nice thing about RSAREF is the ability to use our work internationally. Sure, they're covering their behinds by forbidding export of the RSAREF code, but they haven't told use we can't export code written to use their interfaces, or forbidden us to use RSAREF to communicate across the political borders. Using illegal code like PGP to do so creates too much opportunity for the SS/NSA/etc to bust us, even if RSA hasn't pressed charges. Bill Stewart # Bill Stewart wcs at anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 From 74076.1041 at CompuServe.COM Sat May 1 22:27:08 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Sat, 1 May 93 22:27:08 PDT Subject: Apology and clarification Message-ID: <930502052048_74076.1041_FHD38-1@CompuServe.COM> I want to clear up any misconceptions raised by my message about possible changes in Cypherpunks policies and practices. The various possibilities that I raised, such as forbidding discussion of patent-infringing projects at Cypherpunks meetings, or endorsing future PKP crackdowns on infringers, were completely my own conceptions. They were not meant to represent actual suggestions raised by Tim, Eric, or anyone else. Rather, they were my own extrapolations and extensions of what I viewed as positions being advocated on the list. But I see now that I went too far in drawing these extensions, especially given that the actual statements being made here bore little resemblance to the suggestions I made. The "straw man" positions which resulted were so extreme as to discredit anyone who would favor them. I hope no one will assume from my message that any list member advocates those views. I may have responded with excessive emotion to recent proposals here, coming as they do on the heels of the threat raised by Clipper. I do feel a sense of commitment to the PGP effort despite my current relatively inactive state there. My reaction was perhaps overly defensive. I'll try to keep a clearer head in the future and react only to actual threats rather than imagined ones. Hal From anton at hydra.unm.edu Sun May 2 03:02:18 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Sun, 2 May 93 03:02:18 PDT Subject: Tactics. In-Reply-To: <9304301204.AA23052@pizzabox.demon.co.uk> Message-ID: <9305021001.AA16104@hydra.unm.edu> Hooo boy, just got that new _Wired_ (things get to New Mexico rather behind schedule.) What nut came up with that Cypherpunks article?! The TEXT is good, but god those photos. To people like us they are keen. But what happens when 16 yr. old Jamie's mom sees that? What is she to think of all these subversive longhairs with KKK-reminiscent masks, and one of them flashing a nasty-looking dagger? Like I say, to ME it was ok, but viewed with a conservative outsider's eyes, we look positively dangerous. I can't help but think that that article was a PR/memetic misadventure of a HIGH mag- nitude, and could do quite a bit to hurt our cause. What happens when clipper is big enough news to earn a prime time news slot, and they show excerpts of that photo? It is going to scare the living shit out of most people, and they are immediately going to jump on the clipper band wagon. In my never even remotely humble opinion, that article (or photoshoot, anyway) was a Bad Bad Thing. Not that Stanton "Call my BBS for free PGP" McCandlish is known for PR work, but sheesh... -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From wuthel!brand at drums.reasoning.com Sun May 2 08:13:41 1993 From: wuthel!brand at drums.reasoning.com (Russell Brand) Date: Sun, 2 May 93 08:13:41 PDT Subject: comments solicited Message-ID: <9305021513.AA08322@wuthel.uucp> Why the Clipper Clip is Bad (v1) by Russell Brand wuthel!bj-4 at reasoning.com Copyright (C) 1993 All Rights Reserved Permission is given to freely redistribute this document without modification. The analysis presented has not been endorsed by any third party. It incorporates only UNCLASSIFIED information made by 31 April 1993. On or about 15 April 1993, The US Government has announced a encryption chip set called `Clipper' whose primary stated application is to encrypt VOICE telephone communication in such a way that law officers with a lawful warrant would be able to tap and decode the communication while no other unauthorized person would be able to do so. Law enforcement officials would present their warrant to two `escrow' agencies in order to get a halfs of a special key that they would use with a special device to decrypt the message. The algorithm is to remain classified. The number of objections to this, technical, legal and moral are numerous. First, a secret design is violation of the open design principle and hides from public view future hazards. Further there may be trap doors in the system that allow decryption WITHOUT the warrant or escrow key. Second, all of the agencies that have any experience with managing secrets like the Key Escrow process have declined to become involved or have been disqualified. Considering the value of the escrow data to corporate spies, one must fear corruption including blackmail of a commercial nature. Third, the cryptographic protocol as described is weak in a number of ways such that the escrow keys are seemingly unneeded for decryption by the federal government. This combined with a recent house of representative votes to allow the FBI to among other things conduct phone taps without a warrant when international terrorism is suspected as well as long well documented history of BLANK warrants being signed and issued is rather scary. Fourth, it seems to be a mis-use of government funds to subsidize the development of this chip to the advantage of certain companies over others without so much a public comment period. In addition to the development costs, there are many other large costs including the key escrow agencies themselves. Fifth, it will damage US competitiveness for companies to need to build both the insecure CLIPPER chip for government regulated markets and real protection circuitry for people that care. Sixth, the clipper proposal will not help against organized crime; they are bright enough to buy real encryption devices and certain details of CLIPPER will make it easier for them to accomplish this. Of course wire tapping itself has been shown *NOT* to be cost effective in detecting/preventing/prosecuting crimes. There is no way in the system to mark a `privileged conversation' (for example doctor-patient, lawyer-client' and hence these can and will be captured. Please write to your elected officials, media, etc. to oppose this. From hughes at soda.berkeley.edu Sun May 2 10:40:04 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 10:40:04 PDT Subject: PATENT: A legal way to use RSA! In-Reply-To: <930501180040_76114.2307_BHA70-1@CompuServe.COM> Message-ID: <9305021725.AA21192@soda.berkeley.edu> William Oldacre suggests just letting people roll their own encryption packages. Russell Brand exhibited a few relevant passages of the patent law. Allow me to make the argument clearer. First, patent law covers all use, including personal use. It would be beneficial public policy to allow personal use broadly under statute, but drawing the line between personal use and sole proprietorship is difficult at best. There are many cases where society might wish to distinguish between profit and not-for-profit and personal uses, yet however one looks at this, these can be difficult to distinguish at their margins. When, for example, does a hobby which turns into a money making adventure actually become a business. At the first sale? At the first loss filed on Schedule C? When specifically, might patent licensure invoke? Remember, this has to be a litigable distinction. For many of these reasons, all rights to patents are vested in the patent holder. Second, assume that personal use really was OK. Then some people really could build their own. But you could even then sell kits, because that would be tantamount to the completed object. You could sell all the parts, but you could agglomerate them into a single unit. Big deal, you might say. It is a big deal. Most people, more that 99%, could not assemble a crypto system out of parts. You would make crypto protection available only to the programming elite. This, surely, is not my idea of a worthwhile end goal. Patents are a restriction; they are designed to be a restriction. We can either use them by licensing them or go around them by not using them but rather a substitute. Any other way of dealing with them is not generalizable to the public at large. I am sympathetic to personal and research uses of unlicensed patents, but my goal is the whole world. Eric From hughes at soda.berkeley.edu Sun May 2 10:40:12 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 10:40:12 PDT Subject: MONEY: escrow etc. In-Reply-To: <9305020120.AA27878@toad.com> Message-ID: <9305021704.AA20631@soda.berkeley.edu> The most salient thing for this response that Gavis says is >I'm a struggling writer. There are lots of interesting technical issues here, but I'll confine my comments to the overall situation. [exchange of money for data] >without 1) revealing their >identities to each other or 2) involving a third party to act as an RescrowS >agent. The first thing to realize about electronic money is that there is always a third party involved. Since information does not obey mass conservation such as, say, gold does, you can't have free floating money electronically. The information has to start somewhere and end in the same place. So to say that there is no escrow agent is already stretching the point, since in certain ways the transaction is already mediated. >The paradox IUm thinking about is one where the purchaser of the >information doesnUt want the sellerUs digital cash to be worth anything >until the data being sold can be provably decrypted, "Provably decrypted" is really a useless concept here. Suppose I am selling information. If I want to rip you off, I can send random bits and claim that it is encrypted text. I can also make up random text and encrypt that. In both cases, the bits I have sent you are meaningless. One uses valid encryption, one doesn't. The separating invariant here is meaning, not encryption. >and the seller doesnUt >want the info being sold to be decryptable until the cash turns out to be >genuine. There are protocols which allow for simultaneous disclosure of information, where two parties want to exchange information simultaneously. This is not really the appropriate protocol, since money is not necessarily valid by form alone. But since you have electronic money in the first place, you have an intermediary. There's no reason for this intermediary not to be an escrow agent. In fact, there's really no risk for escrow agents who requires that all bits be encrypted when passing through their machines; there's no knowledge of content and it's just a commercial transaction like any other. As far as anonymity, that's easily solved by mail or packet forwarding services. Eric From hughes at soda.berkeley.edu Sun May 2 10:40:38 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 10:40:38 PDT Subject: patent licensing In-Reply-To: <930502002101_74076.1041_FHD63-1@CompuServe.COM> Message-ID: <9305021631.AA19999@soda.berkeley.edu> >It means that PKP could >choose not to enforce against PGP (or any other freeware program) without >losing any rights to enforce against others. This is correct as stated. I don't think that loss of patent is a motivation, though, for the suppression of PGP. I think it is perceived to cut into licensing revenues. PKP is a partnership of MIT, Stanford, RSADSI, and Cylink. Those first two academic institutions are out to make money, plain and simple, from their patent portfolio. They are large corporations and behave like such. The other two companies are smaller and are more accessible, but also have investors and a default requirement to make money for their shareholders. Any lobbying for better licensing practice needs to extend beyond just Jim Bidzos to the owners of all these companies. I presume that Stanford and MIT both have patent licensing offices, and that each also has a representative assigned to a particular patent account. It would be extremely beneficial to know the names of these people. They may be able to speak publicly where PKP is bound by confidentiality agreements; PKP, remember, is in a subordinate position with respect to its owners. List of principals and investors in RSADSI and Cylink would also be useful. Eric From hughes at soda.berkeley.edu Sun May 2 10:44:29 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 10:44:29 PDT Subject: more ftp usage stats Message-ID: <9305021616.AA19791@soda.berkeley.edu> Edged out by sfraves by less than a megabyte! Eric ----------------------------------------------------------------------------- ---- Percent of ---- Archive Section Files Sent Bytes Sent Files Sent Bytes Sent ------------------------- ---------- ----------- ---------- ---------- pub/sfraves 956 149433794 13.51 28.93 pub/cypherpunks 987 148460361 13.95 28.74 From jcook at pro-storm.metronet.com Sun May 2 12:24:09 1993 From: jcook at pro-storm.metronet.com (Julian Cook) Date: Sun, 2 May 93 12:24:09 PDT Subject: Is Rush Limbaugh giving Clinton sh*t about wiretap chip? Message-ID: WEll i work for a mojor airline and I would be happy to get you his homne mailing address if he has a frequent flyer number. ProLine: jcook at pro-storm Internet: jcook at pro-storm.cts.com UUCP: crash!pro-storm!jcook Bitnet: jcook%pro-storm.cts.com at nosc.mil From jdblair at nextsrv.cas.muohio.edu Sun May 2 12:40:43 1993 From: jdblair at nextsrv.cas.muohio.edu (John Blair) Date: Sun, 2 May 93 12:40:43 PDT Subject: thanks Message-ID: <9305021946.AA05661@ nextsrv.cas.muohio.EDU > Thanks for the quick and multiple responses to my questions. I also grabbed the cryptography FAQ off of sci.cryptography, and it has been helpful. -john. From marc at GZA.COM Sun May 2 13:45:55 1993 From: marc at GZA.COM (Marc Horowitz) Date: Sun, 2 May 93 13:45:55 PDT Subject: Is Rush Limbaugh giving Clinton sh*t about wiretap chip? In-Reply-To: Message-ID: <9305022047.AA16792@pad-thai.aktis.com> >> WEll i work for a mojor airline and I would be happy to get you his homne >> mailing address if he has a frequent flyer number. Excuse me? Are you completely missing the point here? We're fighting for *PRIVACY*. Misusing your position at whatever airline you work for and broadcasting someone's home address over a mailing list of people he's never heard of is completely antithetical to what we are trying to do. Marc From rmashlan at mash.boulder.co.us Sun May 2 13:55:38 1993 From: rmashlan at mash.boulder.co.us (Robert Mashlan) Date: Sun, 2 May 93 13:55:38 PDT Subject: unsubscribe Message-ID: <2be23f5e.mash@mash.boulder.co.us> Please unsubscribe me -- | Robert Mashlan email = rmashlan at mash.boulder.co.us | From simonm at mindvox.phantom.com Sun May 2 16:47:43 1993 From: simonm at mindvox.phantom.com (Simon Moon) Date: Sun, 2 May 93 16:47:43 PDT Subject: Digital Cash Message-ID: Could someone mail or post some (preferably on-line) references to information re digital cash? Thx, I missed the discussion that was posted here. -- Simon (simonm at mindvox.phantom.com) From Asbahr at UH.EDU Sun May 2 17:15:01 1993 From: Asbahr at UH.EDU (Jason Asbahr) Date: Sun, 2 May 93 17:15:01 PDT Subject: Voice Privacy Message-ID: <199305030014.AA22547@Menudo.UH.EDU> Greets, all... I don't remember hearing this exact use of privacy-enhanced voice communication discussed on the list before, but I might not have been paying attention. :-) What do you think about encrypting voice communication in a non-real-time sense? Say I record a message (8-bit CODEC) on my NeXT or on a friend's PC Soundblaster and then encrypt/scramble the file in such a way that the resultant file is still audible. I can then leave that message on the recipient's answering machine or voice mail box for him to later record and decrypt on his computer. This method would make private voice communication more accessable, as it doesn't require real-time levels of performance. Perhaps one of the PGP gurus could advise on how this sort of private communications could be accomplished. If PGP is used as the encryption tool, then making the encrypted file audible is not unlike making an encrypted file "readable" by turning it into mailable ASCII. It is probably important to consider that recording an "audio armored" encrypted voice message to an answering machine or voice mail box will introduce various kinds of distortion. Is anyone experienced with error-correction methods for audio transmissions? Jason Asbahr 116 E. Edgebrook #603 asbahr at uh.edu Houston, Texas 77034 next at tree.egr.uh.edu (NeXTmail) (713) 743-6995 voice asbahr at tree.egr.uh.edu (NeXTmail) UH NeXT Campus Consultant From pleiku!kelly at netcom.com Sun May 2 17:42:56 1993 From: pleiku!kelly at netcom.com (Stop the Big Brother CHip) Date: Sun, 2 May 93 17:42:56 PDT Subject: ANON: hop.mail replacements random number generation in perl Message-ID: <9305030043.AA25635@netcomsv.netcom.com> # Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+RZyvgXinP2G6VzAQGugQP/VEkMHJdZCaJgw6aqIqUscFzqGX+AxNCR 5etQjwPimk+CEc1NPwB9IrgEZOnXFQannqb3T3ISAJdUZLfYkuqowQoz9fBhIT/4 GGpO1SQtDU2aMe9zR6RjdnGBditblURyUsA4Bgco9692BuqWmuvQ8QJ+MFOGJNHl dNBFw7JPXik= =UR/e -----END PGP SIGNATURE----- # From pleiku!kelly at netcom.com Sun May 2 18:04:01 1993 From: pleiku!kelly at netcom.com (Stop the Big Brother CHip) Date: Sun, 2 May 93 18:04:01 PDT Subject: ANON: Stepping up the pace... Message-ID: <9305030104.AA01342@netcomsv.netcom.com> Hi All, With all this excitement about clipper, I am questions about a number of points: * are we losing momentum on the anon-server front * we have just 13 remailers deployed... and from what I am given to understand insufficient traffic on all. * did penet II (with PGP inbound encryption similar to PAX) ever materialize?.(how about it Julf??) * what about John Gilmores suggestion for defensible U.S. Anon-sites. * 2 stage usage of anon-servers. * anonymous cash protocols and digital banks? * support of cypherpunks encrypted remailer blocks by aservers. * is anyone besides me working on supporting aliases for MH, the pgpedit script, and pgp 2.2's multiple recipient feature? * is anyone working on converting MajorDomo to support PGP encryption and PGP 2.2 multiple recipient feature and cypherpunk anonymous encrypted return address blocks. (I have already taken a pass at it and it didnt meet my design goals..i.e. runnable from a shell users .forward file, it requires sendmail.cf mods.) * anonymous posting/mail via open NNTP/SMTP servers and header social engineering. Email or reply to the list... cheers kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly at netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From valerie at valis.biocad.com Sun May 2 18:30:14 1993 From: valerie at valis.biocad.com (Valerie Lambert) Date: Sun, 2 May 93 18:30:14 PDT Subject: [comp.society.privacy fwd] Wiretaps without warrants Message-ID: <9305030115.AA24068@valis.biocad.com> I wasn't sure if I should forward this or not... should I assume that most every cypherpunk with usenet access keeps an eye on comp.society.privacy? I found this article surprising; I wasn't even aware that there was any such bill in Congress. It seems that the FBI is busy chipping away at privacy on many fronts. So, how good is the argument that Clipper keys are held safely in escrow awaiting a warrant, if no warrant is required to gain a legal wiretap? ----- begin forwarded message ----- From: David Brierley Newsgroups: comp.society.privacy Subject: Wiretaps without warrants Path: portal!uunet!computer-privacy-request Date: Wed, 28 Apr 1993 01:54:13 GMT Message-ID: Organization: Division of Academic Computing, Northeastern University, Boston, MA. 02115 USA Sender: comp-privacy at pica.army.mil Approved: comp-privacy at pica.army.mil X-Submissions-To: comp-privacy at pica.army.mil X-Administrivia-To: comp-privacy-request at pica.army.mil X-Computer-Privacy-Digest: Volume 2, Issue 039, Message 1 of 7 Sorry to get this out so late, but better late than never. It is from the Boston Sunday Globe of April 11, 1993, page 16. ------------------------- New England Votes in Congress Roll Call Report Syndicate WASHINGTON - This is how New England members of Congress were recorded on major roll-call votes last week. ... TO EXPAND FBI PHONE ACCESS: By a vote of 367-6, the House sent the Senate a bill expanding the FBI's power to obtain, without court warrants, telephone records and conversations in investigations of international terrorism and espionage. The bill grants the FBI access in such investigations to information on unlisted numbers that phone companies cannot now divulge. It also enables FBI counterintelligence agents to obtain a broader range of telephone conversations involving suspected terrorists and spies. A yes vote was to pass the bill. Connecticut: Voting yes: Kennelly, Gejdenson, Shays, Franks, Johnson. Not voting: DeLauro. Maine: Voting yes: Andrews, Snowe. Massachusetts: Voting yes: Neal, Blute, Frank, Meehan, Torkildsen, Markey, Kennedy, Moakley, Studds. Not voting: Olver. New Hampshire: Voting yes: Swett. Not voting: Zeliff. Rhode Island: Voting yes: Machtley, Reed. Vermont: Not voting: Sanders. ... ----- end forwarded message ----- -- Valerie Lambert * valerie at biocad.com * 415/903-3923 * "The world hates change, yet it is the only thing that has brought progress." --Charles Kettering From svp at gtoal.com Sun May 2 19:49:46 1993 From: svp at gtoal.com (Sy Verpunc) Date: Sun, 2 May 93 19:49:46 PDT Subject: Voice Privacy Message-ID: <9305020210.AA02195@pizzabox.demon.co.uk> From: Jason Asbahr I don't remember hearing this exact use of privacy-enhanced voice communication discussed on the list before, but I might not have been paying attention. :-) I started asking about this recently and discovered that a lot of people are interested in it and some of them are even doing something about it. The most promising group is an Internet Engineering Task Force working on a project called 'nevot' (network voice terminal) - I'll include the readme after this post. It's only drawback is that it doesn't handle completely-software low baud rates that'll work over the internet *on top of* v32bis modems running slip or ppp. I'm working with some folks to hack up a really low bandwidth scheme and when our experiments are successful (if...) we'll feed them back to these folks so that everyone can use it. If anyone here is working on low bandwidth digital voice, there's a mailing list on netphone{-request}@moink.nmsu.edu - its a low-volume list and really only for reporting what people are working on; chatty discussions would probably be better on comp.speech or sci.crypt. Remember that before we get crypto voice, we need non-crypto voice, so there's no real reason to discuss the basics in a crypto group. What do you think about encrypting voice communication in a non-real-time sense? Say I record a message (8-bit CODEC) on my NeXT or on a friend's PC Soundblaster and then encrypt/scramble the file in such a way that the resultant file is still audible. I can then leave that message on the recipient's answering machine or voice mail box for him to later record and decrypt on his computer. This method would make private voice communication more accessable, as it doesn't require real-time levels of performance. This is baically what the multi-media extentions to email are about - check up on MIME if you don't know about it. Email mechanisms are fine - the concept of a 'software answering machine' is seductive, but we don't need anything special when you can say 'mail -voice fred' and pick up a mike and talk into it... Graham. --------------- See also gaia.cs.umass.edu:~ftp/pub/nevot/* NEVOT - A network voice terminal (BETA RELEASE 1.3 03/25/93) (c) Henning Schulzrinne ============================================================= NOTE: The .nevotinit files from versions prior to 1.3 are incompatible with the current command language and should be deleted. DESCRIPTION: The network voice terminal (NEVOT) allows audio-capable workstations to participate in audio conferences across local and wide area networks. Features: - real-time protocols: - NVP (network voice protocol), as used by 'vat' (LBL) and VT (isi) - 'vat' native packet format and session protocol - RTP draft - versions for: - Sun SPARCstation (SunOS 4.1.x and Solaris 5.x) - SGI Indigo (4D Series) and - Personal DECstations [as soon as we can get the DEC audio library to work] - GUIs: - XView - Tk [in progress] - curses - dumb terminal - fully controllable by Tcl-based command language - can serve as gateway for protocol and encoding translation - network transport protocols: - TCP - unicast/multicast UDP - ST-II [currently inoperative] - several independent concurrent conferences, each with different encoding and compression - DES-based voice encryption (U.S. only) - audio encodings: - 64 kb/s (mu-law PCM) - 32 kb/s G.721 ADPCM (Sun only) - 32 kb/s Intel DVI - 24 kb/s G.723 APDCM (Sun only) - 13 kb/s GSM - 4.8 kb/s LPC codec - each site can use different audio encodings - playback and recording of AIFC and .snd audio files - extensive statistics and tracing facilities - arbitrary voice packet length, which may differ for each site - lost packet and silence substitution - setable audio buffer occupancy - configurable adjustment mechanisms for playout delay, VU meter, silence detector and automatic gain control - redefinable session identifier string with variable substitution DOCUMENTATION: A compressed PostScript file describing Nevot is available for anonymous ftp from gaia.cs.umass.edu, as file ~ftp/pub/nevot.ps.Z. INSTALLATION: The sources are available by anonymous ftp from gaia.cs.umass.edu, as file ~ftp/pub/nevot/nevot.tar.Z (compressed tar file). The platform- specific external libraries are contained in the directory pub/nevot/lib.$ARCH. These typically change rarely. ARCH can be either dec, sgi, or sun4. Precompiled binaries are available as well: nevot/bin.$ARCH/nevot.tar.Z For the precompiled binaries, you also need to retrieve the initialization file ~ftp/pub/nevot/nevotinit and rename it to .nevotinit in the directory from which you plan to start Nevot. Unpack the compressed tar files, then execute the shell script compile You may have to adjust parameters within the shell script to your local needs, e.g., the compiler name. You also have to install the tcl library (version 6.7 or later), either the binary version as mentioned above, or from sources to be found in sprite.berkeley.edu:tcl. In order to use the UDP multicast and/or ST-II facilities, you have to install the appropriate kernel modifications. Due to export restrictions, the DES encryption code is available only by e-mail from the author. If you do have the DES code, change the value of the symbol DES in the Makefiles to 1. To enable on-line help for the OpenWindows version, the environment variable HELPPATH should be set to include the source directory where the .info files are located (here, assumed to be /usr/local/nevot/xview): setenv HELPPATH ${HELPPATH}:/usr/local/nevot/xview OPERATION WITH SD: ------------------ sd is a session directory written by Van Jacobson, LBL, available for anonymous ftp at ftp.ee.lbl.gov. The nevot/sd directory contains a replacement for the sd start_audio procedure, which you can insert into your ~/.sd.tcl startup file. Make sure that the directory containing the Nevot binary is in your path. Use at your own risk (i.e., don't blame VJ if it doesn't work...). DIFFICULTIES: ------------- If you experience difficulties, check the problems.tex file in the doc directory. BUG REPORTS: This is a beta release. Please send all bug reports and suggestions to the author at hgschulz at cs.umass.edu. New releases will be announced through the rem-conf mailing list (to join the list, send a request to rem-conf-request at es.net). I would appreciate if you could let me know how you are using the software. [A version for the Personal DECstation and DECstations with the DEC audio hardware is currently under development.] COPYRIGHT: All sources and documentation (except those listed in the acknowledgements or otherwise identified) are (c) Henning Schulzrinne 1992, University of Massachusetts and AT&T Bell Laboratories. Do not redistribute this software, or integrate with other software, without preserving the copyright notice. All changes have to be clearly marked. You may modify the code as long as you provide me with a copy. ACKNOWLEDGEMENTS: The DES encryption module was developed by Steve Kent and John Linn of BBN Communications Corporation, Cambridge, MA and provided by Karen Seo of BBN. The audio library incorporating G.721 and G.723 audio compression was provided by Daniel Steinberg of Sun Microsystems. It may at some point be integrated into the regular Sun OS. The Intel/DVI ADPCM codec was slightly modified from sources by Jack Kansen (CWI) and is copyrighted 1992 by Stichting Mathematisch Centrum, Amsterdam, The Netherlands (used by permission). The ST-II API and kernel support was developed by Charlie Lynn at BBN. The ST-II API (\C{st2_api.h}) is copyrighted (c) 1991 by BBN Systems and Technologies, a division of Bolt Beranek and Newman, Inc. and used by permission. The UDP multicast kernel support was written by Steve Deering, Xerox Parc. Charlie Lynn (BBN) was helpful with some of the fine points of the ST-II API. The Tcl interpreter was developed by John Osterhout, University of California at Berkeley. The sources are copyright University of California and used by permission. Advice on porting \nevot\ to the Silicon Graphics platform and numerous bug fixes were provided by Andrew Cherenson (SGI). Michael Halle (MIT) figured out how to get Xview applications to display fonts at the design sizes. The VU meter is based on discussions with Gints Klimanis (SGI). The audio mixing (mix.c) and checksum code (checksum.c) was taken from the ISI voice terminal (VT), copyright June 1991 by the University of Southern California, by permission. The silence detector and the ST-II code are modified versions of the respective parts of VT. The \vat\ session and audio protocol were implemented based on descriptions provided by Van Jacobsen. The I/O flags interpreter (flags.c) is a modified version of software contributed to Berkeley by Chris Torek. Copyright (c) 1990 by the Regents of the University of California; used by permission. From hughes at soda.berkeley.edu Sun May 2 20:01:43 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 20:01:43 PDT Subject: PATENT: RSADSI filings with the SEC Message-ID: <9305030258.AA22354@soda.berkeley.edu> RSADSI is a closely held California corporation. What filings are they required to make with the SEC for issues, dividends, etc.? Are these filings publicly available? Do they contain names? Perry, I know you're familiar with this; could you comment? Eric From ld231782 at longs.lance.colostate.edu Sun May 2 20:11:52 1993 From: ld231782 at longs.lance.colostate.edu (ld231782 at longs.lance.colostate.edu) Date: Sun, 2 May 93 20:11:52 PDT Subject: government free reign on RSA -- from whence? Message-ID: <9305030311.AA11639@longs.lance.colostate.edu> This is driving me crazy. I have asked many people that refer to the U.S. government's free reign on the use of patents in general and RSA technology in particular. There are a lot of very respectable and reputable specialists on this list and I hope they can answer my question. What *specifically* gives the government the *right* to use patents developed `with public money' without licensing, or the RSA patent in particular (if the two are not the same)? Court precedents? A specific law? `congressional hearings'? A condition of agreement to receive NSF funds? >what< ? This little tidbit of information has gotten tossed around so frequently and haphazardly (a bit like an Urban Legend) and it really deserves some sharp scrutiny, at least a bit more than I have ever seen, I suspect it might have some interesting implications to consider. From mimir at u.washington.edu Sun May 2 20:59:02 1993 From: mimir at u.washington.edu (Al Billings) Date: Sun, 2 May 93 20:59:02 PDT Subject: Interesting mail (fwd) Message-ID: I received this on the Leri list and thought a little amusement might be appreciated here given the current conversations. ---------- Forwarded message ---------- Date: Sat, 01 May 1993 20:57:34 From: David L Racette To: Leri Subject: Interesting mail Opening Statement to the House Subcommittee on Telecommunications and Finance, Washington DC, April 29, 1993 Hello everyone and thanks for inviting me here. My name is Bruce Sterling and I'm a science fiction writer and sometime science journalist. Since writing my nonfiction book HACKER CRACKDOWN: LAW AND DISORDER ON THE ELECTRONIC FRONTIER, I have returned to writing science fiction. And I've returned to that with some relief, frankly, since the world of science fiction is in most ways rather less strange and less bizarre than the contemporary world of telecommunications policy. I hope therefore that you will forgive me if I testify today as a science fiction writer. It's one of the perks of my profesion to write about the future, or attempt to, and I thought you might like to meet someone from the telecommunications future that you are so busy creating. With your kind indulgence for my novelist's whimsy then, the rest of my brief presentation today will be given by a Mr. Bob Smith, with is an NREN network administrator from the year 2015. I present Mr. Smith. "Thank you, Mr. Sterling. It's a remarkable privilege to talk to the legislators who historically created my working environment. As a laborer in the fields of 21st Century cyberspace I of course would have no job without NREN and my wife and small son and I are all properly grateful for your foresight in establishing the Information Superhighway. "Your actions in this regard have affected American society every bit as strongly as did the telegraph, the railroads, the telephone, the highway system, and television. In fact, it's impossible for me to imagine contemporary life in 2015 without the Global Net; living without the Net would be like trying to live without electricity. "However, it's a truism in technological development that no silver lining comes without its cloud. Today I'd like to mention two or three trifling problems that have come up that were not entirely obvious from the perspective of the early 1990s. "First of all, this 'Research and Education' aspect. Since communications *is* power in an Information Society, giving fantastically advanced communications to the Research and Education communities did in fact empower those communities quite drastically by comparison with interest-groups lacking that advantage. Today, one of the most feared political organizations in the world is the multi-national anarchist libertarian group called the Students for an Utterly Free Society. "Of course, there have always been campus radicals, but thanks to their relative lack of financial clout, and lack of even a steady home address, these young fanatics once found it very difficult to organize politically. Therefore, they were easy for the powers-that-be to ignore, except during occasional spasms of violent campus unrest. "Thanks to NREN, however, spasms of student unrest can now spread like lightning across entire continents. Advanced AI translation programs installed on the Net only made matters worse, since in 2015 the global leaders of the student movements are not only extremely radical, but French. "Attempts by campus authorities to control this unrest have failed miserably. In 2015, NREN sites are always the first buildings occupied during a campus strike. Campus chancellors and faculty are themselves so utterly dependent on NREN that they become quite helpless off-line. "A second major problem has been the growth of unlicenced encryption, which has proved quite unstoppable. Today some seventy-five percent of NREN archives are material that no one in authority can read. Countries that attempted to control and monitor network traffic have lost market share and service revenue as data processing simply moves offshore. "The United States has profited by this phenomenon to a great extent as people worldwide have flocked to the relative liberty of our networks. Unfortunately many of these electronic virtual immigrants are not simply dissidents looking for free expression but in fact are organized criminals. "Take for instance a recent FBI raid on an enormous archive of encrypted Iranian files, illicitly stored in an obscure NREN node in North Dakota. Luckily the FBI was able to decrypt these files thanks to an inside informant. Deciphering these archives revealed the following contraband: "Eighty percent graphic image files of attractive young women without veils on, or, in fact, much clothing of any kind. "Fifteen percent digitally stored pirated copies of Western pop music and Western videos, still illegal to possess in Teheran. "And, five percent text files in the Farsi language describing how to guild, deliver and park truck-bombs in major urban areas. "I can't conclude my brief remarks today without a mention of a particularly odd development having to do with *wireless* computer telecommunications. Since it is now possible to transact business entirely in cyberspace, including financial transactions, many information entrepreneurs in 2015 have simply given up any physical home. Basically, they have become stateless people, 21st Century gypsies. "A recent tragic example of this occurred in the small town of North Zulch, Texas. There some rural law enforcement officers apprehended a scruffy vagabond on a motorcycle in a high-speed chase. Unfortunately he was killed. A search of his backpack revealed a device the size of a cigarette pack. In searching the dead man's effects, the police officers, who were not computer literate, accidentally broke the device. This tiny device was actually a privately owned computer bulletin board system with some 15,000 registered users. "Many of the users were wealthy celebrities, and the apparent outlaw biker was actually an extremely popular and nationally known system operator. These 15,000 users were enraged by what they considered the wanton destruction of their electronic community. They pooled their resources and took a terrible vengeance on the small town of North Zulch, which, by contrast, had only 2,000 residents, none of them wealthy or technologically sophisticated. Through a combination of harassing lawsuits and sharp real-estate deals, the vengeful board users bankrupted the town. Eventually the entire township was bulldozed flat and purchased for parkland by the Nature Conservancy. "Thanks in part to the advances that you yourselves set in motion, violent conflicts between virtual and actual communities have become a permanent feature of the cultural landscape in 2015." Thank you for your patience in entertaining my speculations. I'll be happy to take any questions -- though only in my real-life persona. Thank you very much. From 76114.2307 at CompuServe.COM Sun May 2 21:08:40 1993 From: 76114.2307 at CompuServe.COM (William Oldacre) Date: Sun, 2 May 93 21:08:40 PDT Subject: A LEGAL way---maybe! Message-ID: <930503040243_76114.2307_BHA51-1@CompuServe.COM> To: >Internet:cypherpunks at toad.com;>Internet:huges at soda.berkeley.edu; To: >Internet:prz at sage.cgd.ucar.edu One of the first attornys I ever had used to build steam engines as a hobby. He would purchase a kit of basic castings somewhere and then machine them into beautiful working models. Some of the designs were covered by modern patents. That's where I first heard of the "if for private use" principal. It was reaffirmed, some years later, by an attorney working for one of the large law firms next to the U.S. Patent Office. I'd designed several electronic circuits, one of which (the simplest and clearly unpatentable) had appeared on the front cover of Popular Electronics magazine. I was concerned about another which might be patentable. I came away from our discussion with the impression that there was nothing to stop someone who wanted to build a single copy of a patented design for themselves. (I came away from my first attempt at a patent search with a headache.) Yesterday, I was delighted when this small bit of knowledge seemed to have some practical application, i.e. legally bypassing a frivolous patent and putting a good encryption program in the hands of an exposed public. So today I decided to spend some time at the Univ. of Fla. law library to get the actual statute numbers and case law background. (Sigh) I didn't have much luck. Three hours wasn't nearly enough time to research roughly 80 feet of shelf space filled with patent law. But I couldn't confirm what I said yesterday and I'm hoping that I haven't miscontrued something called the "public use doctrine." Tomorrow I'll try to get a legal opinion on the matter. If what I said yesterday turns out to be wrong, there remains an important point to consider. Finding legal ways to sidestep patents is the name of the game. It may even encourage further innovation. What makes patent law such a lucrative field is not the four inches of shelf space devoted to the actual law itself, but weight of the seventy nine feet eight inches of case law next to it. There was a lot of encouraging background there. Something like fifty percent of all patents in litigation are overturned. And misuse is an excellent way to overturn one. Interference is another. CypherPunks has something that Public Key Partners doesn't. An organization of motivated people who can devote hundreds of person hours to putting the RSA patent under a microscope. To pay someone to do that amount of research would cost a fortune. If you put all of the skills each of us has down on paper it would take a sizable corporation to equal it. And, the high speed communications network is already in place. I think it's time the organization was less a shrill chorus of skeptics and more of a cavalry charge. By now, Phil Zimmermann and some others would find us a welcome sight coming over the hill top. If we break the PGP/RSA problem into managable pieces and divide ourselves into working groups something is bound to turn up. And then there is the press. Magazine articles and news releases will get the public and legislators involved. Don't think this won't work. Remember the guy in Colorado three years ago with a perfectly worthless generator that produced more energy than it used? He got the legislature to force the N.B.S. to examine it over their ongoing objection. The arguments I've heard on this newsgroup are sound. You don't like the chill that has come over public cryptography, I don't like it, and the public won't like it either. Forget how the law is written, patent laws have been in a constant state of flux since their inception. Allowing patents on ordinary mathematics was mistake that has to be rectified. To start with, I need something. Does anyone out there have the actual patent numbers for the RSA and DHM (Diffie-Helman-Merkle?) patents so I can order copies? From freedman at helix.com Sun May 2 21:14:50 1993 From: freedman at helix.com (freedman at helix.com) Date: Sun, 2 May 93 21:14:50 PDT Subject: Please unsubscribe me Message-ID: <9305030413.AA26488@netcomsv.netcom.com> Please unsubscribe me. Thanks. From hughes at soda.berkeley.edu Sun May 2 21:54:38 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 21:54:38 PDT Subject: Need some Advice In-Reply-To: <9304290001.AA02691@vax1.cc.uakron.edu> Message-ID: <9305030451.AA00114@soda.berkeley.edu> > I also would like to thank Eric Hughes for replying to my early question >on Q&A a dos database problem. His basic steps solved the problem in less >30 min. By the way the algorithm used very lame. > abs(ascii character - 255) Now that you've figured out how, could you write the method up in more detail? Please include facts like the location of the password inside the database files, the version of Q&A you tested, etc. I'll put it up for ftp when you're done. Share the work so that others can look at it. The password was encrypted on a character-by-character basis? Some people really are foolish, either the ones who wrote the software thinking it was secure, or the ones who pay the ones who wrote the software to recover lost passwords. Any encryption that allows passwords to be recovered should not be called encryption; it should be called snake oil. > I would like a little more info on the debugger method. Got a program? You've got my email address. Eric From hughes at soda.berkeley.edu Sun May 2 22:08:09 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 22:08:09 PDT Subject: PATENT: PKP patent numbers Message-ID: <9305030504.AA01076@soda.berkeley.edu> Eric Townsend extracted some of the text from RFC 1421 (PEM) and sent it to me. Thanks! In it are contained the patent numbers for PKP's patents, which I present below. Note: PKP has since acquired rights to the Schnorr patent; it relates to DSA. Eric ----------------------------------------------------------------------------- Cryptographic Apparatus and Method ("Diffie-Hellman")............................... No. 4,200,770 Public Key Cryptographic Apparatus and Method ("Hellman-Merkle").................... No. 4,218,582 Cryptographic Communications System and Method ("RSA")................................... No. 4,405,829 Exponential Cryptographic Apparatus and Method ("Hellman-Pohlig").................... No. 4,424,414 From nobody at mead.u.washington.edu Sun May 2 22:11:02 1993 From: nobody at mead.u.washington.edu (nobody at mead.u.washington.edu) Date: Sun, 2 May 93 22:11:02 PDT Subject: No Subject Message-ID: <9305030510.AA25448@mead.u.washington.edu> Hey guys, I think someone has been listening: --------------------------------------------------- Communications Daily April 30, 1993, Friday Immunity Needed; MARKEY PANEL SEES DARK SIDE OF ELECTRONIC FRONTIER Legislative intent met reality of technology Thurs. one-on-one before House Telecom Subcommittee. It was no contest: Technology won in seconds, on a knockout. Last year, Congress, concerned about cellular phone users' privacy, passed legislation outlawing scanners that pick up cellular channels, and last week FCC issued rules banning those scanners (CD April 23 p2). At hearing on privacy, computer cracking and related topics, it took San Diego Supercenter Center scientist Tsutomu Shimomura about 2 min. to take new cellular phone out of its box, turn it on and set device to test mode -- thus turning it into scanner that enabled those in House hearing room to hear snatches of live cellular conversations. Shimomura needed congressional immunity to conduct demonstration, which otherwise would have been illegal. FBI special agent was standing by to make sure no other laws were broken, as could have happened in technology demonstration. Event was practical demonstration of what Subcommittee Chmn. Markey (D-Mass.) called "the 'sinister side' to cyberspace." John Gage, dir. of science office of Sun Microsystems, who orchestrated that and other demonstrations that turned Rayburn Bldg. hearing room into media lab with HDTV setup, computers and other devices, held up phone and said that, in effect, legislation passed by Congress "has banned all cellular telephones in the United States." Gage said: "It's not safe to talk on a cellular phone." With right screwdriver and little adaptation, scanning capabilities of cellular phones can be made more impressive, he said. He said that cellular phones are little more than "good radios and terrible computers" that are designed to be scanners, because that's how cellular radios keep users in touch with switches. In moving products quickly to market, cellular manufacturers didn't want to spend money or take time to worry about privacy concerns or consider encryption technology, Gage said. Gage's general theme was that move to digital world posed challenges for policy-makers and for industry. He said KPIX San Francisco planned to store newscasts in computer in digital form for sound and pictures, to be made available over high-speed network in Bay area and over Internet, to be played back via computers whenever anyone called it up. What will that development do to concept of TV stations or networks? "There's no way to stop digital technology." Even as he spoke, Gage's equipment was transmitting images and sound from hearing room to Internet. Gage said export laws prohibit selling abroad of particular encryption computer programs. Yet he showed panel text of computer program pulled off Internet, from Finland, of prohibited source code for Data Encryption Standard (DES) used by U.S. govt. In that case, law wasn't broken because program was imported, not exported. Adding comma to code would route program to Moscow, Gage said, so he didn't add it because there was no immunity. Also set up in room was satellite hookup to Moscow using small earth station made by KGB, which was in contact with Russian satellite. Subcommittee members were impressed and dismayed. Rep. Tauzin (D-La.) asked what Congress could do to keep up with technology. Gage said it should stick to general principles and forget about legislating against specific technologies. He said that one solution for Digital Age was encryption, and that federal govt. should take lead, not by endorsing specific technology such as Clipper Chip (CD April 19 p2) that fits into telephones, fax machines, other devices. In reply to question from Rep. Boucher (D-Va.), Gage said federal govt. should support research on encryption. Following Gage's demonstration, Raymond Kammer, acting dir. of National Institute for Standards & Technology (NIST), defended govt. support for Clipper Chip and for DES standard. He said it would take powerful Cray supercomputer more than 200 years to solve DES key, and more than billion years to crack one Clipper Chip encryption key. Under Administration plan, users would have one key to chip and federal govt. would have other. Kammer endorsed plan as balance between law enforcement needs and privacy concerns. In April 28 letter to Markey in response to April 19 letter from chmn., Kammer said Clipper Chip technology has no "trap door" that could allow govt. to crack encyption code and said code would be offered to experts for evaluation. He wasn't asked for comment on Gage's demonstration. Fordham U. law Prof. Joel Reidenberg called for federal board that would set series of "fair information practices," as well as Data Protection Board for specific information standards. N.J. state investigator John Lucich warned of harm that comes from cracking of private business telephone and voice mail services and said sophistication of law enforcement is increasing. Science fiction author Bruce Sterling, who also wrote nonfiction book on govt. crackdown on computer hackers, testified about future issues. Hearing was first in series on privacy, computer and telecommunications issues. Others will examine automatic number identification, selling of marketing information, related topics. -------------------------------------------------------- CommunicationsWeek April 26, 1993 Encryption Policy Spurs Concern SHARON FISHER WASHINGTON Members of the networking and security community have expressed concern that a new government policy on data encryption may restrict the use of the technology. The White House earlier this month called for the implementation of a special encryption chip that offers a "back door" for decryption by federal law enforcement agencies. The chip uses a secret algorithm called "Skipjack" that prevents users from encoding data in such a way that it cannot be read by law enforcement officials. Under the new policy, electronic keys will be stored in two "escrow" locations for release to law enforcement organizations that have been warranted to wiretap and decrypt voice transmissions. The escrow locations have not been named. The encryption chip was initially called the Clipper chip, but the government has received complaints from Intergraph Corp., which holds a registered trademark on a product called Clipper chip, according to John Droge, vice president of program development for Mykotronx Inc., Torrance, Calif., which developed the chip. "We call it the MYK-78," he said. AT&T has already announced a device based on the chip that attaches to a telephone to let users encrypt telephone calls. The AT&T Telephone Security Device will cost around $1,195 and will be available at the end of the second quarter. In addition, Mykotronx is working on a more complex chip, called the Capstone or MYK-80, that adds a key exchange algorithm, digital signature standard and other technologies to the MYK-78, Droge said. Key exchange lets two devices agree on a common encryption key; digital signature is a way to guarantee the identity of the originator of the message. Industry members expressed concern that the federal government's policy review on encryption, privacy protection and law enforcement could result in further changes or restrictions to communications technology. The review is taking place under a classified Presidential directive that does not publicly state its exact scope or procedure. The review, which will be managed and directed by the National Security Council, calls for an interim report by the end of June and a final report in late August or early September, said Lynn McNulty, associate director for computer security for the National Institute of Standards and Technology, Gaithersburg, Md. Many members of the encryption community are concerned that a policy review might result in restrictions on encryption technology already in use. There are currently no restrictions in the United States on the use of encryption technology. "Why (else) would the government go through all this time and trouble and expense to do this?" said Jim Bidzos, president of RSA Data Security Inc., a Redwood City, Calif., company that licenses encryption and key technology to vendors such as Apple Computer Inc., Lotus Development Corp. and Novell Inc. "I'm not sure anybody has a complaint with the FBI wanting to wiretap with a legitimate court order, but when the FBI says it's so important that we need to force a new communications system on the country, I have a problem with that," Bidzos said. "I am afraid, from the FBI's viewpoint, if this is the solution, how can it work unless you eliminate the other kinds of use?" But McNulty said such an expanded policy was not likely. "Those concerns are not well-founded," he said, though he said the issue probably will be addressed in the policy review. "I don't think in our society that people would accept that restriction on their technology and freedoms. It's absolutely the last recommendation that would be made." ----------------------------------------------------- CommunicationsWeek April 26, 1993 Editor's View; WHAT GOOD IS SECURITY IF IT MAKES US INSECURE? The federal government, under the guise of President Clinton's new Public Encryption Management directive, promises to improve the security and privacy of communications systems. The directive is likely, however, to result in the eventual disappearance of private encryption and the erosion of personal freedom. The directive was announced two weeks ago by the White House and the National Institute of Standards and Technology. It requests suppliers of communications equipment to base encryption on the " Clipper Chip, " a microcircuit developed by the National Security Agency. The Clipper Chip will be manufactured by Mykotronx Inc., a military contractor in Torrance, Calif. An 80-bit, split-key escrowed encryption scheme used to lock and unlock data transmissions will be built into each chip. The encryption scheme will also be kept in a "key-escrow" database monitored by two independent government agencies. Unlike effective public encryption techniques, such as RSA Data Security's triple-Data Encryption Standard (DES), which are available for analysis and testing, the Clipper Chip's key algorithm will not be released to the public. Based on explanations provided in official documents, it seems that the government doesn't care about improving secure communications. Reliable encryption already exists. Indeed, in the view of agencies like the NSA, standards such as DES are too good because they are hard to crack. Clinton's directive has only one real agenda-to make it easier for government agencies to snoop on private communications. Keys will be made available to government agencies who request access in the same manner that Federal judges grant telephone taps. The initiative hides behind the excuse of creating means to monitor "terrorists, drug dealers, and other criminals." This isn't the first time that the government has proposed an authoritarian scheme that goes after a few peoples' crimes while stomping on the majority's civil liberties. Public scrutiny helps to pinpoint weaknesses and allow technical refinement. In this case, we're being asked to trust the government, a notion that rubs most rational people the wrong way. Congress passed the Computer Security Act in 1987 to open the development of non-military computer security standards to public scrutiny to limit-not expand-the NSA's role in their development. The directive makes no mention of a particular communication session's key-escrow. Once your keys have been released, all past and future traffic is open to examination. The administration said it would not prohibit private encryption, "nor is the U.S. saying that every American, as a matter of right, is entitled to an unbreakable commercial encryption product." If the program succeeds, it probably will drive private encryption vendors out of the marketplace. Commercial encryption products already provide excellent network security. Contact the White House and let policy-makers know that we appreciate their concern about crime control, but prefer that the government stay out of the security-control business. Send your reactions to DBUERGER on MCI Mail, DBUERGERCUP.PORTAL.COM on the Internet or by fax, 516-562-5055. ---------------------------------------------------- Network World April 26, 1993 NSA has public-key chip to complement Clipper Chip; Uses same controversial key escrow system. By Ellen Messmer, Senior Correspondent WASHINGTON, D.C. The algorithm developed by the National Security Agency (NSA) for use with the government's newly proposed Clipper Chip private-key encryption system will also show up in Capstone, a chip for public-key encryption, Network World has learned. Like Clipper Chip, Capstone will use a key escrow system that will enable the government to eavesdrop on encrypted information. Vendors of Capstone-based encryption products will have to register decryption keys with a federal agency that other agencies can retrieve through legal means. Although Capstone has not been publicly announced, it is at the heart of the encryption system that is to be used in the upcoming Defense Message System (DMS) (see story, p.1). With the public-key Capstone system, one key is made public, while another is kept secret; the message recipient and sender do not have to exchange keys as they do in private-key systems such as the Data Encryption Standard and Clipper Chip. With Capstone, key management is much simpler. Clipper Chip, for example, enables users to encrypt electronic documents before sending them to the intended recipient, but the recipient must have received the sender's secret key beforehand in order to decrypt the document. In addition, Capstone will provide the electronic digital signature for "signing" documents electronically, something private-key systems cannot do. Mykotronx, Inc., the Torrance, Calif., firm that designed Clipper Chip, is also supplying the Capstone chipset. John Droge, vice president of marketing at Mykotronx, an authorized NSA Communications Security vendor, said the firm has already shipped 10,000 Capstone and 20,000 Clipper Chip chipsets. The NSA intends to equip military users of the DMS with cryptocards -- dubbed Tessera cards -- containing the Capstone chips so users can enter and activate the public-key encryption and signing features. The Tessera cards are based on the new industry standard PCMCIA, named after the Personal Computer Memory Card International Association, which created the standard. Mykotronx is currently the sole Tessera card supplier. Last week, the NSA acknowledged that the private-key algorithm to be used with Capstone in the DMS is the same as that used in Clipper Chip. "The [DMS] Type 2 algorithm is the same as the Clipper Chip announced by the Clinton administration," said John Nagengast, chief of strategic systems at the NSA, speaking last week at the Information Systems Security Association's trade show CardTech/SecureTech in Arlington, Va. "It will enable us to go across the government with a common algorithm." User reaction The key escrow concept behind both Clipper Chip and Capstone have left many users and vendors worried. Sandra Lambert, vice president of information security at Citibank, N.A., and Samuel Epstein, president of Racal-Guardata, Inc., said the key escrow system raises the issue of security vulnerability, which could result from a break-in at the site where the escrow keys will be stored. The Electronic Frontier Foundation (EFF), a public advocacy group based here, has taken the position that the public should not have to rely on the government as the sole source for encryption chips. Last week, the EFF began pulling together a coalition of vendors and users under the banner of its Digital Privacy and Security Working Group to address the issues raised by Clipper Chip. AT&T, which announced that it would include Clipper Chip in its Secure Telephone Device, will participate in the EFF forum. Government sources last week said AT&T rushed out with its Clipper Chip announcement because the Department of Justice wants to purchase AT&T telephone security devices with Clipper Chip. Last week, AT&T said it based its decision to include the Clipper Chip chipset on faith rather than knowledge. "We've told the government there's a need to establish the credibility of the standard," said Mike Agee, marketing manager for secure products at AT&T. Although publication of the Clipper Chip specification would not compromise the effectiveness of the algorithm, the NSA said it intends to keep the algorithm secret. "The plan is we would share it with academia on a limited basis," Nagengast said. "I don't believe it's ever intended to be published." From hughes at soda.berkeley.edu Sun May 2 22:42:37 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sun, 2 May 93 22:42:37 PDT Subject: PATENT: A LEGAL way---maybe! In-Reply-To: <930503040243_76114.2307_BHA51-1@CompuServe.COM> Message-ID: <9305030539.AA03966@soda.berkeley.edu> William Oldacre persists in believing that personal use of a patent is permissible. It's not legal, but if they don't know, they don't sue. The differences between legality, the cost-effectiveness of a lawsuit, and finding out in the first place are significant here. We want the protecting of legality, if we can get it. >CypherPunks has something that Public Key Partners doesn't. An >organization of motivated people who can devote hundreds of person >hours to putting the RSA patent under a microscope. I'm really glad for this observation. One, however, must derate our person-hours some because we aren't lawyers. The basic idea, though, is entirely accurate. >Allowing patents on ordinary mathematics was >mistake that has to be rectified. It has been rectified. RSA is not a mathematical patent. It is the embodiment of some mathematical routines into a machine which is used for a particular purpose and has certain security properties. > (Diffie-Helman-Merkle?) I got that one wrong. It's the Hellman-Merkle patent. I just posted the actual numbers. Eric From newsham at wiliki.eng.hawaii.edu Mon May 3 00:07:51 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Mon, 3 May 93 00:07:51 PDT Subject: No Subject Message-ID: <9305030707.AA14920@toad.com> I am using the d3des package. So far I have been using the normal DES routines. I have recently decided to use the tripple-DES routines but the documentation ( == *.c and *.h ) didnt seem too clear on the point. From what I understand so far it seems that Ddes() is used for both double and triple encryption (???) for 64bits in 64bits out. this is the test code I did, it works, I'd just like to know for sure if it is using triple des (3*56 bit keys). thanx. #include "d3des.h" unsigned long enkey[96],dekey[96]; main() { char *a,b[100],*k; strcpy(b,"this is a test"); k="testing123423456789212345678"; des3key(k,0); cp3key(enkey); /* set up long keys , encrypt */ des3key(k,1); cp3key(dekey); /* decrypt */ use3key(enkey); Ddes(b,b); /* encrypt b */ write(1,b,8); use3key(dekey); Ddes(b,b); /* decrypt b */ write(1,b,8); } From smb at research.att.com Mon May 3 04:18:11 1993 From: smb at research.att.com (smb at research.att.com) Date: Mon, 3 May 93 04:18:11 PDT Subject: government free reign on RSA -- from whence? Message-ID: <9305031118.AA20167@toad.com> This is driving me crazy. I have asked many people that refer to the U.S. government's free reign on the use of patents in general and RSA technology in particular. There are a lot of very respectable and reputable specialists on this list and I hope they can answer my quest ion. What *specifically* gives the government the *right* to use patents developed `with public money' without licensing, or the RSA patent in particular (if the two are not the same)? My understanding -- and I've never seen the original document, so I can be wrong -- is that the statutes providing for grants to professors have such provisions. That is, barring all patents developed under such grants could be seen as stifling private initiative. But permitting the inventor to retain all rights is unfair, since the government funded the work. Hence the compromise: patents are permitted in such cases, but the government gets free use. As for the ``personal use'' question -- I've never heard of such a thing. The law gives gives the patent holder the right to bar others from selling, making, or *using* the protected invention. There is a court ruling permitting use of patented materials for experimental purposes; some people may be extending that. One more word on patents. The claim that 50% of patents are thrown out when challenged may or may not be accurate; however, it is very time-dependent. Such things go in cycles, depending on the makeup of the Supreme Court. During, say, the 1970's, there was a substantial component on the court that opposed the concept of patents, so many more challenges were upheld. I need not point out that the makeup of the court has changed substantially in recent years; during the 1980's, many more patents were upheld. I've seen one or two articles indicating that the pendulum is starting to swing back, but it's harder to say now; most patent cases these days only go as high as the Court of Appeals for the Federal Circuit. --Steve Bellovin From honey at citi.umich.edu Mon May 3 06:01:06 1993 From: honey at citi.umich.edu (Peter Honeyman) Date: Mon, 3 May 93 06:01:06 PDT Subject: A LEGAL way---maybe! Message-ID: <9305031301.AA22009@toad.com> perhaps you missed my note last week, where i cited: %T patents and the progress of science: exclusive rights and experimental use %A rebecca s. eisenberg %J university of chicago law review %V 56 %N 3 %D summer 1989 %P 1017-1086 follow the footnotes. here's a quote to entice you: If basic research cannot be insulated from the patent system entirely, it might still be possible to reconcile a system of exclusive patent rights in prior discoveries with the interest of the scientific community in allowing subsequent researchers to enjoy free access to such discoveries by exempting the use of patented inventions in research from infringement liability. While the United States patent statute does not provide for such an exemption, the courts have long recognized, at least in principle, that a purely "experimental use" of a patented invention, with no commercial purpose, should be exempt from infringement liability. over and over, she reiterates that patent courts have consistently recognized the experimental use defense. peter From nobody at alumni.cco.caltech.edu Mon May 3 06:13:16 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Mon, 3 May 93 06:13:16 PDT Subject: Shimomura's testimony Message-ID: <9305031312.AA24645@alumni.cco.caltech.edu> -----BEGIN PGP SIGNED MESSAGE----- This sounds like the tricks he and Mark Lottor showed off at Hackers last year, according to the first issue of Wired. Of course he was anonymous there; I guess Wired didn't offer him immunity. I'd like to know more about Shimomura's testimony -- was he just showing off, or is he selling us out? Sounds like both. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK+UZ6PFZTpBW/B35AQGroQGAprtpUtJi5l9EzQsjmdyhniWtea0kRRg4 KZloWA2ScVtaEQP0/e/q2yGXYCILuKV5 =wmIO -----END PGP SIGNATURE----- From svp at gtoal.com Mon May 3 06:45:43 1993 From: svp at gtoal.com (Sy Verpunc) Date: Mon, 3 May 93 06:45:43 PDT Subject: Import OK by the look of this... Message-ID: <9305021304.AA06890@pizzabox.demon.co.uk> : which otherwise would have been illegal. FBI special agent was standing by to : make sure no other laws were broken, as could have happened in technology : demonstration. Event was practical demonstration of what Subcommittee Chmn. : Markey (D-Mass.) called "the 'sinister side' to cyberspace." ... : Gage said export laws prohibit selling abroad of particular encryption : computer programs. Yet he showed panel text of computer program pulled off : Internet, from Finland, of prohibited source code for Data Encryption Standard : (DES) used by U.S. govt. In that case, law wasn't broken because program was : imported, not exported. Adding comma to code would route program to Moscow, Gage : said, so he didn't add it because there was no immunity. Also set up in room was : satellite hookup to Moscow using small earth station made by KGB, which was in : contact with Russian satellite. My inference from this is that if they went to the bother of checking to make sure they knew about the laws and explicitly arranged immunity for the scanner demonstration, we can take it as read that *import* of crypto wares is *not* illegal, as some have tried to suggest. Graham PS I'm xposting this to sci.crypt From wtap at mindvox.phantom.com Mon May 3 06:49:59 1993 From: wtap at mindvox.phantom.com (Wire Tap!) Date: Mon, 3 May 93 06:49:59 PDT Subject: Add to list Message-ID: <3H9y3B1w165w@mindvox.phantom.com> I was wondering if I might be added to your mailing list, or be sent an application or something similar. Thanx you. From hkhenson at cup.portal.com Mon May 3 08:12:35 1993 From: hkhenson at cup.portal.com (hkhenson at cup.portal.com) Date: Mon, 3 May 93 08:12:35 PDT Subject: RISKS DIGEST 14.54 Message-ID: <9304262218.1.19891@cup.portal.com> This issue of comp.risks has a rather lengthy posting by DD. The moderator commented (re the wiretap chip) "there has been essentially no other topic of concern for the past week . . . ." Considering the wide range of topics covered here, that is quite a statement! Keith From hkhenson at cup.portal.com Mon May 3 08:12:43 1993 From: hkhenson at cup.portal.com (hkhenson at cup.portal.com) Date: Mon, 3 May 93 08:12:43 PDT Subject: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304291359.1.6025@cup.portal.com> re paying a reasonable license fee, I wonder if RSA would cash my check for (say) $10 if I wrote on the check that it was for a license for whatever they might claim on PGP. One wonders what they would do with several hundred checks. :) Keith From hfinney at shell.portal.com Mon May 3 08:12:45 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Mon, 3 May 93 08:12:45 PDT Subject: Tough Choices: PGP vs. RSA Data Security Message-ID: <9304300305.AA10442@jobe> (I sent a copy of this message this morning from my Compuserve account, but it never appeared. Fighting to control my surging paranoia, I am re-sending it from this account. I apologize if a duplicate eventually shows up.) -----BEGIN PGP SIGNED MESSAGE----- Tim May writes: > I suggest that we as a community seriously reconsider our basic support for > PGP. Not because of any flaws in the program, but because of issues related > to Clipper and the potential limits on crypto. I see several problems with this proposal. 1. It's not clear what it means to "reconsider our basic support for PGP." What exactly is Tim proposing? That people stop using PGP? That they phase out their use of it as legal products become available? I'd like to see some clarification. 2. More generally, what about the issue of our advocating and supporting other possibly infringing actions? Which ones do we stop? Just those that upset Jim Bidzos? He claims to have patents that cover many more activities than RSA, including patents which cover the very idea of public key encryption, and patents on Diffie-Hellman key exchange and virtually any conceivable variation. Should we respect all of these now? 3. David Chaum apparently has U.S. patents on many key features of digital cash. It looks like we would have to stop working on that, too, by this reasoning. 4. What reasonable alternatives to PGP exist? Is RSAREF really usable on a PC? I tried an early version and it was terribly, terribly slow. PGP is just barely fast enough. A "legal" version of PGP which uses RSAREF will presumably be considerably slower. 5. I am not as convinced as Tim that RSADSI is truly, positively, certainly on our side. Why is it that RSAREF has such a weak conventional encryption algorithm (DES, with 56-bit keys)? RIPEM has been out for many months, and people have been asking for IDEA or triple DES all that time. Bidzos has supposedly said he'll give permission for improvements. Yet as far as I know RIPEM still only has this small key size, a key size which persistent rumors say can be broken by government computers. When Bidzos permits RSAREF to run a conventional encryption algorithm with a secure key size I will give more credence to the view that he wants people to have strong encryption. 6. How is it that one company has collected virtually all of the patents on cryptographic technology in this country? Jim Bidzos controls patents on public-key encryption in general, RSA, Diffie-Hellman key exchange, ElGamal signatures and encryption, and several others. I can't help noticing that it would be an extraordinarily convenient arrangement for the government if such a company existed and were secretly working against public use of cryptography while publically pretending to be doing all they can to bring this technology to a reluctant market. I still have not seen any specific public action by Bidzos which would invalidate this possibility. Yes, he has engaged in this widely publicized tiff with NIST over the Digital Signature Standard, and he's made some statements against Clipper. But where are the lawsuits? Is AT&T receiving the same threatening letters that Stanton McCandlish received when he said he was distributing PGP from his BBS? 7. Extrapolating from the widespread acceptance of PGP, which is free, to conclude that there is a market for a commercial encryption product which costs money is pointless. Granted, some of us may spend a lot of time talking about PGP and thinking about these issues, but most PGP users just downloaded it from a BBS or the net. There are a lot of things they'd spend $100 on before they would buy an encryption program. One of the things that attracted me to Cypherpunks is that they take steps to make these tools available without worrying about upsetting the power structure. David Chaum may object to our implementing digital cash. Jim Bidzos may object to our using RSA, or Diffie-Hellman, or almost anything else having to do with cryptography. If we're going to start looking over our shoulder and not doing anything which powerful people object to then we might as well pack up and go home. Almost everything we have talked about over the last six months infringes somebody's patents in this country. I really don't see what role a group like ours has if we have to tiptoe through the minefield of intellectual property protection which permeates the field of cryptography. Are we to become a bunch of unpaid consultants for RSADSI, writing code which they will then make profits on? Phil Zimmermann has done more to put strong cryptography into the hands of people all over the world in two years than Bidzos has managed in ten. He has faced lawsuits by Bidzos and has undergone considerable personal sacrifice in getting this software out. People talk about this "feud" as though the two are equally guilty, and ask (like Rodney King) "can't we all just get along?" But this is a cop-out. To me there is clear asymmetry in their dispute in terms of who asserts their power and who is trying to empower individuals. Look at what Tim is suggesting. We abandon PGP, not because it is a bad program; not because its author has behaved unethically; not because it has failed in its goals; but because Jim Bidzos is throwing his weight around and we don't want Jim to be unhappy. If Jim were to accept that PGP was no more threatening to his patents than RSAREF then the problem would be solved. I presume that Tim has decided that this won't happen, so now he suggests Plan B, that we abandon PGP. I have to suggest that the real obstacle to the wide deployment of strong cryptography remains Jim Bidzos. He has the power, by a single stroke of a pen, to do more to encourage the spread of cryptography in this country than any other single person (including Bill Clinton). All he has to do is to issue a policy statement that since PGP is freeware it falls under the PKP policy allowing use of the patents for noncommercial use. Presto - PGP is legal, and one of the main obstacles to its spread is eliminated. I agree with Tim that we need to look closely to see who our real enemies are. Perhaps Bidzos is a charming person. I've never met him. Certainly the bay area Cypherpunks seem to be falling under his influence. From my perspective I find this cozying up to the PKP/RSADSI power structure to be rather alarming. I don't think it is a good direction for the group. Hal Finney 74076.1041 at compuserve.com hal at alumni.caltech.edu -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK9/UvKgTA69YIUw3AQGCrgQAi2980bgg4eHAoIbRUtEtT05V7+50UH16 erkzERI8ot+uk0soXPsM53YlVVAvSYVmLY5Ine862RWG0TUldq1O99CbnCet6Da9 /NWVUQCAoKrUuwj7Cetyf84wE4Fof6tbugOtXhke26WXZXhEIIsSdgKBzaDdc/LD y0zU/abZ9Es= =IKKf -----END PGP SIGNATURE----- From hughes at soda.berkeley.edu Mon May 3 08:48:04 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 3 May 93 08:48:04 PDT Subject: Tough Choices: PGP vs. RSA Data Security In-Reply-To: <9304291359.1.6025@cup.portal.com> Message-ID: <9305031544.AA01568@soda.berkeley.edu> >re paying a reasonable license fee, I wonder if RSA would cash my check >for (say) $10 if I wrote on the check that it was for a license for >whatever they might claim on PGP. RSA might try to cash such a check, but if their bank is smart they won't accept it. A check is not negotiable if it contains a condition. Negotiable means it can be bought or sold. If the check is not negotiable then it can't properly be processed by the check clearing house, since that would require a negotiation. Only if the check were drawn on RSADSI's bank would such a check be depositable, since then your order to pay is being made to the same entity which is receiving the check. >One wonders what they would do with >several hundred checks. Return them, I would suppose. Eric From 76114.2307 at CompuServe.COM Mon May 3 10:02:41 1993 From: 76114.2307 at CompuServe.COM (William Oldacre) Date: Mon, 3 May 93 10:02:41 PDT Subject: RSA patent! Message-ID: <930503164336_76114.2307_BHA68-1@CompuServe.COM> To: >Internet:cypherpunks at toad.com Enclosed is the essential text of the "RSA" patent. Now it's time to go to work. 1) (Interference) Is there anything in history wherein someone created a cypher consisting of two parts which could only be broken when they were combined mathematically? Or how about a wax seal created by impressing two images, one after the other-----verifying authenticity? 2) (Interference) Stripped of it's turgid language, does the basic equation fit any other ordinary operation such as factoring some type of equation. Is there some routine mathematical operation in number theory which resembles it? 3) (Invalidity) is there any part of the description language that could be interpreted two different ways? 4) (Misuse) a) Were any federal funds used in this project? Somebody at MIT needs to dig into the public documents there. b) If so, was the government irresponsible in licensing something so useful to the public to a company (in which they are a partner) which makes it's use by the public difficult? Can any evidence be found that this was deliberate? 5) (Misuse) Does RSA telling Phil Zimmermann that they will "never" license PGP to use RSA constitute monopolistic abuse? 6) (Misuse) The underlying purpose of the patent system was to encourage the creative genius for the benefit of the public. Has the public benefited in this case? 7) Keep thinking, and volunteer to take on some aspect of this and research it. Most research is not done by attorneys but, rather, by assitants who simply assemble the case histories for them to work from. By doing this work ourselves, any attorney or company wishing to challenge this patent in court is halfway there. 1475889 2329848 E/ CRYPTOGRAPHIC COMMUNICATIONS SYSTEM AND METHOD -------------------------------------------------------------------- Inventors: Adleman Leonard M (US); Rivest Ronald L (US); Shamir Adi (US) Assigned to: Massachusetts Institute of Technology Code: 52912 Patent Number: 4405829 Application Number: US 860586 Application Date: 12/14/77 Issue Date: 9/20/83 Patent Type: Utility Citations: Cited by 29 later patents Abstract: --------- A cryptographic communications system and method. The system includes a communications channel coupled to at least one terminal having an encoding device and to at least one terminal having a decoding device. A message-to-be-transferred is enciphered to ciphertext at the encoding terminal by first encoding the message as a number M in a predetermined set, and then raising that number to a first predetermined power (associated with the intended receiver) and finally computing the remainder, or residue, C, when the exponentiated number is divided by the original message at the decoding terminal in a similar manner by raising the ciphertext to a second predetermined power (associated with the intended receiver), and then computing the residue, M', when the exponentiated ciphertext is divided by the product of the two predetermined prime numbers associated with the intended receiver. The residue M' corresponds to the original encoded message M. Exemplary Claim: ---------------- A communications system for transferring a message signal Mi comprising k terminals, wherein each terminal is characterized by an encoding key Ei (ei, ni) and decoding key Di (ei, ni), where i 1,2, . . . ,k, and wherein Mi corresponds to a number representative of a message signal to be transmitted from the ith terminal, ni is a composite number of the form ni pi X qi Pi and qi are prime numbers, ei is relatively prime to 1 cm(pi-1,qi-1), di is a multiplicative inverse of ei(mod(1 cm((pi-1),(qi-1)))) wherein a first terminal includes means for encoding a digital message word signal MA for transmission from said first terminal (i A) to a second terminal (i B), said first terminal including: means for transforming said message word signal MA to one or more message block word signals MA', each block word signal MA being a number representative of a portion of said message word signal MA in the range 0 < OR = MA < OR = nB-1, means for transforming each of said message block word signals MA'' to a ciphertext word signal CA, CA corresponding to a number representative of an encoded form of said message block word signal MA'', whereby: CA identical MA''eB(mod nB). From pmetzger at lehman.com Mon May 3 10:03:26 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 3 May 93 10:03:26 PDT Subject: PGP In-Reply-To: <01GXMXWJVE4Y95NBR5@delphi.com> Message-ID: <9305031702.AA19444@snark.shearson.com> HARUP16 at delphi.com says: > I think what Matt was trying to get at is that privacy should be free > The day that I feel the need to have to pay $100 to ensure that my business > is nobody's business but my own is the day I leave this country for a nice > outlet free desert island. Nothing is free. Food isn't free. Clothing isn't free. Places to live aren't free. Computers to run crypto sofware are not free. There is no reason on earth that privacy should be free. This is not to say that privacy needs to be expensive. However, it is to say that we do not yet live in a communist society. People DO deserve to get rewarded for their work if they wish to be. Phil Zimmerman and others have very kindly donated their work to the public -- but we should not forget that they were in no way obligated to be as nice as they were. .pm From hughes at soda.berkeley.edu Mon May 3 10:05:12 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 3 May 93 10:05:12 PDT Subject: PATENT: A LEGAL way---maybe! In-Reply-To: <9305031301.AA22009@toad.com> Message-ID: <9305031701.AA05899@soda.berkeley.edu> I first wish to apologize for a bit of impreciseness in a previous posting. I had said that a personal use exemption was not legal. I should have stated that personal use is not a defense against a claim of infringement, and that barring any other defense (e.g. research) such use would not be legal. I hope this clarifies. Peter Honeyman references a law review paper arguing for an experimental exemption to patent rights. This is a good document for us. Perhaps one of the many members of the Information Liberation Front (ILF, which also stands for Information Longs to be Free) which are around the country might arrange for an electronic copy to be made available. I have not read the paper, but I do have some comments on its usefulness. I think that an experimental exemption will not work for wider goals, and I state two reasons below. I also think that the existence of the exemption is a huge rhetorical win for distribution. First, an experimental exemption does not touch commerce. PGP is stalled right now in two areas. The first, distribution, is not the major problem given the number of overseas sites carrying PGP. Lack of commercial availability, however, is. There are business that would like to use PGP, but cannot. Phil has mentioned some specifics to me; some of these are large companies. PEM implementations are available commercially right now; they are not yet in widespread use, but given the positive economic feedback in markets where compatibility is key, PEM could easily and quickly overtake PGP completely. As far as I'm concerned, this issue is moot with respect to PGP. The development plans are already in place to put RSAREF into PGP in order to legitimately license it. But the same argument applies whenever one might want widespread deployment of a system which infringes some patent claim. Digital money falls into this category squarely. Second, even with a research exemption, you have to be doing _bona fide_ research. _Bona fide_ is Latin for "in good faith." If you merely claim you're doing research, that is not sufficient. Bona fide research certainly encompasses some academic research, but not all. I suspect that superconductivity researchers who used PGP to exchange valuable technical information would be be consider to be doing cryptographic research. On the other hand, bona fide research need not be confined to the academy. The operators of remailers currently could well be argued to be doing research, but when deployment becomes widespread the defense of research becomes harder and harder to mount. Both these concerns limit the extent to which a research exemption could be used to promote the spread of cryptography. This seems entirely in keeping with the idea of an exemption for the purpose of extending the state of the art, which is always conducted by very few people. The research exemption does not generalize. The research exemption does have one extremely positive effect, and that is on distribution from University sites. Since the University has a mission to research, distributing a research tool from an anonymous ftp site is clearly within the purview or research. The question of bona fide research remains. I would suggest that Peter Honeyman simply start a research project "to study the distribution mechanisms of public keys in a non-authenticated, highly networked environment." Peter, you could do this just by fiat, by creating a document that says you're doing this. This document could be handed to the administrators at the University of Michigan ftp site, who could then reinstate PGP with some measure of certainty that it was legitimately there. Yours in wiliness, but also in good faith, Eric From mnemonic at eff.org Mon May 3 10:14:21 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 3 May 93 10:14:21 PDT Subject: comments solicited (fwd) Message-ID: <199305031714.AA16127@eff.org> Forwarded message: From mnemonic at eff.org Mon May 3 10:37:53 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 3 May 93 10:37:53 PDT Subject: ANON: Stepping up the pace... In-Reply-To: <9305030104.AA01342@netcomsv.netcom.com> Message-ID: <199305031737.AA16659@eff.org> Kelly Goen writes: > Hi All, > With all this excitement about clipper, I am > questions about a number of points: > > * are we losing momentum on the anon-server front > > * we have just 13 remailers deployed... and from what I > am given to understand insufficient traffic on all. I've been asked to work up a possible EFF policy statement on anonymity. Can anyone on this list tell me how long anonymous remailers have been in use on the Net? Has anyone written a policy document on this subject that you can give me a pointer to? --Mike From svp at gtoal.com Mon May 3 11:29:06 1993 From: svp at gtoal.com (Sy Verpunc) Date: Mon, 3 May 93 11:29:06 PDT Subject: RSA patent! Message-ID: <9305021734.AA09136@pizzabox.demon.co.uk> 5) (Misuse) Does RSA telling Phil Zimmermann that they will "never" license PGP to use RSA constitute monopolistic abuse? Could you tell us more about this? 6) (Misuse) The underlying purpose of the patent system was to encourage the creative genius for the benefit of the public. Has the public benefited in this case? Don't patent holders *have* to license patents to all comers? If say a rich sugar-daddy could be found who would put up the same scale of money as Lotus and Microsoft have, to use these patents - on behalf of Phil and PGP users - would they be obliged to license it? (I'm assuming if they did they would have to offer roughly similar conditions, and not charge punitively to force us out the market) If yes - then who do we know that's rich? :-) If no - are they doing anything wrong that we could get them in court over? G From julf at penet.FI Mon May 3 11:51:16 1993 From: julf at penet.FI (Johan Helsingius) Date: Mon, 3 May 93 11:51:16 PDT Subject: ANON: Stepping up the pace... In-Reply-To: <199305031737.AA16659@eff.org> Message-ID: <9305032127.aa29095@penet.penet.FI> > Can anyone on this list tell me how long anonymous remailers have been in > use on the Net? Wizvax (serving alt.sex.bondage) has been up for *years*, as far as I remember... > Has anyone written a policy document on this subject that > you can give me a pointer to? I was going to write one... But I think work on anon.penet.fi Mk. II (alias penet.anon.com) has priority... And besides, I have to pay my rent... :( Julf From honey at citi.umich.edu Mon May 3 12:56:14 1993 From: honey at citi.umich.edu (Peter Honeyman) Date: Mon, 3 May 93 12:56:14 PDT Subject: Tough Choices: PGP vs. RSA Data Security Message-ID: <9305031956.AA00650@toad.com> > re paying a reasonable license fee, I wonder if RSA would cash my check > for (say) $10 if I wrote on the check that it was for a license for > whatever they might claim on PGP. writing conditions on the back of a check don't mean shit. > One wonders what they would do with several hundred checks. discard them, would be my guess. peter From honey at citi.umich.edu Mon May 3 13:05:07 1993 From: honey at citi.umich.edu (Peter Honeyman) Date: Mon, 3 May 93 13:05:07 PDT Subject: RSA patent! Message-ID: <9305032005.AA00798@toad.com> > Don't patent holders *have* to license patents to all comers? no. peter From edgar at spectrx.Saigon.COM Mon May 3 14:35:33 1993 From: edgar at spectrx.Saigon.COM (Edgar W. Swank) Date: Mon, 3 May 93 14:35:33 PDT Subject: PGP: Re: Tough Choices: PGP vs. RSA Data Security Message-ID: The conflict between RSA and PGP -may- be about to be solved. You all may recall my "announcement" of an effort to create a USA-Legal version of PGP by incorporating RSAREF code. Among several offers to help, I received the following messages: ======================================================================== To: spectrx!edgar (Edgar W. Swank) Subject: Re: PGP: USA-Legal PGP Project In-Reply-To: Your message of "Wed, 28 Apr 93 01:02:23 PDT." Date: Wed, 28 Apr 93 12:37:30 -0600 From: "L. Detweiler" >I confirmed with Jim Bidzos, President of RSA, who was >present at the meeting, that a USA Legal version of PGP could be >constructed by just replacing certain sections of code with free code >from RSAREF. Since source for both PGP and RSAREF are available, this >sounds like an easy job. Since no-one's actually done it yet, perhaps >it's not, but I will try. I hope I haven't bitten off more than I can >chew. At best, I can compile and test only the MSDOS version of PGP. I >will certainly need help if USA-Legal MAC, AMIGA, UNIX, etc. versions >are to be available. I'm sorry Mr. Bidzos didn't tell you, but the PGP development group is already looking very seriously into integrating RSAREF, and one person phr at america.Telebit.COM (Paul Rubin) has already done it. If you would like to join the list send mail to prz at sage.cgd.ucar.EDU (Philip Zimmermann). ========================================================================== Date: Wed, 28 Apr 93 19:32:55 PDT From: szebra!america.Telebit.COM!phr (Paul Rubin) Message-Id: <9304290232.AA10138 at america.TELEBIT.COM> To: spectrx!edgar Subject: PGP: USA-Legal PGP Project >I confirmed with Jim Bidzos, President of RSA, who was >present at the meeting, that a USA Legal version of PGP could be >constructed by just replacing certain sections of code with free code >from RSAREF. Not quite true. RSAREF's license requires that the RSAREF routines be called only in certain ways unless special permission is obtained. Calling the RSAREF routines in the generally permitted manner won't work with PGP because PGP's file format is different than what RSAREF expects. PGP needs to call RSAREF in a non-standard way which is easy technically, but needs special permission from Bidzos. Attempts to get such permission have thus far been inconclusive. ====================================================================== I am msging Phil Z. to ask to be placed on "the list". I'm also trying to get more details from Paul Rubin, offering my assistance, and forwarding to him the other offers of assistance I received. It remains to be seen whether RSA's witholding of permission to use non-standard interfaces to RSAREF is reasonable or designed to be obstructive. When we find out, I think we should choose sides (if we -need- to choose sides) accordingly. It looks like the PGPers have made a good faith effort to at least meet RSA halfway. A "PGP-like" "consumer" crypto product which does not exchange keys and messages with PGP will -not- be acceptable. Any such product produced here will almost certainly be export restricted. I am -not- willing to give up my present ability to exchange keys and encrypted data with PGP users outside the USA. (I'm currently exchanging encrypted e-mail with persons in Poland(!!), Germany, and Taiwan). PGP is currently an -international- standard, and, because of ITAR, it's likely to be the -only- international standard for a long time to come. Note that current PGP is legal outside the USA -only- for non-commercial purposes (Phil Zimmerman's "copyleft"). If a USA version is approved by RSA, it will be legal only for non-commercial use inside the USA (RSA's patents & copyrights on RSAREF). If PGP becomes popular (even more so than at present, it's already the leader) worldwide for individual non-commercial use, businesses are going to want a PGP-compatible product they can use for exchanging encrypted data with their (non-business) -customers-. For example, encryption is a good idea if you're ordering merchandise with your credit-card number. Jim Bidzos has told me that Phil Z. or anyone else can get a license from RSA for $20,000 plus minimum $10,000/yr. royalties. If we say we don't want to spend more than 50% of our revenues on licensing, then if Phil can get $60,000 of firm orders for a -commercial- USA version of PGP, he's in (a very profitable) business. $60,000 might be 600 copies at $100 or six site licenses at $10,000. Also, if a -foreign- software producer wants to license a commercial version of PGP useable only overseas, he only needs to deal with Phil (& maybe the other PGP co-authors). But the effect of this would just be to increase the market for a USA commercial version (for businesses who wanted to exchange encrypted data with other businesses, or their own subsidiaries, overseas). I guess anyone who wants to can get onto Phil's list. I'd prefer if you all didn't bombard Paul Rubin with E-mail. I'll post more details of this project here as I get them (unless I'm asked not to). -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From crunch at netcom.com Mon May 3 15:32:58 1993 From: crunch at netcom.com (John Draper) Date: Mon, 3 May 93 15:32:58 PDT Subject: Need permission... or info... Message-ID: <9305032233.AA23826@netcom4.netcom.com> Greetings, On the EFF Conference on the WELL, some people over there who are NOT in the cypherpunks list want to get the question list we generated at the last meeting. John G. posted it but no revisions were done. Is someone going to be adding more stuff to the list, and is it OK for me to cross post thje list into the EFF Conference on the WELL?? Thanx JD From MCMAHON at Eisner.DECUS.Org Mon May 3 16:33:41 1993 From: MCMAHON at Eisner.DECUS.Org (John (FuzzFace/Fast-Eddie) McMahon) Date: Mon, 3 May 93 16:33:41 PDT Subject: FWD: Hearings by Congressman Markey Message-ID: <01GXR0JXRR66000FNB@Eisner.DECUS.Org> Date: 03 May 1993 09:12:58 -0400 (EDT) From: carl at malamud.com (Carl Malamud) Subject: Hearings by Congressman Markey To: announce at malamud.com Org: Internet Talk Radio Channel: Internet Town Hall Program: Special Program Release: May 2, 1993 (Hearings were on April 29, 1993) Content: Hearings by House Subcommittee on Telecommunications and Finance Chairman Edward Markey held oversight hearings on April 29 on the rights and responsibilities of individuals and organizations in cyberspace. A high tech presentation highlighting issues such as encryption, electronic invasions of privacy, fraud, civil liberties and computer crime, preceded a panel discussion. For the demonstration, a world-class team of four engineers from Sun and the San Diego Supercomputer Center brought in an HDTV, an ATM switch, an ISDN switch, a Russian satellite dish, a XEROX Liveboard, a BARCO projector with special video equipment, four Sparcstation 10s, a few Sparcstation 2s, and miscellaneous other equipment. The purpose of the demonstration was to show that while our current public policy makes distinctions based on industry, those distinctions have no meaning in the underlying technology. A television is a computer and a computer is a television; a computer is a telephone and vice versa. To demonstrate the latter point, Gage and his associates showed how a new AT&T cellular phone could be changed by any 13-year old into a scanner. The demonstration also showed how DES code could be pulled off anonymous FTP systems in Finland, yet US industry was unable to export this technology. The panel consisted of Raymond Kammer, Acting Director of NIST (National Institute of Standards and Technology), who provided testimony on technology standard setting issues including the government-endorsed "Clipper Chip" encryption technology; Mr. Bruce Sterling, noted science fiction writer on cyberspace and also author of the non-fiction book, "The Hacker Crackdown: Law and Disorder on the Electronic Frontier," which discusses computer crime and civil liberties; Mr. John Lucich, State Investigator with the New Jersey Division of Criminal Justice. Mr. Lucich combats computer and electronic fraud crimes by electronically infiltrating the underground computer bulletin boards of the "hacker" and "phone phreak" community; and Mr. Joel Reidenberg, Professor of Law at Fordham University Law School, who has studied how personal privacy is affected by telecommunications and computer technologies and the various privacy protections afforded citizens of different countries. We would like to apologize in advance for the very poor audio quality of this tape. The hearing room was quite antiquated, and was full of ungrounded electricity, lots and lots of electronic equipment, wireless mikes, and PA systems turned up way too loud. We hope the content makes the mind happier than the ears. Support for this program was provided by O'Reilly & Associates and by Sun Microsystems. ITH Program Files: 050293_spec_01_HALL.au (Testimony of John Gage) 050293_spec_02_HALL.au (Testimony of Panel) ITH Readme File: 050293_spec_HALL.readme (This File) For information on Internet Talk Radio, write to info at radio.com. More information on Internet Town Hall will be available shortly. For a current, partial listing of sites, write to sites at radio.com. From fnerd at smds.com Mon May 3 16:44:15 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Mon, 3 May 93 16:44:15 PDT Subject: Shamir papers in postscript Message-ID: <9305032323.AA06924@smds.com> I have the postscript versions of the papers of the two Adi Shamir talks I summarized last week. Shamir gives permission to distribute them freely. If anyone's interested, please mail to me, and depending on how many ask for them, I'll either mail directly or post to the list. -fnerd Titles: ``On The Generation of Multivariate Polynomials Which Are Hard To Factor'' and ``Cryptographic Applications of Birational Permutations'' by Adi Shamir Weizmann Institute FIRST ABSTRACT: In this talk we consider the difficulty of factoring multivariate polynomials F(x,y,z,...) modulo n. We consider in particular the case in which F is the product of two randomly chosen polynomials P and Q with algebraically specified coefficients, and n is the product of two randomly chosen primes p and q. The main result of this talk is that (with one trivial exception), the problem of factoring F is at least as hard as the factorization of n whenever P and Q are chosen from the same sample space, regardless of what may be known about its form. SECOND ABSTRACT: Many public key cryptographic schemes (such as cubic RSA) are based on low degree polynomials whose inverses are high degree polynomials. These functions are very easy to compute, but time consuming to invert even by their legitimate users. To make such schemes more efficient, we consider in this talk the class of birational permutations f over k-tuples of numbers, in which both f and f^-1 are low degree multivariate rational functions. We develop new families of birational permutations, and describe how to use them in new cryptographic schemes which are faster than the known schemes. -- From huntting at glarp.com Mon May 3 17:48:21 1993 From: huntting at glarp.com (Brad Huntting) Date: Mon, 3 May 93 17:48:21 PDT Subject: Shamir papers in postscript In-Reply-To: <9305032323.AA06924@smds.com> Message-ID: <199305040048.AA03299@misc.glarp.com> > I have the postscript versions of the papers of the two Adi Shamir > talks I summarized last week. Shamir gives permission to distribute > them freely. If anyone's interested, please mail > to me, and depending on how many ask for them, > I'll either mail directly or post to the list. I would be interested. I dont suppose you could you put them up for anon-ftp and send a MIME message with the external-body reference to the list? thanx, brad From honey at citi.umich.edu Mon May 3 20:35:11 1993 From: honey at citi.umich.edu (peter honeyman) Date: Mon, 3 May 93 20:35:11 PDT Subject: PATENT: A LEGAL way---maybe! In-Reply-To: <9305031701.AA05899@soda.berkeley.edu> Message-ID: <9305040335.AA07265@toad.com> well, eric, you're asking if i'm willing to put my money where my mouth is, more or less, and i suppose the answer is "no." that is, i don't really want to work on distribution mechanisms of public keys in a non-authenticated, highly networked environment. avi rubin and i are working on a pk-based remailer. we need to manage public keys, pgp is perfect, we plan to use it. we hope to get to the point where we want to share our software and then will be forced to visit the pk distribution question. peter From keenan at acs.ucalgary.ca Mon May 3 22:53:29 1993 From: keenan at acs.ucalgary.ca (Tom Keenan) Date: Mon, 3 May 93 22:53:29 PDT Subject: 800 numbers & anonymity In-Reply-To: Message-ID: <9305040550.AA29713@acs5.acs.ucalgary.ca> > On a note similar to remailers, has anyone ever given consideration to > creating an "outdial" service? If I could dial long distance into the > States, and then be able to dial a 1-800 number that I cannot dial direct > from Canada (which is most) this would extremely useful... In fact there used to be just such a number 206 945-2111 which some kind soul in the state of Washington made available for Canadians who wanted to call US numbers. It gave a dial tone and you dialed the 800 number...no charge. You're right, *someone* should do that again, it was sure handy. (That number is now out of service.) A related question, is there some way to find the identity of an 800 number holder, e.g. like a reverse phone directory? -- Dr. Tom Keenan, I.S.P. Associate Dean, R&D, Faculty of Cont. Ed. University of Calgary 2500 University Dr. NW Calgary, AB T2N 1N4 CANADA (403) 220-4715 (voice) (403) 284-5702 (fax) keenan at acs.ucalgary.ca (email) From anton at hydra.unm.edu Tue May 4 00:51:50 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Tue, 4 May 93 00:51:50 PDT Subject: PGP In-Reply-To: <9305031702.AA19444@snark.shearson.com> Message-ID: <9305040751.AA21712@hydra.unm.edu> Perry E. Metzger opines: > HARUP16 at delphi.com says: > > I think what Matt was trying to get at is that privacy should be free > > The day that I feel the need to have to pay $100 to ensure that my business > > is nobody's business but my own is the day I leave this country for a nice > > outlet free desert island. > Nothing is free. Food isn't free. Clothing isn't free. Places to live > aren't free. Computers to run crypto sofware are not free. There is no > reason on earth that privacy should be free. Sorry to get on your case yet again, Perry, but I just cannot accept that, and I don't think anyone else here can either. Privacy should be free, just like freedom should be free, and the right to say what you want should be free. This is not to say well made tools for ENSURING these rights should be free. A radio broadcasting station will sure help you exercise your speech rights, but you aren't likely to get one for christmas. Likewise, crypto software should not be expected to be free, unless, as in the case of PGP, the author makes it free of their own accord. You are very right that > we should not forget that they were in no way obligated to be > as nice as they were. While this is true, I would urge people to keep in mind that while we can be expected to pay for tools to help us maintain our rights, no one can charge us a fee for those rights themselves. Privacy is free, it is our birthright. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From lg2g+ at andrew.cmu.edu Tue May 4 06:54:28 1993 From: lg2g+ at andrew.cmu.edu (Liam David Gray) Date: Tue, 4 May 93 06:54:28 PDT Subject: PGP, and TANSTAAFL! In-Reply-To: <9305040751.AA21712@hydra.unm.edu> Message-ID: Stanton McCandlish writes, in response to Perry Metzger, on privacy and free lunches: > >[Perry says privacy isn't and shouldn't be free (Liam's summary).] > Sorry to get on your case yet again, Perry, but I just cannot accept that, > and I don't think anyone else here can either. A-ha! You've just caused me to "un-lurk," Stanton; thanks for the great opening. > Privacy should be free, just > like freedom should be free, and the right to say what you want should be > free. This is not to say well made tools for ENSURING these rights should > be free. Here you seem to be confusing the issue. How can you say that privacy (the right?) should be free, when defending privacy shouldn't be free? Can someone walk up to you and _give_ you privacy? I always assumed you had to be willing to go out and get it yourself, by hook or by crook. Without defense of a right, the right is moot. _With_ defense of a right, the right is moot: In that case, you already have what you want! I suppose I also have a "right to lunch," too, with the caveat that each I must "ensure" my right to lunch by tripping down to MacDonald's and buying it. Why bother with the right? What is free here? The fact that MacDonald's is open for business? But I'm not even guaranteed that! Are rights a useless construction? > A radio broadcasting station will sure help you exercise your > speech rights, but you aren't likely to get one for christmas. Likewise, > crypto software should not be expected to be free, unless, as in the case > of PGP, the author makes it free of their own accord. Well said; I agree completely. > While this is true, I would urge people to keep in mind that while we can > be expected to pay for tools to help us maintain our rights, no one can > charge us a fee for those rights themselves. Privacy is free, it is our > birthright. I hope I'm not getting off list topic here on my first post, but the "privacy is free" meme looks to be potentially damaging for us. Perhaps you mean, Stanton, that privacy as a commodity should not be traded for U.S. dollars, Deutsche Mark, or Mexican Pesos, but for some other currency? Sweat, perhaps? If you pay in sweat, it isn't free--you could have paid someone else to sweat for you. Surely this hasn't boiled down to a question over valid currency for trade in privacy? I think the fundamental question here is whether rights are free. [Whether they "should be" free doesn't mean ANYTHING; what does "should be" mean?] Look around; you'll see a lot of people "fighting for their rights" to do X. I don't think you can tell _them_ that "the right to do X is free." Cheers, TANSTAAFL, and I hope I haven't offended Stanton over a minor point, Liam P.S. If anyone knows what rights are, mail me. I'm extremely interested. Don't perpetuate my possible topical error by sending it to Cypherpunks, unless you think everyone else will be interested. (Maybe Extropians would be...) --- Public key available by arrangement -- The cat is out of the bag. Too much of a dreamer not to be practical -- Go have your own "valiant defeat." Liam David Gray -- Quote me. From anton at hydra.unm.edu Tue May 4 09:20:24 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Tue, 4 May 93 09:20:24 PDT Subject: PGP, and TANSTAAFL! Message-ID: <9305041619.AA08996@hydra.unm.edu> > A-ha! You've just caused me to "un-lurk," Stanton; thanks for the great > opening. Hmm not sure if that is a good thing or not > > > Privacy should be free, just > > like freedom should be free, and the right to say what you want should be > > free. This is not to say well made tools for ENSURING these rights should > > be free. > > Here you seem to be confusing the issue. How can you say that privacy > (the right?) should be free, when defending privacy shouldn't be free? > Can someone walk up to you and _give_ you privacy? I always assumed you > had to be willing to go out and get it yourself, by hook or by crook. > Without defense of a right, the right is moot. _With_ defense of a > right, the right is moot: In that case, you already have what you want! No, no that is not quite what I am meaning. What I mean by " should be free" is that we should be presumed to have that right, and that it should not be abridged in any way whatsoever, especially not for a fee. As an example, we have a right to bear arms. You should not have to pay a fee for that right. You certainly *should* have to pay for the arms you bear, or make your own. I think YOU are slightly confusing the issue. Rights are not property, but are concepts. I argue that what one should pay for are items of property, as well as services, whether they are tools for excercising a right or not. You don't get things for free. But rights are not really "things" in that sense at all. Imagine if you had to buy an annual Free Speech Registration from the FCC. Without this registra- tion certificate, you may only use words in The Official FCC Dictionary, and may only construct phrases that follow the rules of The Official FCC Style Guide, and may only talk about subjects delimited in The Official FCC Subject Index; any violation of these policies will result in punishment not to exceed $10,000 and/or 10 years in prison. This may seem an absurd example, but one most of us are familiar with if we have read _1984_. And no, no one can walk up and hand you a box full of privacy. Rights are there or not there, conceptually speaking. I don't think that not defending a right makes the right moot, per se, though you may lose it. Thing is you should not have to defend it. Any attempt to extinguish a right is by def- inition a violation of it. Unfortunately, people are only too happy to violate other's rights, so we have to defend them. > I suppose I also have a "right to lunch," too, with the caveat that each > I must "ensure" my right to lunch by tripping down to MacDonald's and > buying it. Why bother with the right? What is free here? The fact > that MacDonald's is open for business? But I'm not even guaranteed that! No, the "right" is in your right to actually leave work, and go get something to eat. If you employer demanded a $15 dock in pay to take lunch, or refused to let you have your break (and in most states I believe there are labor laws that mandate that employees get a certain length-of-time break for every x amount of work) that would be a violation of your right to have lunch. Like- wise if someone put a gun to your head and said "thou shalt eat no lunch". > Are rights a useless construction? *I* don't think so, personally. > > While this is true, I would urge people to keep in mind that while we can > > be expected to pay for tools to help us maintain our rights, no one can > > charge us a fee for those rights themselves. Privacy is free, it is our > > birthright. > > I hope I'm not getting off list topic here on my first post, but the > "privacy is free" meme looks to be potentially damaging for us. How so? > Perhaps > you mean, Stanton, that privacy as a commodity should not be traded for > U.S. dollars, Deutsche Mark, or Mexican Pesos, but for some other > currency? Sweat, perhaps? If you pay in sweat, it isn't free--you > could have paid someone else to sweat for you. Surely this hasn't > boiled down to a question over valid currency for trade in privacy? Nope. I don't think privacy (or any other right) is a commodity. I see the 2 categories as mutually exclusive. When a "right" becomes a commodity, it is no longer a right, but a privilege. > I think the fundamental question here is whether rights are free. > [Whether they "should be" free doesn't mean ANYTHING; what does "should > be" mean?] Look around; you'll see a lot of people "fighting for their > rights" to do X. I don't think you can tell _them_ that "the right to > do X is free." Sure I can. All of us here, or many of us, are fighting for at least one of our rights, namely privacy. I have yet to see someone say that we should BUY our right, or that we are fighting to be allowed to purchase or get a license for that right. Rather we are fighting because some people in the govt with big egos or someother mental problem are trying to destroy that right, to nullify it. FIGHTING for the right may not be free, since again one must purchase tools to do that with, and also "services" (if you can call legal and court fees a service >:). But the right itself has no price tag. > Cheers, TANSTAAFL, and I hope I haven't offended Stanton over a minor point, Nope not at all. Few things offend me, and debate is one of the last things I'd be offended by. > P.S. If anyone knows what rights are, mail me. I'm extremely > interested. Don't perpetuate my possible topical error by sending it to > Cypherpunks, unless you think everyone else will be interested. (Maybe > Extropians would be...) I think they would indeed, and the cypherfolk also. I can think of few groups more concerned with our rights and protecting them. Thanks for the comments, this is a good thing to talk about, to hash out. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From anton at hydra.unm.edu Tue May 4 09:42:48 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Tue, 4 May 93 09:42:48 PDT Subject: Privacy being free Message-ID: <9305041642.AA09869@hydra.unm.edu> > > Sorry to get on your case yet again, Perry, but I just cannot accept that, > > and I don't think anyone else here can either. > > I accept it. > Freedom and privacy are things that take actual effort to maintain. > Either you pay the cost yourself or you expect others to pay it for you, > but the cost is there. Saying it "should" be free doesn't explain a lot. I think this is another map/territory confusion. The RIGHT and the defense, use, tools for, effect of, etc. of the right are not the same thing. It is like the distinction between philosophy and books about phil. The first is free. The second cost money as does instruction in philosophy, etc. Even the effects of philosophy can be costly. But the concept "philosophy" has no price tag. > I think maybe you mean that you shouldn't accept any intrusion, any > specific imposed cost, without fighting back. I agree. In addition to what I already said, I agree with this absolutely 100%. > I have a certain emotional resonance with "rights" talk, but I've found > that people will argue it forever unless (and even if) you get down to > brass tacks, talking about ideas that can guide individual actions by > individual people in individual situations in a practical way. Most astute. I agree with this also. That was one of the reasons I "put my money where my mouth was" and tried to dist. PGP on my BBS. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From nobody at soda.berkeley.edu Tue May 4 11:08:30 1993 From: nobody at soda.berkeley.edu (nobody at soda.berkeley.edu) Date: Tue, 4 May 93 11:08:30 PDT Subject: No Subject Message-ID: <9305041805.AA07076@soda.berkeley.edu> Hola, I have been offered an opportunity to write on a regular basis for a National Underground Magazine. ZENGER. I am writing to the list to solicit a distilled list of Wiretap Chip Arguments. Ive got the masses of documents and understand the arguments but i am faced with limited space for the article. What does the list think is *vital* to let ZENGER readers know about? Remember this is a "not-necessarily-technical" crowd. (Although they are now realizing the need to include the computer underground Please post responses to the list since I am using a remailer. Ill post the national distribution sites when I receive the complete list. From lg2g+ at andrew.cmu.edu Tue May 4 12:18:22 1993 From: lg2g+ at andrew.cmu.edu (Liam David Gray) Date: Tue, 4 May 93 12:18:22 PDT Subject: PGP, and TANSTAAFL! In-Reply-To: <9305041614.AA08798@hydra.unm.edu> Message-ID: [I already sent this to Stanton McCandlish in private e-mail, but I thought it might be of interest to Cypherpunks in general. In it I correct some stupid statements I made in an earlier post. -Liam] ------------- Begin forwarded message -------------- In <9305041614.AA08798 at hydra.unm.edu>, you write: > No, the "right" is in your right to actually leave work, and go get something > to eat. If you employer demanded a $15 dock in pay to take lunch, or refused > to let you have your break (and in most states I believe there are labor laws > that mandate that employees get a certain length-of-time break for every x > amount of work) that would be a violation of your right to have lunch. For the sake of argument , Stanton, I wouldn't say a "right to lunch," even as posed this way, should stand. If it's a statutory right, then -- well, then it is just that. But I regard this is coincidence and would hesitate to call it a "natural right," since I should be free to negotiate an employment contract which pays me less ("docks" me, if you wish) if I take time off for lunch, and more (a "bonus?") if I stay on all day. Note that at present I am _not_ free to do so, so that right is being infringed upon, just as our privacy is frequently infringed upon at present. > Like- > wise if someone put a gun to your head and said "thou shalt eat no lunch". Right! This seems to be the main parallel to privacy here. I do agree on that. I accept your objection to my positioning of rights as commodities. Disregarding the fact that I still believe rights are fairly meaningless (they only work if someone recognizes the same rights as you do, so that's all subjective), I do realize what people mean when they talk about rights, and that to talk of them as commodities therefore probably _is_ confusing the issue. What I meant to emphasize (and failed to mention) was that it is still quite possible and natural to defend one's privacy, whether one believes privacy is a "right" under the law or not. Too often, I've seen people use their violated rights as a justification for pointless, indignant whining. I want to advocate a more aggressive, guerrilla-style defense of privacy; to me, it is enough that I _want_ privacy. While rights are inherent, and, agreed, are _not_ commodities, the preservation and enforcement of all rights _costs_ something, and doesn't always involve opponents who are willing to believe that what you are defending is a right. I think we're fundamentally in agreement. I think I was right to have second thoughts over whether my argument over rights was appropriate for the list--probably it was not. But nonetheless, I'm glad we're discussing it. Happy Cypherpunking! Liam PS: I admired your courage in offering and advertising PGP on your BBS, and thought you handled the threat from Jim Bidzos gracefully. Let's hope PGP can become legal soon. Really, I'd like to see a PGP that is legal for both personal _and commerical_ use, internationally, even if it costs money--perhaps especially if it costs money. The reason I tried to establish rights as commodities, Stanton, is that I've read too many Ayn Rand novels :) and believe that trading something in money is a symbol of its value, and of the value of whoever created it, and should be a big ego boost to creative people and to all involved. I really don't like anything free, even something sold in a large bundle. Ever eat too much at an all-you-can-eat restaurant? I think that, in part, life is too much like an all-you-can-eat restaurant. Paying for something for its own merits causes us to get our priorities straight. I like to see people get filthy rich [why filthy?] _selling_ software; the feeling I get when I buy something is similar to the feeling some people get when they give money to charities, I suppose. Everything worth doing is worth doing at a profit. Ever get warm fuzzies when you send something UPS instead of US Parcel Post? :-) In some cases, the profit may not be monetary. But it's profit nonetheless, and that can only be good. --- Public key available by arrangement -- The cat is out of the bag. Too much of a dreamer not to be practical -- Go have your own "valiant defeat." Liam David Gray -- Quote me. From phantom at u.washington.edu Tue May 4 12:34:43 1993 From: phantom at u.washington.edu (The Phantom) Date: Tue, 4 May 93 12:34:43 PDT Subject: REQUEST: Info on email accounts Message-ID: I've lost the piece on dialup email access that was sent a few weeks ago. I think someone said MCImail (?) had a good monthly rate -- is this right? Can anyone help me out on this one? Matt Thomlinson Say no to the Wiretap Chip! University of Washington, Seattle, Washington. Internet: phantom at u.washington.edu phone: (206) 528-5732 PGP 2.2 key available via email or finger phantom at hardy.u.washington.edu From composer at Beyond.Dreams.ORG Tue May 4 13:10:22 1993 From: composer at Beyond.Dreams.ORG (Jeff Kellem) Date: Tue, 4 May 93 13:10:22 PDT Subject: TALK: Boston Univ CS Dept Colloquium--Digital Signatures, 6 May, 11am Message-ID: <9305042010.AA28513@Beyond.Dreams.ORG> For those in the Boston area this Thursday, 6 May 93, this talk may be of interest. FYI... -jeff Jeff Kellem Internet: composer at Beyond.Dreams.ORG ------- Forwarded Message BOSTON UNIVERSITY CS DEPARTMENT COLLOQUIUM Thursday, May 6 at 11:00 Math and Computer Science Bldg (MCS) Room 135, 111 Cummington Street Boston, MA 02215 ON-LINE/OFF-LINE DIGITAL SIGNATURES Shimon Even Computer Science Department Technion - Israel Institute of Technology Joint work with Oded Goldreich and Silvio Micali ABSTRACT A signature scheme is proposed. It consists of two phases. The first phase is performed off-line, before the message to be signed is even known. The second on-line phase is performed once the message to be signed is known. The scheme has a practical advantage as well as a theoretical value. It is shown that the on-line phase can be carried out very quickly, by using a one-time signature scheme. The off-line phase can use a simplified version of the square extraction method of Rabin. It requires a moderate amount of computation, but can be performed leisurely, before the message to be signed is even known. Thus, the scheme may be of practical value in scenarios such as that of electronic fund transfer. It is proved that if the building blocks are secure against known message attack, the scheme is secure against chosen message attack. There will be tea at 10:45. ------- End of Forwarded Message From newsham at wiliki.eng.hawaii.edu Tue May 4 13:13:45 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Tue, 4 May 93 13:13:45 PDT Subject: tripple des Message-ID: <9305042013.AA25148@toad.com> Crypto question: why was the following chosen for tripple DES : EN(DE(EN(data,k1),k2),k3); The encryption would involve passing data through IP, then doing 16 rounds forward with k1, (factoring out the IP-1 and IP) then doing 16 rounds backwards with k2 (factoring out the next IP-1 and IP) then doing 16 rounds forward with k3 then going through IP-1 How would this compare with EN(EN(EN(data,k1),k2),k3); which goes through IP, does 16 rounds each with k1, k2 then k3, then IP-1 ? The only difference is that the key scheduler rotates backwards (or another interpretation keys used in reverse order) for the second stage. Does anyone know the rationale behind this? From svp at pizzabox.demon.co.uk Tue May 4 13:21:23 1993 From: svp at pizzabox.demon.co.uk (Sy Verpunc) Date: Tue, 4 May 93 13:21:23 PDT Subject: Answer to 'vital wiretap chip article question' Message-ID: <9305031948.AA00777@pizzabox.demon.co.uk> #1: Everything about the scheme implies that strong crypto of any nature will eventually require key escrow or be outlawed. G From jthomas at access.digex.net Tue May 4 14:18:38 1993 From: jthomas at access.digex.net (Joe Thomas) Date: Tue, 4 May 93 14:18:38 PDT Subject: tripple des In-Reply-To: <9305042013.AA25148@toad.com> Message-ID: On Tue, 4 May 1993, Timothy Newsham wrote: > > Crypto question: > why was the following chosen for tripple DES : > EN(DE(EN(data,k1),k2),k3); > > . . . > > How would this compare with > EN(EN(EN(data,k1),k2),k3); > In fact, "triple" DES goes three times through the engine, but only uses two keys: EN(DE(EN(data,k1),k2),k1) My understanding is that this was chosen for hardware implementations because it is equivalent to single DES when k1 = k2. This is important, of course, when some people you want to talk to are still using single DES and the hardware is hard to reconfigure. Nowadays, when most DES (technically, DEA) is done in software, it would make more sense to use three separate keys. Two key "triple" DES has 112 key bits (56 * 2), while a three key system would have 168. I've seen the latter system used recently, though I can't remember where... Joe -- Joe Thomas Say no to the Wiretap Chip! PGP key available by request, finger, or pgp-public-keys at toxicwaste.mit.edu PGP key fingerprint: 1E E1 B8 6E 49 67 C4 19 8B F1 E4 9D F0 6D 68 4B From strat at intercon.com Tue May 4 14:25:42 1993 From: strat at intercon.com (Bob Stratton) Date: Tue, 4 May 93 14:25:42 PDT Subject: checks Message-ID: <9305041725.AA34057@horton.intercon.com> > Date: Mon, 3 May 93 08:44:37 -0700 > From: Eric Hughes > Choices: PGP vs. RSA Data Security > > >re paying a reasonable license fee, I wonder if RSA would cash my > >check for (say) $10 if I wrote on the check that it was for a license > >for whatever they might claim on PGP. > > RSA might try to cash such a check, but if their bank is smart they won' > t accept it. A check is not negotiable if it contains a > condition. Much as I respect you Eric, I direct your attention to the myriad of "checks" being sent out by AT&T and MCI, to name a few offenders. These bear the legend: "endorsement of this check constitutes your acceptance of as your long distance carrier." Weasels. --Strat From newsham at wiliki.eng.hawaii.edu Tue May 4 14:31:52 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Tue, 4 May 93 14:31:52 PDT Subject: tripple des In-Reply-To: Message-ID: <9305042131.AA28472@toad.com> > > > > Crypto question: > > why was the following chosen for tripple DES : > > EN(DE(EN(data,k1),k2),k3); > > In fact, "triple" DES goes three times through the engine, but only uses > two keys: > > EN(DE(EN(data,k1),k2),k1) > hmm... I am using d3des which I had assumed uses 'tripple-DES'. at any rate, I used the Ddes() function, printed its output, then used the des() function 3 times and prined its output. They matched up which suggests that d3des uses the method I posted at the top. > My understanding is that this was chosen for hardware implementations > because it is equivalent to single DES when k1 = k2. This is important, > of course, when some people you want to talk to are still using single DES > and the hardware is hard to reconfigure. interesting. Wouldnt the first scheme do the same? for k1=k2, and k3 = any key ? (or k2=k3 and k1 = any key) > Joe > -- > Joe Thomas Say no to the Wiretap Chip! -- main.c, compares Ddes output and des output --------- #include "d3des.h" unsigned long enkey[96],dekey[96]; unsigned long e1[32],e2[32],e3[32]; unsigned long d1[32],d2[32],d3[32]; main() { char *a,b[100],*k,*k1,*k2,*k3; strcpy(b,"this is a test"); k="testing123423456789212345678"; k1="testing1"; k2="23423456"; k3="78921234"; deskey(k1,0); cpkey(e1); deskey(k2,1); cpkey(d2); deskey(k3,0); cpkey(e3); des3key(k,0); cp3key(enkey); /* set up long keys , encrypt */ des3key(k,1); cp3key(dekey); /* decrypt */ use3key(enkey); Ddes(b,b); /* encrypt b */ write(1,b,16); use3key(dekey); Ddes(b,b); /* decrypt b */ write(1,b,16); usekey(e1); des(b,b); usekey(d2); des(b,b); usekey(e3); des(b,b); write(1,b,16); } From smb at research.att.com Tue May 4 15:42:26 1993 From: smb at research.att.com (smb at research.att.com) Date: Tue, 4 May 93 15:42:26 PDT Subject: tripple des Message-ID: <9305042242.AA00515@toad.com> Crypto question: why was the following chosen for tripple DES : EN(DE(EN(data,k1),k2),k3); The encryption would involve passing data through IP, then doing 16 rounds forward with k1, (factoring out the IP-1 and IP) then doing 16 rounds backwards with k2 (factoring out the next IP-1 and IP) then doing 16 rounds forward with k3 then going through IP-1 How would this compare with EN(EN(EN(data,k1),k2),k3); which goes through IP, does 16 rounds each with k1, k2 then k3, then IP-1 ? The only difference is that the key scheduler rotates backwards (or another interpretation keys used in reverse order) for the second stage. Does anyone know the rationale behind this? First, it's usually done as EN(DE(EN(data,k1),k2),k1) The middle step is a decryption for two reasons, one of which is no longer important for DES. The reason that is still valid is that by setting k1==k2, you have compatibility with other implementations that only do single encryption. (See the Garon and Outerbridge paper in the July '91 Cryptologia for why you want to triple-encrypt keys...) The second reason, no longer a concern for DES, is that it was feared that DES might be a group. That is, given E(E(data,k1),k2) it was feared that there might be a third key kx equivalent to encryption with k1 and k2. It's recently been proved that DES is not a group. That is, in general there is no such kx. Conceivably, the problem could arise with other cryptosystems, such as Skipjack. I haven't yet seen the proof about DES, and I don't know how much might transfer to other DES-like algorithms. In any event, doing a decryption as the second operation was thought to dodge the whole question. Finally, even though triple encryption as I've defined it only has a key length of 112, it's still necessary to do three operations, rather than a simple double encryption; for the latter, there's a birthday attack in O(2^56) time, though it does require O(2^56) space as well, making its feasibility a bit dubious. --Steve Bellovin From hughes at soda.berkeley.edu Tue May 4 15:47:25 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Tue, 4 May 93 15:47:25 PDT Subject: checks In-Reply-To: <9305041725.AA34057@horton.intercon.com> Message-ID: <9305042244.AA27314@soda.berkeley.edu> For those who don't want to read about an arcane bit of commercial paper law, please stop reading now. >Much as I respect you Eric, I direct your attention to the myriad of "checks" >being sent out by AT&T and MCI, to name a few offenders. These bear the >legend: "endorsement of this check constitutes your acceptance of as >your long distance carrier." >From West's Nutshell handbook on _Commercial Paper_, p 55: "[...] an instrument is not negotiable unless it contains an unconditional promise or order. [UCC] 3-104(1)(b). See 3-105. That is, the obligation must be expressed in terms which are absolute and not subject to contingencies, provisos, qualifications, or reservations which may impair the obligation to pay. It must be a 'courier without luggage.' Overton v. Tyler, 3 Pa. 346,347 (1846)." If a check is not negotiable, that does not mean that the order on it is invalid; it means that the rights of third and later parties to collect on the order are precariously held. This might not impede the money getting transferred, though. The thing about the LD company checks is that their writing doesn't seem to be a condition on the order to pay. After all, you don't have to indorse a check in order to get the money from it; you can always take it to the bank it was drawn on directly. The condition on these checks seems to be a condition upon your indorsement of the check; conditions on indorsements do not affect negotiability. >Weasels. I agree. Eric From uni at acs.bu.edu Tue May 4 16:16:23 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Tue, 4 May 93 16:16:23 PDT Subject: An answer and a question Message-ID: <9305042316.AA147149@acs.bu.edu> First, with regard to privacy being free. I agree, than in an ideal society privacy would be considered a right, and no effort would be required to insure it. In my view it is necessary for the state to insure this right. This goes to the "if you were ever made dictator of a small island nation, what would be your first decrees?" Well, mine would be something to the effect of this: That we the citizens of unissa might preserve the individuality and freedom of the populous, prevent tyrrany and authortarian tactics, promote the right of men and women to develop in their own direction s, as this is most conducive to the rise of a great nation, I hereby decree that it shall be the unalienable right of citizens to hold their personal and public actions and duties in confidence. Further it shall be made to pass that the burden of ensuring such confidentiality shall rest on the state, and the state shall pass no law or decree that violates this right. Unfortunately, we all know that this is classified as "fantasy" I'd love for it to happen, and I would be quite proud to offer citizenship to all the cypherpunks (well most of you :) ) but in the words of a great man I once knew... "It Ain't gonna happen...." Privacy isn't free, you have to work for it in this country. I don't mind that. I sort of like the process. I have a problem when the state ACTIVELY tries to ELIMINATE privacy. I have an even WORSE problem when the state does so by serapitious means. I am disgusted by what's happening with regard to press releases and complicity of large corporations who are basically selling us out for a profit (A-hem T-eeem an-hem-d T-hem) I realized something suddenly that made me feel like I am growing more and more paranoid by the hour by the way. I noticed for the first time that these AT&T commercials that are airing lately have distinct propaganda trends... I never noticed it before but think about it. Lots of talk about freedom, individual plans, and a MAJOR ad campaign on T.V. complete with Arethra (sp) Franklin singing "Freedom....Freedom... FREEDOM!" Does this strike anyone else as odd or am I going crazy? I think I'm turning into a liberal! I can't take it! Look, it's obvious that security and liberty are a trade off. I'm an international relations schloar, with a concentration in intelligence, so that's not a leap of logic for me. What I don't understand is this: Of late, terrorist acts have been on the DECLINE. The world trade center was a big one, sure. But it's not the whole picture. So why the push now? We really don't NEED more security in the form of clipper and FBI bills right now... not in my view anyhow. Comparatively this is a safe nation. Even if you disagree with this point, it can be pointed out that you DO NOT need privacy invading tactics to prevent terrorism, or drug dealing. To me, drug sniffing dogs, metal detectors, x-ray machines are not a GREAT violation of privacy, I have little trouble tolerating these things and I accept them as part of life. Fine. But when it becomes obvious that government is taking an ACTIVE interest in things like my conversations and business practices, as well as opening the way for me and my children (I hope to have some some day) to be cataloged and followed and assigned a number and database for our health records and who knows what else from birth, I get offended. I WILL fight these initiaves, with civil disobedience if nothing else works. I have a feeling that there are like minded people out there, people who can tolerate some violations of absolute privacy in exchange for feeling that every plane you ride on is not at risk because of some psycho, and that less coke is going to find its way to schools. But who cannot tolerate AUTHORATARIAN regimes, and practices to make these assurances. We are in my opinion at a very dangerous time. VERY dangerous We are at a point where events have made isolationism more and more a concern, and the focus is more an more on the people of this nation rather than other issues. Events like the world trade center, and the media attention it brings threaten to bring more force to bear on the fragile balance between what I will accept and what government wants. On another note, how public is this mailing list. I mean the list of names here. How unlikely is it that we might be on a "watch-these-dangerous-activits-revolutionaries" black list somewhere...? uni at acs.bu.edu From jet at nas.nasa.gov Tue May 4 16:42:17 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Tue, 4 May 93 16:42:17 PDT Subject: An answer and a question In-Reply-To: <9305042316.AA147149@acs.bu.edu> Message-ID: <9305042342.AA24553@boxer.nas.nasa.gov> Convenience is Freedom! "Get your Freedom at 7-11!" -- remember this ad campaign? The word has been so overused that it's now meaningless in the minds of many Americans. From baumbach at atmel.com Tue May 4 18:11:27 1993 From: baumbach at atmel.com (Peter Baumbach) Date: Tue, 4 May 93 18:11:27 PDT Subject: REQUEST: Info on email accounts Message-ID: <9305050036.AA17304@sole.chp.atmel.com> I hope this is the kind of thing you're looking for. :-) ----- Begin Included Message ----- >From kaminski at netcom.com Sun Apr 25 14:39:32 1993 Reply-To: kaminski at netcom.com Date: Sun, 25 Apr 93 10:49:13 -0700 From: kaminski at netcom.com (Peter Kaminski) To: PDIAL Mailing List Subject: PDIAL011, 23 April 1993 Content-Length: 34539 You're on the mailing list to receive new PDIAL editions as they come out; here's the latest! For problems, email me at (preferred) or 71053.2155 at compuserve.com. Thanks for your interest! Pete ================ New in PDIAL011: New provider: nwnexus (206) New points of presence: netcom (206) (503) Updated info: csn, msen; section on 800 rates ---- cut here ---- The Public Dialup Internet Access List (PDIAL) ============================================== File PDIAL011.TXT -- 23 April 1993 A list of public access service providers offering dialup access to outgoing Internet connections such as FTP and telnet. Copyright 1992-1993 Peter Kaminski. May be distributed but not sold -- see notice at the end of this document. Or, tell people to email "Send PDIAL" to "info-deli-server at netcom.com". Contents: -1- Summary: Providers With Wide Area Access -2- Summary: Area Codes For US/Canada Dialins -3- Summary: Phone Prefixes For International Dialins -4- What *Is* The Internet? -5- What The PDIAL Is -6- List of Providers -7- How People Can Get The PDIAL (This List) -8- Appendix A: Finding Public Data Network (PDN) Access Numbers -9- Copyright and Distribution Of The PDIAL; Other Notices Subject headers below are formatted so this list may be read as a digest by USENET newsreaders that support digests. Example commands: rn, "control-G" skips to next section; nn, "G%" presents as a digest. Sections may also be located by searching for the desired section number string (e.g. "-1-") from the list above. ---------------------------------------------------------------------- From: PDIAL -1- Subject: Summary: Providers With Wide Area Access PDN delphi, holonet, michnet, portal, psi-gds, psilink, well, world 800 class, cns, crl, csn, dial-n-cerf-usa, jvnc, OARnet "PDN" means the provider is accessible through a public data network (check the listings below for which network); note that many PDNs listed offer access outside North America as well as within North America. Check with the provider or the PDN for more details. "800" means the provider is accessible via a "toll-free" US phone number. The phone company will not charge for the call, but the service provider will add a surcharge to cover the cost of the 800 service. This may be more expensive than other long-distance options. ------------------------------ From: PDIAL -2- Subject: Summary: Area Codes for US/Canada Dialins If you are not local to any of these providers, it's still likely you are able to access those providers available through a public data network (PDN). Check the section above for providers with wide area access. 201 jvnc-tiger 202 express, grebyn 203 jvnc-tiger 206 eskimo, halcyon, netcom, nwnexus 212 mindvox, panix 213 dial-n-cerf, netcom 214 metronet 215 jvnc-tiger, PREPnet 216 OARnet, wariat 301 express, grebyn 303 cns, csn 310 dial-n-cerf, netcom 312 ddsw1 313 michnet, MSen 401 anomaly, ids, jvnc-tiger 408 a2i, netcom, portal 410 express 412 PREPnet, telerama 415 crl, dial-n-cerf, netcom, portal, well 419 OARnet 503 netcom 508 anomaly, nearnet 510 dial-n-cerf, holonet, netcom 513 OARnet 514 CAM.ORG 516 jvnc-tiger 517 michnet 603 nearnet 609 jvnc-tiger 614 OARnet 616 michnet 617 delphi, nearnet, world 619 cyber, dial-n-cerf, netcom 703 express, grebyn 704 rock-concert 707 crl 708 ddsw1 713 sugar 714 dial-n-cerf 717 PREPnet 718 mindvox, panix 719 cns, csn, oldcolo 814 PREPnet 815 ddsw1 818 dial-n-cerf, netcom 906 michnet 908 jvnc-tiger 916 netcom 919 rock-concert These are area codes local to the dialups, although some prefixes in the area codes listed may not be local to the dialups. Check your phone book or with your phone company. Most providers listed here are also accessible by packet-switched data services such as PC Pursuit ($30/month for 30 hours off-peak 2400 bps access -- call 800-736-1130 for more information), traditional long distance services, and of course telnet. ------------------------------ From: PDIAL -3- Subject: Summary: Phone Prefixes for International Dialins If you are not local to any of these providers, there is still a chance you are able to access those providers available through a public data network (PDN). Check the section above for providers with wide area access, and send email to them to ask about availability. +61 2 connect.com.au +61 3 connect.com.au +44 (0)81 ibmpcug ------------------------------ From: PDIAL -4- Subject: What *Is* The Internet? The Internet is a global cooperative network of university, corporate, government, and private computers, all communicating with each other by means of something called TCP/IP (Transmission Control Protocol/Internet Protocol). Computers directly on the Internet can exchange data quickly and easily with any other computer on the Internet to download files, send email, provide remote logins, etc. Users can download files from publicly accessible archive sites ("anonymous FTP"); login into remote computers (telnet or rlogin); chat in real-time with other users around the world (Internet Relay Chat); or use the newest information retrieval tools to find a staggering variety of information (Wide Area Information Servers, Gopher, World Wide Web). Computers directly on the Internet also exchange email directly and very quickly; email is usually delivered in seconds between Internet sites. Sometimes the Internet is confused with other related networks or types of networking. First, there are other ways to be "connected to the Internet" without being directly connected as a TCP/IP node. Some computers connect via UUCP or other means at regular intervals to an Internet site to exchange email and USENET newsgroups, for instance. Such a site can provide email (though not as quickly as a directly connected systems) and USENET access, but not Internet downloads, remote logins, etc. "email" (or "Internet email", "netmail") can be exchanged with a wide variety of systems connected directly and indirectly to the Internet. The email may travel solely over the Internet, or it may traverse other networks and systems. "USENET" is the collection of computers all over the world that exchange USENET news -- thousands of "newsgroups" (like forums, or echos) on a wide range of topics. The newsgroup articles are distributed all over the world to USENET sites that wish to carry them (sometimes over the Internet, sometimes not), where people read and respond to them. The "NSFNET" is one of the backbones of the Internet in the US. It is funded by the NSF, which restricts traffic over the NSFNET to "open research and education in and among US research and instructional institutions, plus research arms of for-profit firms when engaged in open scholarly communication and research." Your Internet provider can give you more details about acceptable use, and alternatives should you need to use the Internet in other ways. ------------------------------ From: PDIAL -5- Subject: What The PDIAL Is This is a list of Internet service providers offering public access dialins and outgoing Internet access (ftp, telnet, etc.). Most of them provide email and USENET news and other services as well. If one of these systems is not accessible to you and you need email or USENET access, but *don't* need ftp or telnet, you have many more public access systems from which to choose. Public access systems without ftp or telnet are *not* listed in this list, however. See the nixpub (alt.bbs, comp.misc) list and other BBS lists. Some of these providers offer time-shared access to a shell or BBS program on a computer connected directly to the Internet, through which you can FTP or telnet to other systems on the Internet. Usually other services are provided as well. Generally, you need only a modem and terminal or terminal emulator to access these systems. Check for "shell", "bbs", or "menu" on the "services" line. Other providers connect you directly to the Internet via SLIP or PPP when you dial in. For these you need a computer system capable of running the software to interface with the Internet, e.g., a Unix machine, PC, or Mac. Check for "SLIP", or "PPP" on the services line. While I have included all sites for which I have complete information, this list is surely incomplete. Please send any additions or corrections to "kaminski at netcom.com". ------------------------------ From: PDIAL -6- Subject: List of Providers Fees are for personal dialup accounts with outgoing Internet access; most sites have other classes of service with other rate structures as well. Most support email and netnews along with the listed services. "Long distance: provided by user" means you need to use services such as PC Pursuit, direct dial long distance or other long distance services. << a2i >> name ----------> a2i communications dialup --------> 408-293-9010 (v.32, v.32 bis) or 408-293-9020 (PEP) 'guest' area codes ----> 408 local access --> CA: Campbell, Los Altos, Los Gatos, Moutain View, San Jose, Santa Clara, Saratoga, Sunnyvale long distance -> provided by user services ------> shell, ftp, telnet, feeds fees ----------> $20/month or $45/3 months or $72/6 months email ---------> info at rahul.net voice ---------> n/a ftp more info -> ftp.rahul.net:/pub/BLURB << anomaly >> name ----------> Anomaly - Rhode Island's Gateway To The Internet dialup --------> 401-331-3706 (v.32) or 401-455-0347 (PEP) area codes ----> 401, 508 local access --> RI: Providence/Seekonk Zone long distance -> provided by user services ------> shell, ftp, telnet, SLIP fees ----------> Commercial: $125/6 months or $200/year; Educational: $75/6 months or $125/year email ---------> info at anomaly.sbs.risc.net voice ---------> 401-273-4669 ftp more info -> anomaly.sbs.risc.net:/anomaly.info/access.zip << CAM.ORG >> name ----------> Communications Accessibles Montreal dialup --------> 514-281-5601 (v.32 bis, HST) 514-738-3664 (PEP), 514-923-2103 (ZyXeL 19.2K) 514-466-0592 (v.32) area codes ----> 514 local access --> QC: Montreal, Laval, South-Shore, West-Island long distance -> provided by user services ------> shell, ftp, telnet, feeds, SLIP, PPP, FAX gateway fees ----------> $25/month Cdn. email ---------> info at CAM.ORG voice ---------> 514-923-2102 ftp more info -> n/a << class >> name ----------> Cooperative Library Agency for Systems and Services dialup --------> contact for number; NOTE: CLASS serves libraries/information distributors only area codes ----> 800 local access --> anywhere (800) service is available long distance -> included services ------> ftp, telnet, gopher, wais, hytelnet fees ----------> $10.50/hour + $150/year for first account + $50/year each additional account + $135/year CLASS membership email ---------> class at class.org voice ---------> 800-488-4559 fax -----------> 408-453-5379 ftp more info -> n/a << cns >> name ----------> Community News Service dialup --------> 719-520-1700 id 'new', passwd 'newuser' area codes ----> 303, 719, 800 local access --> CO: Colorado Springs, Denver; continental US/800 long distance -> 800 or provided by user services ------> UNIX shell, email, ftp, telnet, irc, USENET, Clarinet, gopher fees ----------> $1/hour; $10/month minimum + $35 signup email ---------> klaus at cscns.com voice ---------> 719-579-9120 ftp more info -> n/a << connect.com.au >> name ----------> connect.com.au pty ltd dialup --------> contact for number area codes ----> +61 3, +61 2 local access --> Australia: Melbourne, Sydney long distance -> provided by user services ------> SLIP, PPP, ISDN, UUCP, ftp, telnet, NTP, FTPmail fees ----------> AUS$2000/year (1 hour/day), 10% discount for AUUG members; other billing negotiable email ---------> connect at connect.com.au voice ---------> +61 3 5282239 fax -----------> +61 3 5285887 ftp more info -> ftp.connect.com.au << crl >> name ----------> CR Laboratories Dialup Internet Access dialup --------> 415-389-UNIX area codes ----> 415, 707, 800 local access --> CA: San Francisco Bay Area; continental US/800 long distance -> 800 or provided by user services ------> shell, ftp, telnet, feeds, SLIP, WAIS fees ----------> $19.50/month + $15.00 signup email ---------> info at crl.com voice ---------> 415-381-2800 ftp more info -> n/a << csn >> name ----------> Colorado SuperNet, Inc. dialup --------> contact for number area codes ----> 303, 719, 800 local access --> CO: Alamosa, Boulder/Denver, Colorado Springs, Durango, Fort Collins, Frisco, Glenwood Springs/Aspen, Grand Junction, Greeley, Gunnison, Pueblo, Telluride; anywhere 800 service is available long distance -> provided by user or 800 services ------> shell or menu, UUCP, SLIP, 56K, ISDN, T1; ftp, telnet, irc, gopher, WAIS, domains, anonymous ftp space, email-to-fax fees ----------> $1/hour off-peak, $3/hour peak ($250 max/month) + $20 signup, $5/hr surcharge for 800 use email ---------> info at csn.org voice ---------> 303-273-3471 fax -----------> 303-273-3475 ftp more info -> csn.org:/CSN/reports/DialinInfo.txt off-peak ------> midnight to 6am << cyber >> name ----------> The Cyberspace Station dialup --------> (619) 634-1376 'guest' area codes ----> 619 local access --> CA: San Diego long distance -> provided by user services ------> shell, ftp, telnet, irc fees ----------> $15/month + $10 startup or $60 for six months email ---------> help at cyber.net voice ---------> ftp more info -> n/a << ddsw1 >> name ----------> 'ddsw1', MCSNet dialup --------> (312) 248-0900 V.32bis/V.32, 248-6295 (PEP), follow prompts area codes ----> 312, 708, 815 local access --> IL: Chicago long distance -> provided by user services ------> shell, ftp, telnet, feeds, email, irc, gopher fees ----------> $25/month or $65/3 months email ---------> info at ddsw1.mcs.com voice ---------> n/a ftp more info -> n/a << delphi >> name ----------> DELPHI dialup --------> (800) 365-4636 'JOINDELPHI password:INTERNETSIG' area codes ----> 617, PDN local access --> MA: Boston; KS: Kansas City long distance -> Sprintnet or Tymnet: $9/hour weekday business hours, no charge nights and weekends services ------> ftp, telnet, feeds, user groups, wire services, member conferencing fees ----------> $10/month for 4 hours or $20/month for 20 hours + $3/month for Internet services email ---------> walthowe at delphi.com voice ---------> 800-544-4005 ftp more info -> n/a << dial-n-cerf >> name ----------> DIAL n' CERF or DIAL n' CERF AYC dialup --------> contact for number area codes ----> 213, 310, 415, 510, 619, 714, 818 local access --> CA: Los Angeles, Oakland, San Diego, Irvine, Pasadena, Palo Alto long distance -> provided by user services ------> shell, menu, irc, ftp, hytelnet, gopher, WAIS, WWW, terminal service, SLIP fees ----------> $5/hour ($3/hour on weekend) + $20/month + $50 startup OR $250/month flat for AYC email ---------> help at cerf.net voice ---------> 800-876-2373 or 619-455-3900 ftp more info -> nic.cerf.net:/cerfnet/dial-n-cerf/ off-peak ------> Weekend: 5pm Friday to 5pm Sunday << dial-n-cerf-usa >> name ----------> DIAL n' CERF USA dialup --------> contact for number area codes ----> 800 local access --> anywhere (800) service is available long distance -> included services ------> shell, menu, irc, ftp, hytelnet, gopher, WAIS, WWW, terminal service, SLIP fees ----------> $10/hour ($8/hour on weekend) + $20/month email ---------> help at cerf.net voice ---------> 800-876-2373 or 619-455-3900 ftp more info -> nic.cerf.net:/cerfnet/dial-n-cerf/ off-peak ------> Weekend: 5pm Friday to 5pm Sunday << eskimo >> name ----------> Eskimo North dialup --------> 206-367-3837 300-2400 bps, 206-362-6731 for 9600/14.4k, 206-742-1150 World Blazer area codes ----> 206 local access --> WA: Seattle, Everett long distance -> provided by user services ------> shell, ftp, telnet fees ----------> $10/month or $96/year email ---------> nanook at eskimo.com voice ---------> 206-367-7457 ftp more info -> n/a << express >> name ----------> Express Access - Online Communications Service dialup --------> 301-220-0462, 410-766-1855 'new' area codes ----> 202, 301, 410, 703 local access --> Northern VA, Baltimore MD, Washington DC long distance -> provided by user services ------> shell, ftp, telnet, irc fees ----------> $25/month or $250/year email ---------> info at digex.com voice ---------> 301-220-2020 ftp more info -> n/a << grebyn >> name ----------> Grebyn Corporation dialup --------> 703-281-7997, 'apply' area codes ----> 202, 301, 703 local access --> Northern VA, Southern MD, Washington DC long distance -> provided by user services ------> shell, ftp, telnet fees ----------> $30/month email ---------> info at grebyn.com voice ---------> 703-281-2194 ftp more info -> n/a << halcyon >> name ----------> Halcyon dialup --------> (206) 382-6245 'new', 8N1 area codes ----> 206 local access --> Seattle, WA long distance -> provided by user services ------> shell, telnet, ftp, bbs, irc, gopher, hytelnet fees ----------> $200/year, or $60/quarter + $10 start-up email ---------> info at halcyon.com voice ---------> 206-955-1050 ftp more info -> halcyon.com:~/pub/waffle/info << holonet >> name ----------> HoloNet dialup --------> (510) 704-1058 area codes ----> 510, PDN local access --> Berkeley, CA long distance -> [per hour, off-peak/peak] Bay Area: $0.50/$0.95; PSINet A: $0.95/$1.95; PSINet B: $2.50/$6.00; Tymnet: $3.75/$7.50 services ------> ftp, telnet, irc, games fees ----------> $2/hour off-peak, $4/hour peak; $6/month or $60/year minimum email ---------> info at holonet.net voice ---------> 510-704-0160 ftp more info -> holonet.net:/info/ off-peak ------> 5pm to 8am + weekends and holidays << ibmpcug >> name ----------> UK PC User Group dialup --------> +44 (0)81 863 6646 area codes ----> +44 (0)81 local access --> London, England long distance -> provided by user services ------> ftp, telnet, bbs, irc, feeds fees ----------> GBPounds 15.50/month or 160/year + 10 startup (no time charges) email ---------> info at ibmpcug.co.uk voice ---------> +44 (0)81 863 6646 ftp more info -> n/a << ids >> name ----------> The IDS World Network dialup --------> (401) 884-9002, (401) 785-1067 area codes ----> 401 local access --> East Greenwich, RI; northern RI long distance -> provided by user services ------> ftp, telnet, SLIP, feeds, bbs fees ----------> $10/month or $50/half year or $100/year email ---------> sysadmin at ids.net voice ---------> 401-884-7856 ftp more info -> ids.net:/ids.net << jvnc-tiger >> name ----------> The John von Neumann Computer Network - Dialin' Tiger dialup --------> contact for number area codes ----> 201, 203, 215, 401, 516, 609, 908 local access --> Princeton & Newark, NJ; Philadelphia, PA; Garden City, NY; Bridgeport, New Haven, & Storrs, CT; Providence, RI long distance -> provided by user services ------> ftp, telnet, SLIP, feeds, optional shell fees ----------> $99/month + $99 startup (PC or Mac SLIP software included -- shell is additional $21/month) email ---------> info at jvnc.net voice ---------> (800) 35-TIGER, (609) 258-2400 ftp more info -> n/a << jvnc >> name ----------> The John von Neumann Computer Network - Tiger Mail & Dialin' Terminal dialup --------> contact for number area codes ----> 800 local access --> anywhere (800) service is available long distance -> included services ------> email and newsfeed or terminal access only fees ----------> $19/month + $10/hour + $36 startup (PC or Mac SLIP software included) email ---------> info at jvnc.net voice ---------> (800) 35-TIGER, (609) 258-2400 ftp more info -> n/a << metronet >> name ----------> Texas Metronet dialup --------> 214-705-2902 9600bps, 214-705-2917 2400bps, 'info/info' or 'signup/signup' area codes ----> 214 local access --> TX: Dallas long distance -> provided by user services ------> shell, ftp, telnet, feeds, SLIP fees ----------> $10-$50/month + $20-$30 startup email ---------> srl at metronet.com / 73157.1323 at compuserve.com / GEnie:S.LINEBARG voice ---------> 214-401-2800 fax -----------> 214-401-2802 ( 8am-5pm CST weekdays ) ftp more info -> n/a << michnet >> name ----------> Merit Network, Inc. -- MichNet project dialup --------> contact for number or telnet hermes.merit.edu and type 'help' at 'Which host?' prompt area codes ----> 313, 517, 616, 906, PDN local access --> Michigan; Boston, MA; Wash. DC long distance -> SprintNet, Autonet, Michigan Bell packet-switch network services ------> telnet, SLIP, PPP, outbound SprintNet, Autonet and Ann Arbor dialout fees ----------> $35/month + $40 signup ($10/month for K-12 & libraries in Michigan) email ---------> info at merit.edu voice ---------> 313-764-9430 ftp more info -> nic.merit.edu:/ << mindvox >> name ----------> MindVOX dialup --------> (212) 988-5030 'mindvox' 'guest' area codes ----> 212, 718 local access --> NY: New York City long distance -> provided by user services ------> conferencing system ftp, telnet, irc, gopher, hytelnet, Archives, BBS fees ----------> $15-$20/month. No startup. email ---------> info at phantom.com voice ---------> 212-988-5987 ftp more info -> n/a << MSen >> name ----------> MSen dialup --------> contact for number area codes ----> 313 local access --> All of SE Michigan (313) long distance -> provided by user services ------> shell, WAIS, gopher, telnet, ftp, SLIP, PPP, IRC, WWW, Picospan BBS, ftp space fees ----------> $20/month; $20 startup email ---------> info at msen.com voice ---------> 313-998-4562 fax -----------> 313-998-4563 ftp more info -> ftp.msen.com:/pub/vendor/msen << nearnet >> name ----------> NEARnet dialup --------> contact for numbers area codes ----> 508, 603, 617 local access --> Boston, MA; Nashua, NH long distance -> provided by user services ------> SLIP, email, feeds, dns fees ----------> $250/month email ---------> nearnet-join at nic.near.net voice ---------> 617-873-8730 ftp more info -> nic.near.net:/docs << netcom >> name ----------> Netcom Online Communication Services dialup --------> (206) 527-5992, (310) 842-8835, (408) 241-9760, (408) 459-9851, (415) 328-9940, (415) 985-5650, (503) 626-6833, (510) 426-6610, (510) 865-9004, (619) 234-0524, (916) 965-1371 area codes ----> 206, 213, 310, 408, 415, 503, 510, 619, 818, 916 local access --> CA: SF Bay Area (5 POPs), Sacramento, Santa Cruz, Los Angeles, San Diego; OR: Portland; WA: Seattle (May 1) long distance -> provided by user services ------> shell, ftp, telnet, irc, WAIS, gopher, SLIP/PPP, ftp space, feeds, dns fees ----------> $19.50/month + $15.00 signup email ---------> info at netcom.com voice ---------> 408-554-UNIX ftp more info -> n/a << nwnexus >> name ----------> Northwest Nexus Inc. dialup --------> contact for numbers area codes ----> 206 local access --> WA: Seattle long distance -> provided by user services ------> UUCP, SLIP, PPP, feeds, dns fees ----------> $10/month for first 10 hours + $3/hr; $20 start-up email ---------> info at nwnexus.wa.com voice ---------> 206-455-3505 ftp more info -> nwnexus.wa.com:/NWNEXUS.info.txt << OARnet >> name ----------> OARnet dialup --------> send e-mail to nic at oar.net area codes ----> 614, 513, 419, 216, 800 local access --> OH: Columbus, Cincinnati, Cleveland, Dayton long distance -> 800 service services ------> email, ftp, telnet, newsfeed fees ----------> $4.00/hr to $330.00/month; call for code or send email email ---------> nic at oar.net voice ---------> 614-292-8100 fax -----------> 614-292-7168 ftp more info -> n/a << oldcolo >> name ----------> Old Colorado City Communications dialup --------> 719-632-4111 'newuser' area codes ----> 719 local access --> CO: Colorado Springs long distance -> provided by user services ------> shell, ftp, telnet, AKCS, home of the NAPLPS conference fees ----------> $25/month email ---------> dave at oldcolo.com / thefox at oldcolo.com voice ---------> 719-632-4848, 719-593-7575 or 719-636-2040 fax -----------> 719-593-7521 ftp more info -> n/a << panix >> name ----------> PANIX Public Accss Unix dialup --------> (212) 787-3100 'newuser' area codes ----> 212, 718 local access --> New York City, NY long distance -> provided by user services ------> shell, ftp, telnet, gopher, wais, irc, feeds fees ----------> $19/month or $208/year + $40 signup email ---------> alexis at panix.com, jsb at panix.com voice ---------> 212-877-4854 [Alexis Rosen], 212-691-1526 [Jim Baumbach] ftp more info -> n/a << portal >> name ----------> The Portal System dialup --------> (408) 973-8091 high-speed, (408) 725-0561 2400bps; 'info' area codes ----> 408, 415, PDN local access --> CA: Cupertino, Mountain View, San Jose long distance -> SprintNet: $2.50/hour off-peak, $7-$10/hour peak; Tymnet: $2.50/hour off-peak, $13/hour peak services ------> shell, ftp, telnet, IRC, UUCP, feeds, bbs fees ----------> $19.95/month + $19.95 signup email ---------> cs at cup.portal.com, info at portal.com voice ---------> 408-973-9111 ftp more info -> n/a off-peak ------> 6pm to 7am + weekends and holidays << PREPnet >> name ----------> PREPnet dialup --------> contact for numbers area codes ----> 215, 412, 717, 814 local access --> PA: Philadelphia, Pittsburgh, Harrisburg long distance -> provided by user services ------> SLIP, terminal service, telnet, ftp fees ----------> $1,000/year membership. Equipment-$325 onetime fee plus $40/month email ---------> prepnet at cmu.edu voice ---------> 412-268-7870 fax -----------> 412-268-7875 ftp more info -> ftp.prepnet.com:/prepnet/general/ << psi-gds >> name ----------> PSI's Global Dialup Service (GDS) dialup --------> send email to numbers-info at psi.com area codes ----> PDN local access --> long distance -> included services ------> telnet, rlogin fees ----------> $39/month + $39 startup email ---------> all-info at psi.com, gds-info at psi.com voice ---------> 703-620-6651 fax -----------> 703-620-4586 ftp more info -> ftp.psi.com:/ << psilink >> name ----------> PSILink - Personal Internet Access dialup --------> send email to numbers-info at psi.com area codes ----> PDN local access --> long distance -> included services ------> email and newsfeed, ftp fees ----------> $29/month + $19 startup (PSILink software included) email ---------> all-info at psi.com, psilink-info at psi.com voice ---------> 703-620-6651 fax -----------> 703-620-4586 ftp more info -> ftp.psi.com:/ << rock-concert >> name ----------> Rock CONCERT Net dialup --------> contact for number area codes ----> 704, 919 local access --> NC: Asheville, Chapel Hill, Charlotte, Durham, Greensboro, Greenville, Raleigh, Winston-Salem, Research Triangle Park long distance -> provided by user services ------> shell, ftp, telnet, irc, gopher, wais, feeds, SLIP fees ----------> $30/month + $50 signup email ---------> info at concert.net voice ---------> 919-248-1999 ftp more info -> ftp.concert.net << sugar >> name ----------> NeoSoft's Sugar Land Unix dialup --------> 713-684-5900 area codes ----> 713 local access --> TX: Houston metro area long distance -> provided by user services ------> bbs, shell, ftp, telnet, irc, feeds, UUCP fees ----------> $29.95/month email ---------> info at NeoSoft.com voice ---------> 713-438-4964 ftp more info -> n/a << telerama >> name ----------> Telerama BBS dialup --------> (412) 481-5302 'new' area codes ----> 412 local access --> PA: Pittsburgh long distance -> provided by user services ------> shell, ftp, telnet, feeds, menu, bbs fees ----------> $6/month for 10 hours, 60 cents/hour thereafter. No startup. email ---------> info at telerama.pgh.pa.us voice ---------> 412-481-3505 ftp more info -> telerama.pgh.pa.us:/info/general.info << well >> name ----------> The Whole Earth 'Lectronic Link dialup --------> (415) 332-6106 'newuser' area codes ----> 415, PDN local access --> Sausalito, CA long distance -> Compuserve Packet Network: $4/hour services ------> shell, ftp, telnet, bbs fees ----------> $15.00/month + $2.00/hr email ---------> info at well.sf.ca.us voice ---------> 415-332-4335 ftp more info -> n/a << wariat >> name ----------> APK- Public Access UNI* Site dialup --------> 216-481-9436 (2400), 216-481-9425 (V.32bis, SuperPEP) area codes ----> 216 local access --> OH: Cleveland long distance -> provided by user services ------> shell, ftp, telnet, irc, gopher, feeds, BBS(Uniboard1.10) fees ----------> $35/monthly, $200/6months, $20 signup email ---------> zbig at wariat.org voice ---------> 216-481-9428 ftp more info -> n/a << world >> name ----------> The World dialup --------> (617) 739-9753 'new' area codes ----> 617, PDN local access --> Boston, MA long distance -> Compuserve Packet Network: $5.60/hour services ------> shell, ftp, telnet, irc fees ----------> $5.00/month + $2.00/hr or $20/month for 20 hours email ---------> office at world.std.com voice ---------> 617-739-0202 ftp more info -> world.std.com:/world-info/basic.info ------------------------------ From: PDIAL -7- Subject: How People Can Get The PDIAL (This List) USENET: The PDIAL list is posted semi-regularly to alt.internet.access.wanted, alt.bbs.lists, ba.internet, and news.answers. EMAIL: From the Information Deli archive server (most up-to-date): To receive the current edition of the PDIAL, send email with the subject "Send PDIAL" to "info-deli-server at netcom.com". To subscribe to a list which receives future editions as they are published, send email with the subject "Subscribe PDIAL" to "info-deli-server at netcom.com". To receive both the most recent and future editions, send both messages. From the news.answers FAQ archive: Send email with the message "send usenet/news.answers/pdial" to "mail-server at pit-manager.mit.edu". For help, send the message "help" to "mail-server at pit-manager.mit.edu". FTP ARCHIVE SITES (PDIAL and other useful information): Information Deli FTP site: ftp.netcom.com:/pub/info-deli/public-access/pdial [192.100.81.100] As part of a collection of public access lists: VFL.Paramax.COM:/pub/pubnet/pdial [128.126.220.104] (used to be GVL.Unisys.COM) From the Merit Network Information Center Internet information archive: nic.merit.edu:/internet/pdial [35.1.1.48] As part of an Internet access compilation file: liberty.uc.wlu.edu:/pub/lawlib/internet.access [137.113.10.35] As part of the news.answers FAQ archive: pit-manager.mit.edu:/pub/usenet/news.answers/pdial [18.172.1.27] ------------------------------ From: PDIAL -8- Subject: Appendix A: Finding Public Data Network (PDN) Access Numbers Here's how to get local access numbers or information for the various PDNs. Generally, you can contact the site you're calling for help, too. IMPORTANT NOTE: Unless noted otherwise, set your modem to 7E1 (7 data bits, even parity, 1 stop bit) when dialing to look up access numbers by modem as instructed below. BT Tymnet --------- For information and local access numbers, call 800-937-2862 (voice) or 215-666-1770 (voice). To look up access numbers by modem, dial a local access number, hit and 'a', and enter "information" at the "please log in:" prompt. Compuserve Packet Network ------------------------- You do NOT have to be a Compuserve member to use the CPN to dial other services. For information and local access numbers, call 800-848-8199 (voice). To look up access numbers by modem, dial a local access number, hit and enter "PHONES" at the "Host Name:" prompt. PC Pursuit (SprintNet) ---------------------- PC Pursuit may be used to call a modem in any of 44 major metro areas in the US from local access numbers around the country. As such, it can be used to access most of the providers listed in the PDIAL (those with no other PDN access or even those which are accessible by other PDNs). For information and registration, call 800-736-1130 (voice) or 800-877-2006 (data). More information is also available on the PC Pursuit support BBS (see below). To look up access numbers by modem, dial 800-546-1000, hit at 1200 baud or '@' at 2400 baud. Enter "MAIL" at the "@" prompt, then "PHONES" at the "USER NAME:" prompt, and "PHONES" at the "PASSWORD:" prompt. The PC Pursuit support BBS provides a great deal of information about PC Pursuit, including rates, terms and conditions, outdial numbers, etc. To access the PC Pursuit support BBS, dial a local access number and hit at 1200 baud or '@' at 2400 baud. Change modem parameters to 8N1, and enter "C PURSUIT" at the "@" prompt. PSINet ------ For information, call 800-82PSI82 (voice) or 703-620-6651 (voice), or send email to "all-info at psi.com". For a list of local access numbers send email to "numbers-info at psi.com". ------------------------------ From: PDIAL -9- Subject: Copyright and Distribution Of The PDIAL; Other Notices This Document Copyright 1992-1993 Peter Kaminski. This document may be distributed in its entirety by any means, and a fee may be charged for its distribution, but it may not be sold without prior permission. I make no representations about the suitability or accuracy of this document for any purpose. It is provided "as is" without express or implied warranty. UPDATES AND CORRECTIONS: Send new or updated entries in the format used here to "kaminski at netcom.com". Also include an email address to which I can send requests for more information. -- Peter Kaminski | Internet: kaminski at netcom.com (preferred) The Information Deli | CIS: 71053,2155 "connecting people" | ------------------------------ End of PDIAL ************ ----- End Included Message ----- From clark at metal.psu.edu Tue May 4 18:25:04 1993 From: clark at metal.psu.edu (Clark Reynard) Date: Tue, 4 May 93 18:25:04 PDT Subject: No CFV for soc.whistleblowers Message-ID: <9305050208.AA02069@metal.psu.edu> Based on the responses of a few cypherpunk members, I have decided not to post a second RFD for soc.whistleblowers unless I receive a significant amount of email requesting that I do so. Nor will I post a CFV. I will simply let the matter be pigeonholed indefinitely. While I find the imputation that I ought to be executed as an Enemy of the People both offensive and absurd, it seems that I could be acting retrogressively, though no sane reason why I am doing so has been presented to me. In either case, I will allow others to continue their efforts, and would be pleased to help in whatever manner I can, but do not wish to foment further splintering of what is already a divided group. I thank you for your support, and request that anyone with any further comment on the matter mail it to me in personal mail, unless it is of interest to the group at large. If interest warrants, or opinion seems different than what I understand it to be, I reserve the right to change my mind. ---- Robert W. Clark Just Say No! to the rclark at nyx.cs.du.edu Big Brother Chip From x62727g2 at usma8.USMA.EDU Tue May 4 19:07:30 1993 From: x62727g2 at usma8.USMA.EDU (Gatlin Anthony CDT) Date: Tue, 4 May 93 19:07:30 PDT Subject: ZENGER Magazine Message-ID: <9305050201.AA22134@usma8.usma.edu> What is ZENGERE magazine and where can I get info on it? Does anyone have back issues of Phrack and how can I get them? "The NSA's version of strong crypto is crypto that they have the key for." Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From ejo at world.std.com Tue May 4 19:46:05 1993 From: ejo at world.std.com (Edward J OConnell) Date: Tue, 4 May 93 19:46:05 PDT Subject: Selling Pointers to Privacy Message-ID: WARNING: The following post, I realize, assumes that we all agree that we should all have the right to buy and sell and take any chemicals we damn well please. In Extropians, you don't have to mention this. In the world at large, this elicits wide eyed stares, and sputtering noises of disbelief. ( I recall someone being willing to give up some privacy for 'less crack in the schools.' Sorry. Not a good enough reason to give up one whit of privacy.) SELLING 'OFF THE SHELF' PRIVACY TO THOSE THAT WOULD PAY FOR IT... (Providing Pointers, that is...) I've been thinking about this PGP thing. Playing with it has been a lot of fun, (The ultimate secret decoder ring!) and has made me wonder, who *needs* this kind of security that doesn't have it already? Who would pay for it? Who wouldn't care too much about the legalities? Mid to large scale drug dealers, that's who! I began to think of things I could do with off the shelf hardware and software. Ease of use is important--I don't think many drug dealers are going to want to mess around with command line interfaces--So I started playing with the idea of a voicemail/answering machine type thing, using macs with built in microphones, modems, telecom software, etc. Maybe use hypercard to create a single application with a phone book, so that they would just double click on someone's name, and talk into the microphone. Hit a button to end the message, and then hit, SEND. The hypercard stack compresses and encrypts using PGP the voice file, which is decompressed and encrypted automatically at the other end, maybe producing a blinking button with that persons name on it, and the time of the call. The interface design would be fun, actually. Asynchronous, but perhaps useful enough? (With a 1.44 modem and the 6/1 compression rate of my shareware voice recorder, it would take about 2 minutes to modem a minutes worth of message--not too bad, really.) I think it might be interesting to typeset a booklet describing how to do this, and try to sell it in the back of magazines--maybe Rolling Stones and High Times. The booklet might just be pointers to the hardware and software needed, and the few skills the client would have to acquire. You could sell the "ease of use" hypercard stack through the booklet, too. You could wait and see if the thing takes off before actually making the stack. I've also thought, that you could sell phone support to people who are trying to get this type of thing going. I'm less enthusiastic about this; it seems like this would be a good way to get busted. Of course, the legality of this hinges on the legality of PGP. I've read some stuff about the copyright infringment aspect, and have seen on Extropians, a legal action threatened against someone who was advertising PGP in a big way. Any thoughts? I'm halfway serious about this. Perhaps it could exist in the same sort of quasilegal half-life as bongs, psyloycybin spore logs, and automatic weapon conversion kits--sure, it's illegal to use this stuff I'm selling, but I'm not selling illegality...I'm just selling the stuff! First Draft of Ad: PHONE WITHOUT FEAR Did you know that personal computers can be used to communicate with others with absolute privacy? That free public domain software exists that cannot be cracked? Not even by the CIA? For plans for a user friendly, voice-mail encryption system send 10.00 money order to: Jay. Maybe. If I don't chicken out. ;-) __________________________________ Albert Einstein--"God does not play dice with the universe." Me--"No, he plays Super-Scratch-Card-Wingo (TM) From i6t4 at jupiter.sun.csd.unb.ca Tue May 4 19:56:54 1993 From: i6t4 at jupiter.sun.csd.unb.ca (Nickey MacDonald) Date: Tue, 4 May 93 19:56:54 PDT Subject: ADMIN: allowable use Message-ID: I just putting this out to test the "temperature" of the cypherpunks "waters"... I am considering posting a questionaire that I would like each cypherpunk to answer... Its not written yet, thought I do have a good idea of what I want to ask, and I suspect it would be a little lengthy (I can think of a good 10 questions, each requiring a paragraph or two to answer). My goal of the questionaire would be to see what type of people use cryptography... (Quite a simple goal... but not easily met...) I will of course make the results available to the group, and optionally the raw data (the person filling it out would have the option of not having any "written" (more than a yes or no) answer "published"). Would the majority consider this good use of cypherpunks bandwidth, or are you all too secretive? --- Nick MacDonald | NMD on IRC i6t4 at jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From honey at citi.umich.edu Tue May 4 20:20:11 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 4 May 93 20:20:11 PDT Subject: ADMIN: allowable use In-Reply-To: Message-ID: <9305050320.AA10667@toad.com> count me out. peter From uni at acs.bu.edu Tue May 4 20:23:08 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Tue, 4 May 93 20:23:08 PDT Subject: Privacy and Prices of Privacy Message-ID: <9305050323.AA108323@acs.bu.edu> ejo at world.std.com spoke thus: WARNING: The following post, I realize, assumes that we all agree that we should all have the right to buy and sell and take any chemicals we damn well please. In Extropians, you don't have to mention this. In the world at large, this elicits wide eyed stares, and sputtering noises of disbelief. ( I recall someone being willing to give up some privacy for 'less crack in the schools.' Sorry. Not a good enough reason to give up one whit of privacy.) End Quote. That was me. Specifically I said: I have a feeling that there are like minded people out there, people who can tolerate some violations of absolute privacy in exchange for feeling that every plane you ride on is not at risk because of some psycho, and that less coke is going to find its way to schools. But who cannot tolerate AUTHORATARIAN regimes, and practices to make these assurances. End Quote Sure, if YOU want to grow coco plants and harvest and process them for your own use, I don't have a problem with that. That's your business. If you want to process it into base, crack in effect, go ahead. I don't really have a problem with that either. Frankly I don't have a problem with the legalization of cocaine, I'm indifferent. I wouldn't use any, but I'm not going to stop anyone else from it. I am not quite libertarian enough however to support the sale of refined coke out there. I think this is a pragmatic point, based on what is practical as far as soceity goes. I WILL say that I can't support authoratarian moves to prevent it. Makeing exceptions for wiretap laws on drugdealers is bullshit. Follow the constitution at all times IMHO, no exceptions. If you can't catch em without invading privacy then they aren't enough of a public problem to worry about. To me this does NOT include drug sniffing dogs at the airport. I really am not much offended by THIS practice. Border control has been a standby for soverignty for as long as borders have been drawn. Fine. We're getting a touch out of the scope of the list however so I will finish by saying that it is entirely impossible to grant ABSOLUTE privacy, and I'm not asking for it. I just don't want to be numbered, tracked, watched, listened to when I am minding my own business in my house. uni From chaos at aql.gatech.edu Tue May 4 20:23:57 1993 From: chaos at aql.gatech.edu (Paul Goggin) Date: Tue, 4 May 93 20:23:57 PDT Subject: Phrack Back Issues Message-ID: <9305050323.AA10799@toad.com> Anthony Gatlin asks, > What is ZENGERE magazine and where can I get info on it? Never heard of it and I to would like to know. > Does anyone have back issues of Phrack and how can I get them? ftp ftp.eff.org cd pub/cud/phrack binary mget * -- R O All Comments Copyright by | Technofetisht A N Paul S. Goggin (1993) | Cypher, Cyber, Chaos V Information Broker | Ergoflux, Interzone E chaos at aql.gatech.edu | Carpe Diem: Stop the Clipper wiretap chip Finger account for latest _Phrack_ | Public Key: PGP and RIPEM available ------------------------------------------------------------------------------ Title 18 USC 2511 and 18 USC 2703 Protected -- Monitoring Absolutely Forbidden From rcooke at conicit.ve Tue May 4 20:56:46 1993 From: rcooke at conicit.ve (Robert E. Cooke) Date: Tue, 4 May 93 20:56:46 PDT Subject: Unsubscribe. Message-ID: <9305050352.AA28065@dino.conicit.ve> Please remove me from your list. I have limited mail space aside from other restrictions on Internet usage. Every day I call I find myself notified and fined for excess mail in my box. Robert Cooke. From hughes at soda.berkeley.edu Tue May 4 21:13:04 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Tue, 4 May 93 21:13:04 PDT Subject: ADMIN: allowable use In-Reply-To: Message-ID: <9305050409.AA05703@soda.berkeley.edu> Re: a potential questionaire Feel free to post your questionaire, but don't be surprised if you get a hundred anonymous responses, skewing the results. Eric From shipley at merde.dis.org Tue May 4 22:27:00 1993 From: shipley at merde.dis.org (Peter shipley) Date: Tue, 4 May 93 22:27:00 PDT Subject: 'zines Message-ID: <9305050520.AA08247@merde.dis.org> A non-text attachment was scrubbed... Name: not available Type: text/x-pgp Size: 432 bytes Desc: not available URL: From nobody at soda.berkeley.edu Tue May 4 22:35:48 1993 From: nobody at soda.berkeley.edu (nobody at soda.berkeley.edu) Date: Tue, 4 May 93 22:35:48 PDT Subject: No Subject Message-ID: <9305050532.AA13376@soda.berkeley.edu> All: ZENGER has been around for a long time. It is connected to a long tradition and network. It will be part of the future. And it realizes the importance of crypto-systems in any _real_ underground movement. When ZENGER has decided to come above ground for their latest publication, the cypherpunks will be informed of distribution channels. Until then, keep up the fight! More to come.... From a2 at well.sf.ca.us Tue May 4 22:49:48 1993 From: a2 at well.sf.ca.us (Arthur Abraham) Date: Tue, 4 May 93 22:49:48 PDT Subject: MYK-78 Message-ID: <199305050549.AA29765@well.sf.ca.us> 4-May-93 Eric Hughes writes: >It is possiqK another set of LEEF's; that's not clear to >me, but Arthur thinks you can. Sometimes I have a bit of trouble following Eric's written syntax. This passage would make more sense if "can" was replaced by "must") >If, however, one can just change the >CV at will, one could send the LEEF's in the clear and then >immediately change the CV (session key). Now the LEEF has been sent >but the conversation makes no sense. My money is that this is >interlocked with IV generation, though. To quote myself: >[CV,checkword,L1,L2,IV] is a self-checkin+nit which means that these data items must be loaded in this order (MSB first) and must all have been properly constructed via the Skipjack algorithm, else the MYK-78 will yank on its ERROR line. To build a proper protocol, CV (= session key) and checkword would be encrypted, and to be a proper citizen, L1,L2,IV would be transmitted in the clear. The funny thing is, that after loading the "self-checking unit", and checking it, MYK-78 will still accept a different CV. I specifically had this verified. It will encrypt funny, since the CV won't properly match the rest of the loading, but it shouldn't be too hard to use this encryption mode. There are actually several ways to abuse this chip -- another obvious one is tonever power it off, and run with the first LEEF you ever get -- it just seems to cry out in masochism. A real consumer crypto chip wouldn't be this flexible. I hope to be able to say something about the true protocol for law-abiding American citizens in the near future. -a2. ps: though I will continue to post to Cypherpunks, if you wish me to read something, please send it to me directly. -a2. From i6t4 at jupiter.sun.csd.unb.ca Tue May 4 23:20:37 1993 From: i6t4 at jupiter.sun.csd.unb.ca (Nickey MacDonald) Date: Tue, 4 May 93 23:20:37 PDT Subject: ADMIN: Handling of "tags" Message-ID: Just a suggestion about the implimentation of the "redistributer" program that runs this list. I noticed a goodly number of people are using "tags" like the "ADMIN:" tag in my subject... I think this is good. I'd love to see it go one step further, and have every cypherpunks message have a "CPUNK:" prepended to the subject, so that I can read this more important mail first. Also, I notice that a lot of people reply to messages without editing the subject, and the subject gets "mangled" to "Re: ADMIN: ..." instead of "ADMIN: Re: ..." Would it be possible to have the redistribution software changed to do the first and correct the second? Are these changes worth it to anyone besides myself? --- Nick MacDonald | NMD on IRC i6t4 at jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From SYPHRIT at vms.cis.pitt.edu Wed May 5 00:08:00 1993 From: SYPHRIT at vms.cis.pitt.edu (SYPHRIT at vms.cis.pitt.edu) Date: Wed, 5 May 93 00:08:00 PDT Subject: No Subject Message-ID: <01GXST382MI8AZU01N@vms.cis.pitt.edu> Please add me to your e-mail subscription list. Thanks! John A. Syphrit Syphrit at vms.cis.pitt.edu From chaos at aql.gatech.edu Wed May 5 00:47:21 1993 From: chaos at aql.gatech.edu (Paul Goggin) Date: Wed, 5 May 93 00:47:21 PDT Subject: Black Ice Message-ID: <9305050747.AA20605@toad.com> I have the January 1993 issue and purchased it, believe it or not at Tower Records in March. I have not seen issue #2 yet. I enjoyed it, it has a different flare than Mondo or Wired,although there is definate similarity. For further info, Subscription Department Black Ice PO Box 1069 Brighton BN2 4YT The issues are 3.95 Pounds, with 1 year subscriptions 15 Pounds. Good Luck. > while we are on the subject, has anyone heard or seen "Black Ice" > if so, where can one get a copy? > -Pete -- R O All Comments Copyright by | Technofetisht A N Paul S. Goggin (1993) | Cypher, Cyber, Chaos V Information Broker | Ergoflux, Interzone E chaos at aql.gatech.edu | Carpe Diem: Stop the Clipper wiretap chip Finger account for latest _Phrack_ | Public Key: PGP and RIPEM available ------------------------------------------------------------------------------ Title 18 USC 2511 and 18 USC 2703 Protected -- Monitoring Absolutely Forbidden From mdiehl at hydra.unm.edu Wed May 5 01:26:49 1993 From: mdiehl at hydra.unm.edu (J. Michael Diehl) Date: Wed, 5 May 93 01:26:49 PDT Subject: pgp temp files. Message-ID: <9305050826.AA20910@hydra.unm.edu> After using pgp to read an encrypted message, I ran chkdsk on my hard drive. I was astonished to find that chkdsk found an error on my hard drive, but I was even more astonished to find that when I recovered the error to a file, it contained most of a message I had just read using pgp. Apearantly, this was what was left of a temp file that pgp used. IMHO, pgp should have wiped this file. Maybe I should try to use a ramdisk as my temp-file path. Just thought ya'll should know that pgp may not be as secure as we hope. In my effort to write a menu system for pgp-encrypted email, I use pgp very often, and in very unusuall ways. Consequently, I have found a (very) few weaknesses in the program. Is anyone currently supporting pgp, or am I on my own? If anyone is supporting pgp, I'd like to talk to you. ;^) Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl at triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl at fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +------How do I send email between fidonet and internet?--------+ From gg at well.sf.ca.us Wed May 5 02:28:58 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Wed, 5 May 93 02:28:58 PDT Subject: checks Message-ID: <199305050928.AA08518@well.sf.ca.us> Re: Much as I respect you Eric, I direct your attention to the myriad of "checks" being sent out by AT&T and MCI, to name a few offenders. These bear the legend: "endorsement of this check constitutes your acceptance of as your long distance carrier." When those go out in English to non-English speakers and get cashed, there is a good case to be made for consumer fraud. Anyone want to follow up on that...? -gg From x62727g2 at usma8.USMA.EDU Wed May 5 02:54:50 1993 From: x62727g2 at usma8.USMA.EDU (Gatlin Anthony CDT) Date: Wed, 5 May 93 02:54:50 PDT Subject: EEPROM Programmers for the PC Message-ID: <9305050952.AA01201@usma8.usma.edu> Possessors of all Knowledge Great and Small, I humbly beseech thy expertise on a manner in which I have none. I have been told that one can by an EEPROM programmer which fits on a card in the PC or a similar version which merley connects to the PC. I would like to know a) if this is so? b) how much they cost? c) where to find them? d) what their memory capacities are? e) do EEPROMS run as fast as regular PROMS? f) an other pertinent data. Thank you very much! Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From wcs at anchor.ho.att.com Wed May 5 07:26:47 1993 From: wcs at anchor.ho.att.com (Bill_StewartHOY0021305) Date: Wed, 5 May 93 07:26:47 PDT Subject: 'zines Message-ID: <9305051424.AA06793@anchor.ho.att.com> > >What is ZENGER magazine and where can I get info on it? If memory serves me correctly, ZENGER is Ben Masel's paper; it's mainly oriented towards hemp activists (and users), but also covers other civil-liberties issues. Peter Zenger was a publisher in New York during colonial times. He was arrested for publishing Bad Things about the King, which was illegal. His trial was helped reinforce important legal precedents for preserving our freedoms - the facts weren't particularly in dispute (he had published the pamphlets, and they did say things the King didn't like), but the jury found him innocent because they thought the law was bad, and juries under the common law have always had the right to judge the law as well as the facts, no matter what the judge says. For more information about this, write to The Fully Informed Jury Association (FIJA), Box 59, Helmville, Montana 59843; this may be an old address, since Larry Dodge has moved to Texas, but there may be mail forwarding. Bill Stewart From mnemonic at eff.org Wed May 5 07:51:45 1993 From: mnemonic at eff.org (Mike Godwin) Date: Wed, 5 May 93 07:51:45 PDT Subject: 'zines In-Reply-To: <9305051424.AA06793@anchor.ho.att.com> Message-ID: <199305051451.AA07360@eff.org> Bill Stewart writes: > Peter Zenger was a publisher in New York during colonial times. > He was arrested for publishing Bad Things about the King, which was illegal. > His trial was helped reinforce important legal precedents for > preserving our freedoms - the facts weren't particularly in dispute > (he had published the pamphlets, and they did say things the King didn't like), > but the jury found him innocent because they thought the law was bad, > and juries under the common law have always had the right to > judge the law as well as the facts, no matter what the judge says. John Peter Zenger, actually. And it was comments about the colonial governor, not about the king. The Zenger case is commonly taken to be a precedent both for press freedom and for jury nullification. --Mike From pmetzger at lehman.com Wed May 5 08:59:31 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 5 May 93 08:59:31 PDT Subject: 'zines In-Reply-To: <9305051424.AA06793@anchor.ho.att.com> Message-ID: <9305051559.AA05868@snark.shearson.com> Bill_Stewart(HOY002)1305 says: > Peter Zenger was a publisher in New York during colonial times. > He was arrested for publishing Bad Things about the King, which was illegal. Bill is normally excruciatingly accurate, but in this case he is slightly off -- he was charged with slandering the Royal Governor in his newspaper. His defense was that his statements were true -- which was not a defense under the law in question. The jury decided it was sufficient, however. The rest of what Bill said was substantially accurate. Perry From whitaker at eternity.demon.co.uk Wed May 5 09:35:39 1993 From: whitaker at eternity.demon.co.uk (Russell E. Whitaker) Date: Wed, 5 May 93 09:35:39 PDT Subject: MEETING (Reminder): UK Cryptoprivacy Association Message-ID: <5212@eternity.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- REMINDER: Meeting of the UK Cryptoprivacy Association - ----------------------------------------------------- When: Saturday, 8 May 1993, 1500 To be held at the offices of: FOREST 4th floor 2 Grosvenor Gardens London SW1W 0DH This is located at the corner of Hobart Place, a couple of blocks west of Victoria Station, and almost directly across from the dark green cabbie shelter. If you have trouble finding the place, please call the office on 071-823-6550. Or, call me (Russell Whitaker) on my pager, 081-812-2661, and leave an informative message with the telephone number where you can be reached; I will return the call almost immediately. Discussion will range from the usual general topics, such as the use of secure public key cryptosystems to protect message data, to specific topics, such as recent moves by the U.S. government to restrict choice in data privacy (reference recent discussion on Usenet groups, e.g. sci.crypt and alt.security.pgp). All are invited. Particularly welcome are members of the newly-formed UK CommUnity group ... the local EFF-in-spirit-if-not-in-name folks. Those who plan to attend should email me and let me know. Please. All attendees are requested to bring diskettes - preferably MS-DOS - with their PGP 2.+ public keys. As is usual at these gatherings, several of us will bring our laptops, and will sign public keys, subject to the usual caveats (reference the documentation for PGP 2.2, specifically files PGPDOC1.DOC and PGPDOC2.DOC). If you do not already have a copy of PGP 2.2 (MS-DOS), and would like to have a copy of this public domain program, please bring a formatted, medium or high density 3.5 inch floppy PC diskette; you will be provided a copy of the program. Of course, you might prefer to ftp a version of the program from one of the various archive sites. I suggest trying Demon Internet Systems, which carries the full range of PGP (Phil Zimmerman's "Pretty Good Privacy") implementations: directory /pub/pgp at gate.demon.co.uk. Meetings are of indeterminate time. Those who are interested are invited to join the rest of us at a pseudorandomly determined pub afterwards. Please note: - ------------ In the past few months, interested people have emailed me, requesting FAQs and special information mailings. I regret that, except in very unusual cases (e.g. working press), I cannot, in a timely manner, respond to these requests. I will, however - and for the first time - do a writeup of this meeting, which I will post in various places. What I *am* willing to supply is general information on our activities for the maintainers of existing FAQs, such as that for alt.privacy. FAQ maintainers can contact me at whitaker at eternity.demon.co.uk Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) ================ PGP 2.2 public key available ======================= -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+egtoTj7/vxxWtPAQFSFgQAjTPwfm8I5gaP85Yqm1Dh6IRIb6au2sBI THGLGpPGgEao3MAESN0Cmh3nH6IHdSRthR/Uro8CQcpyD4IgGw912wO2CEYy1K/l v0+n4y+2+YFV/X2LDNntP27G3+zP9N6wMJQs2JHNjExfTHaUKFg9Zb90wTvuU4Ce RIbjnZNNriU= =uFhH -----END PGP SIGNATURE----- -----END PGP SIGNATURE----- From vanam at topper.ksu.ksu.edu Wed May 5 09:42:10 1993 From: vanam at topper.ksu.ksu.edu (Stephen LeeSecond son of Caine) Date: Wed, 5 May 93 09:42:10 PDT Subject: Unsubscribe Message-ID: <9305051642.AA02254@topper.ksu.ksu.edu> Please remove me from the list.... Stephen From fergp at sytex.com Wed May 5 10:34:21 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 5 May 93 10:34:21 PDT Subject: Big Brother, Rights to Privacy and Broadening Horizons? Message-ID: <08133B1w165w@sytex.com> Greets, all. After taking a few days off for the pomp and circumstance of my second wedding (no, I'm not a polygamist -- I was divorced first)(genuine thanks to all who sent your congratulations and best wishes), I finally waded through all of the e-mail that had piled up in my "in-box" -- some 800 kb worth, no less. Anyway, to the point -- This morning I was watching CBS's early, early morning news "Up to the Minute" over a cup of Joe before heading to the airport. An interesting spot came on that interested me very much, because of the correlation to several law enforcement agencies' "loose cannon" style of persecution which many of us have witnessed. This particular report spotlighted the DEA's heavy-handed and questionable practice of targeting legitimate gardening store consumers under suspicion of growing marijuana. It just so happens that the DEA had been watching several gardening supply stores which sold hydroponic gardening equipment in some particular area of California. (For those of you who are not familiar with Hydroponics, it is a gardening method which uses water instead of soil. The plants usually grow twice as fast when grown hydroponically and has become a popular method of indoor gardening with marijuana enthusiasts.) In fact, the DEA had gone as far as to place monitoring cameras in place to record the identity of every customer or prospective consumer that went in and out of these legitimate businesses, solely because of their suspicions that some of the customers may be (gasp) growing marijuana. Additionally, a particular instance was cited where a gentleman went into one of these gardening supply stores and bought a couple of lamps for his aquarium. (This young, family-man had some coral in his aquarium at home that he wanted to illuminate.) Later that evening, agents from the DEA burst into his home while he and his family were having dinner, saying that he was under suspicion of growing marijuana and that "reliable witnesses" had tipped them off. After thoroughly searching his home, they apologized and left. Now -- you may ask yourself, "What in the hell does this have to do with me? Or computers?" ("This is not my beautiful wife ....") Well, this may be the same scenario, with the same LEA, but with a different premise. Cryptography. If the Clipper/Capstone implementation has a hidden agenda (I believe it does), then tough restrictions on other "non-sanctioned" crypto methods may not be far behind. Personally, I don't have much of a problem imagining this, given the recent escapades of the SPA (Rusty & Edie's), the Secret Service (SJG) and all of our other beloved governmental law enforcement appartchiks. In fact, I find it down-right disturbing that in many instances, this is done without a warrant. George Orwell is probably rolling over in his grave... -----BEGIN ??? PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiuk0/8AAAEEALqlLc+x9lmgiJCRSpu/aPhQdi0hMjwiGlN2B/GJQqgZPhTb pR+u5/blGogqT+WwcXZ2XfEdIV19FrJY4BXGGn4+4TjdVN3XuuCHuueoygBAmOQD IloU6SJuDqJa0kFA5X/i/1ELn86I5+8A4Hx88FiYJIVUBR6SApRLcZSdHMBNAAUR tB9QYXVsIEZlcmd1c29uIDxmZXJncEBzeXRleC5jb20+iQCVAgUQK9g8HY4wrq++ 1Ls5AQHwVAP/dCsOV1dXBrQMj0wavZymzDdECXlv8auDNcSpxAUFgLdwXm5OuE4Q nOPHryN0UMq5RN2rvC2QJdxIW7gPeXN1RK2so9aGXJtSiip3QS0bN2JCH1sPcYIX NmRQ3Z7J/zqppG7IYlcafUpj0V+GsL6lqLzB8JtBGQER9DAYapvQRR0= =FcQR -----END ??? PUBLIC KEY BLOCK----- Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From strick at osc.versant.com Wed May 5 10:40:16 1993 From: strick at osc.versant.com (henry strickland) Date: Wed, 5 May 93 10:40:16 PDT Subject: [CPunk] ADMIN: Handling of "tags" In-Reply-To: Message-ID: <9305051747.AA05432@versant.com> # ... and have every cypherpunks message have a "CPUNK:" prepended # to the subject, ... I do this on two digests that I edit, and I have one realtime reflector that automatically inserts a tag into the Subject: line. The problem is when something gets nandoed into more than one mailing list, the tags take up the whole subject line. But it seems worth the bother. strick From prz at sage.cgd.ucar.EDU Wed May 5 10:53:05 1993 From: prz at sage.cgd.ucar.EDU (Philip Zimmermann) Date: Wed, 5 May 93 10:53:05 PDT Subject: A proposal to use RSAREF in PGP (fwd) Message-ID: <9305051752.AA16242@sage.cgd.ucar.EDU> Forwarded message: From prz Wed May 5 10:42:11 1993 From: prz (Philip Zimmermann) Date: Wed, 5 May 93 11:42:11 MDT Subject: A proposal to use RSAREF in PGP Message-ID: <9305051742.AA15809@sage.cgd.ucar.EDU> To: Jim Bidzos RSA Data Security, Inc. 5 May 93 Dear Jim: I am writing to you to get your approval to install RSAREF into PGP in order to make PGP legal and hopefully end the conflicts regarding patent infringement. You said publicly a number of times that PGP may become legal in the US if it incorporated RSAREF. I assume from these remarks that you would prefer that to happen. So let's do it. PGP now has, in testbed form, RSAREF integrated into it. With your approval, the next release could be an RSAREF version. I say your approval, because it is necessary to use the two static entry points RSAPublicBlock and RSAPrivateBlock in rsa.c in RSAREF to allow backward compatibility with older versions of PGP. Unfortunately, the old versions of PGP have an error that makes the contents of a DEK and MD packet inside of an RSA multiprecision integer not comply with PKCS standards of padding. New versions of PGP will correct this problem, but backward compatibility is needed, so the RSAPublicBlock and RSAPrivateBlock entry points must be called to parse the old packets. The global entry points RSAPublicEncrypt and RSAPrivateEncrypt will also be used to generate the new PKCS-formatted packets. As I understand it, the standard RSAREF license requires your approval to use these entry points. I discussed these ideas with Ron Rivest and Burt Kaliski, and both seemed to not raise any objections. I hope you will agree. At some time in the future, when all the old certifying signatures are eventually replaced with new ones, these static entry points will not have to be called, allowing the the regular entry points in rsa.h to be called in their place. We will be encouraging people to get their certifying signatures renewed on their keys with the new version of PGP. PGP users outside the US will be using a version of PGP without RSAREF, but it will be compatible in every way with the RSAREF version. The PGP developers will also be contributing some speedups to RSAREF in future releases. This will help all of your installed base of RSAREF applications. I am also modifying the PGP User's Guide to remove the remarks in the legal issues section that I suspect you regard as inflammatory. I hope this will pave the way for us to close ranks and work together on fighting the Clipper chip initiative. If there are other measures you'd like me to take to improve relations between us, let me know. I hope our common political objectives will outweigh your personal feelings, so the community of PGP users may work better with you to face these pressing policy issues. The new release can be ready in a few days, if you approve. Regards, Philip Zimmermann From fergp at sytex.com Wed May 5 11:52:23 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 5 May 93 11:52:23 PDT Subject: Hearing statement of Ray Kammer Message-ID: <3V933B1w165w@sytex.com> This file was obtained from the National Institute of Standards and Technology. - 8<------- Cut Here ------------ STATEMENT OF RAYMOND G. KAMMER ACTING DIRECTOR, NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY BEFORE THE SUBCOMMITTEE ON TELECOMMUNICATIONS AND FINANCE COMMITTEE ON ENERGY AND COMMERCE APRIL 29, 1993 Mr. Chairman and Members of the Subcommittee: Good morning. Thank you for inviting me to testify. I am Raymond G. Kammer, Acting Director of the National Institute of Standards and Technology of the U.S. Department of Commerce. Under the Computer Security Act of 1987, NIST is responsible for the development of standards for protecting unclassified government computer systems, except those commonly known as Warner Amendment systems (as defined in Title 10 USC 2315). NIST has a long-established program of developing computer security guidelines and standards for federal agencies. Many of these are also used, on a voluntary basis, by the private sector. We have published guidance on computer security training and awareness, identification and authentication, open systems security, incident response, cryptographic standards, trusted systems, and many other facets of computer security. Today, however, I plan to address the following topics which I believe are most directly germane to your invitation: * The need for good information security technology to protect computer and telecommunications systems and networks; * NIST's activities in telecommunications switch security; * the planned recertification of the Data Encryption Standard; * NIST's proposed Digital Signature Standard; * the recent White House announcement of a new encryption technology, called the Clipper Chip; and * the President's directive to review advanced telecommunications and encryption technology. Need for Computer Security Strong security technology is required in modern communications systems and networks to protect sensitive and valuable information. Government agencies and private corporations depend upon the integrity and availability of their communications system in order to do business. Computer viruses, network worms, hackers, and other threats against our systems emphasize the importance of telecommunications security. Additionally, I have grown convinced, through strong anecdotal evidence, most of it shared on a proprietary basis, of the growing threat to American business from "economic espionage." Much has been reported in the press of the activities of foreign intelligence services targeting American firms, and sharing their findings with competing foreign firms. I am convinced that American firms need strong security, and in particular, strong cryptography, to protect against such threats. More importantly, the Administration is committed to working with the private sector to spur the development of a National Information Infrastructure which will use new telecommunications and computer technologies to give Americans unprecedented access to information. This infrastructure of high-speed networks ("information superhighways") will transmit video, images, HDTV programming, and huge data files as easily as today's telephone system transmits voice. Appropriate security techniques may at times be integrated into such systems. Telecommunications Security Federal telephone and computer networks depend upon reliable and secure telecommunications capabilities, both of long-distance carriers and local private-branch exchanges (PBXs). To examine security issues of telecommunications networks, including issues of PBX security and telecommunications switch security, NIST is currently setting up a Telecommunications Security Analysis Center. This Center will expand on initial research we have conducted on the vulnerability of telecommunications switches. Telecommunications switches are an integral part of the security of the public switched network. Security problems in switches can result in serious problems such as toll fraud, unauthorized and illegal eavesdropping, or the disabling of switches, which would result in bringing down part of the public switched network. NIST has been monitoring the growth of switch-related abuse and has been analyzing switches to be able to address the types of crimes that could be perpetrated in the future. This work includes studying the growing ease of perpetrating these crimes. There are several areas of concern: * Toll fraud. Current research indicates that the problem is well over $1 billion per year. While not all toll-fraud is accomplished technically, telecommunications switches are vulnerable to hackers who can gain unauthorized access to the use of long-distance services. This is a particular vulnerability to the owners of PBXs, who can lose considerable sums if their systems are inadequately protected. Good system configuration control is one good security measure we are examining. * Network Availability. There have been no cases of intruders purposefully bringing down parts of the public switched network. The President's National Security Telecommunications Advisory Committee (NSTAC) concluded that "Until there is confidence that strong comprehensive computer security programs are in place, the industry should assume that a motivated and resourceful adversary in one concerted manipulation of the network software could degrade at least portions of the PSN." * Unauthorized Eavesdropping. If unauthorized access is gained to telecommunications switches, which is really just a computer that switches phone calls, a hacker can gain access to the contents of phone conversations and other information transmitted through a switch. This unauthorized eavesdropping can be either "real-time," as the conversations occur, or the intruders can arrange to have the conversations and data electronically transmitted to another telecommunications switch or computer for later analysis. The purpose of the Telecommunications Security Analysis Center will be to: * Develop tools and techniques to analyze very complex systems such as switches; * Provide informal security guidance and advice to federal agencies on procurement of telecommunications switches; * Perform security analyses of commercial switches in both laboratory and real world environments; and * Develop standards and guidance for use in securing switches and in building more secure switches, while providing for the legitimate needs of law enforcement, under proper court order, to protect the American public. As we pursue this research, we will be pleased to provide additional information on our findings to the Committee. The Data Encryption Standard The current government standard for the encryption of data is known as the Data Encryption Standard (DES), which was first approved as a Federal Information Processing Standard in 1977. DES is widely used within both the government and the private sector for the protection of sensitive information, including financial information, medical information, and Privacy Act data. DES represents a proven twenty year old technology with DES products available in the marketplace for the last 15 years. Last year, NIST formally solicited comments on the recertification of DES. After reviewing those comments, and the other technical inputs that I have received, I plan to recommend to the Secretary of Commerce that he recertify DES for another five years. I also plan to suggest to the Secretary that when we announce the recertification we state our intention to consider alternatives to it over the next five years. By putting that announcement on the table, we hope to give people an opportunity to comment on orderly technological transitions. In the meantime, we need to consider the large installed base of systems that rely upon this proven standard. NIST's Proposed Digital Signature Standard The majority of the cryptographic-based security requirements in computer and network systems involve the need for strong identification and authentication. One method which we believe holds a capacity for significant improvements in security and also cost- savings by automating paper processes is the use of digital signatures. A digital signature is a computer-based method of "sealing" an electronic message in such a way that its contents cannot be changed or forged without detection and that the identity of the originator of the communication can be verified. The digital signature for a message is simply a code, or large number, that is unique for each message and each message originator (within a very high, known probability). A digital signature is computed for a message by computing a representation of the message (called a "hash" code) and a cryptographic process that uses a key associated with the message originator. Any party with access to the public key, message, and signature can verify the signature. If the signature verifies correctly, the receiver (or any other party) has confidence that the message was signed by the owner of the public key and the message has not been altered after it was signed. In 1991, NIST proposed a draft Digital Signature Standard (DSS). We received about 130 public comments. We have been reviewing these comments and revising the standard as appropriate to respond to those comments. Additionally, we have examined and are currently dealing with two claims of patent infringement, which we believe will be successfully resolved in the not-too-distant future. Once this occurs, the Secretary of Commerce needs to decide to approve the DSS as a Federal Information Processing Standard. It will then complement the Secure Hash Standard which was recently approved by the Secretary of Commerce as Federal Information Processing Standard 180. We anticipate that the DSS will find many uses within government computer systems and networks. For example, DSS could be employed in electronic funds transfer systems. Suppose an electronic funds transfer message is generated to request that $100.00 be transferred from one account to another. If the message was passed over an unprotected network, it may be possible for an adversary to alter the message and request a transfer of $1000.00. Without additional information, it would be difficult, if not impossible, for the receiver to know the message had been altered. However if the DSS was used to sign the message before it was sent, the receiver would know the message had been altered because it would not verify correctly. The transfer request could then be denied. DSS could be employed in a variety of business applications requiring a replacement of handwritten signatures. One example is Electronic Data Interchange (EDI). EDI is the computer-to-computer interchange of messages representing business documents. In the federal government, this technology is being used to procure goods and services. Digital signatures could be used to replace handwritten signatures in these EDI transactions. For instance, contracts between the government and its vendors could be negotiated electronically. A government procurement official could post an electronically signed message requesting bids for office supplies. Vendors wishing to respond to the request may first verify the message before they respond. This assures that the contents of the message have not been altered and that the request was signed by a legitimate procurement official. After verifying the bid request, the vendor could generate and sign an electronic bid. Upon receiving the bid, the procurement official could verify that the vendor's bid was not altered after it was signed. If the bid is accepted, the electronic message could be passed to a contracting office to negotiate the final terms of the contract. The final contract could be digitally signed by both the contracting office and the vendor. If a dispute arose at some later time, the contents of contract and the associated signatures could be verified by a third party. DSS is also likely to find widespread applications in the health care field. It might be used to sign digital images, for example, to assure that they remain safe against unauthorized modifications. DSS could also be useful in the distribution of software. A digital signature could be applied to software after it has been validated and approved for distribution. Before installing the software on a computer, the signature could be verified to be sure no unauthorized changes (such as the addition of a virus) have been made. The digital signature could be verified periodically to ensure the integrity of the software. In database applications, the integrity of information stored in the database is often essential. DSS could be employed in a variety of database applications to provide integrity. For example, information could be signed when it was entered into the database. To maintain integrity, the system could also require that all updates or modifications to the information be signed. Before signed information was viewed by a user, the signature could be verified. If the signature verified correctly, the user would know the information was not altered by an unauthorized party. The system could also include signatures in the audit information to provide a record of users who modified the information. The DSS can also be used in conjunction with more secure identification and authentication systems, for the protection of access to both computer and telecommunication systems. A New Encryption Technology: The Clipper Chip Approximately two weeks ago, the White House announced our intention, based on a new encryption technology, the Clipper Chip, to initiate a voluntary program to improve the security and privacy of telephone communications while meeting the legitimate needs of law enforcement. This initiative will involve the creation of new products to accelerate the development and use of advanced and secure telecommunications networks and wireless communications links - the security of the very systems you are examining here today. Sophisticated encryption technology, including the DES, has been used for years to protect electronic funds transfer. It is now being used to protect electronic mail and computer files. While encryption technology can help Americans protect business secrets and the unauthorized release of personal information, it also can be used by terrorists, drug dealers, and other criminals. A state-of-the-art microcircuit, the "Clipper Chip," has been developed by government engineers. The chip represents a new approach to encryption technology. It can be used in new, relatively inexpensive encryption devices that can be attached to an ordinary telephone. It scrambles telephone communications using an encryption algorithm that is more powerful than many in commercial use today. The Clipper algorithm with an 80 bit long cryptographic key is approximately 16 million times stronger than DES. It would take a CRAY YMP over 200 years to solve one DES key. It would take the same machine over a billion years to solve one Clipper Chip key. This new technology offers opportunities for companies to protect proprietary information, protect the privacy of personal phone conversations and prevent unauthorized release of data transmitted electronically. At the same time this technology preserves the ability of federal, state and local law enforcement agencies to intercept lawfully the phone conversations of criminals. Protection of confidentiality of information is of critical concern to the nation. So too is the ability of law enforcement to provide safe streets and neighborhoods. Americans demand the very best in law enforcement - at the federal, state and local level. Citizens insist upon a quick response to terrorist threats, organized crime, and drug dealers, while preserving our Constitutional rights. Past experience clearly shows that one critical technology successfully used to prosecute organized crime is the use of court-authorized wiretaps. Unquestionably, these lawful electronic intercepts have saved lives and been critical to bringing criminals to justice. The "Clipper Chip" is also a powerful tool which will be used by law enforcement to protect its own sensitive communications from illicit criminal monitoring. A "key-escrow" system is envisioned that would ensure that the "Clipper Chip" is used to protect the privacy of law-abiding Americans. Each device containing the chip will have two unique "keys," numbers that will be needed by authorized government agencies to decode messages encoded by the device. When the device is manufactured, the two keys would be deposited separately in two "key- escrow" data bases established by the Attorney General. Access to these keys would be limited to government officials with legal authorization to conduct a wiretap. The President has asked the Attorney General to make arrangements with appropriate entities who would hold the keys for the key-escrow microcircuits installed in communications equipment. I understand that the Attorney General is currently studying these procedures and options for who will serve as the key escrow holders. Since the announcement from the White House, I have stressed that the "Clipper Chip" technology provides law enforcement with no new authorities to access the content of the private conversations of Americans. Also, some have claimed that there is a hidden trapdoor in the chip or the algorithm. I cannot state it more simply: no trapdoor exists. The chip is an important step in addressing the problem of encryption's dual-edge sword: encryption helps to protect the privacy of individuals and industry, but it also can shield criminals and terrorists. We need the "Clipper Chip" and other approaches that can both provide law-abiding citizens with access to the encryption they need and prevent criminals from using it to hide their illegal activities. Presidential Directive for Advanced Telecommunications and Encryption Review In order to assess technology trends and explore new approaches and technologies (like the key-escrow system), the President has directed government agencies to develop a comprehensive policy on encryption and advanced telecommunications technology that accommodates: * the privacy of our citizens, including the need to employ voice or data encryption for business purposes; * the ability of authorized officials to access telephone calls and data, under proper court or other legal order, when necessary to protect our citizens; * the effective and timely use of the most modern technology to build the National Information Infrastructure needed to promote economic growth and the competitiveness of American industry in the global marketplace; and * the need of U.S. companies to manufacture and export high technology products. The President has directed early and frequent consultations with affected industries, the Congress and groups that advocate the privacy rights of individuals as policy options are developed. I anticipate being a member of the governmental review panel which will study this issue. I will again stress what we have stated previously. Encryption technology will play an increasingly important role in future network infrastructures and the Federal Government must act quickly to develop consistent, comprehensive policies regarding its use. The Administration is committed to policies that protect all Americans' right to privacy while also protecting them from those who break the law. Thank you Mr. Chairman, I would be pleased to answer any questions. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From mrnoise at econs.umass.edu Wed May 5 13:41:24 1993 From: mrnoise at econs.umass.edu (Mr. Noise) Date: Wed, 5 May 93 13:41:24 PDT Subject: RSA patent! Message-ID: <9305052027.AA06997@titan.ucs.umass.edu> > 6) (Misuse) The underlying purpose of the patent system was to > encourage the creative genius for the benefit of the public. Has the > public benefited in this case? There are two things wrong with this objection that I can see: (1) What is relevant is whether the public derives a NET (no pun intended!) benefit from the patent system, not whether it has benefittted in this particular case. We can't decide, ex post, whether to extend patent protection to something that is patentable under the law, else the law will cease to provide the incentives that encourage innovation. (2) We may have, in fact, benefitted. The question is whether anyone would have come up with the algorithim & given it away if it weren't for the possibility of making some money off of it. Maybe they would have; it *is* certain that in a few years (how many, exactly? anyone know?) the patent will expire, & we will enjoy the full use of the algorithm free of patent restrictions, right? From fergp at sytex.com Wed May 5 13:44:21 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 5 May 93 13:44:21 PDT Subject: Notes from the field Message-ID: Mike, I recently became aware of an article that you wrote entitled, "Notes on Cryptography, Diigital Telephony, and the Bill of Rights", which was included in a recent CuD (5.32, Sun May 2, 1993). It appeared to be a message you had originally posted to the austin.eff newsgroup. I'm not so sure that it ever made it over to cypherpunks, so I'm quoting part of that message here for clarity. You wrote - "B. The Fourth Amendment reads: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." C. Conspicuously missing from the language of this amendment is any guarantee that the government, with properly obtained warrant in hand, will be _successful_ in finding the right place to be searched or persons or things to be seized. What the Fourth Amendment is about is _obtaining warrants_--similarly, what the wiretap statutes are about is _obtaining authorization_ for wiretaps and other interceptions. Neither the Fourth Amendment nor Title III nor the other protections of the ECPA constitute an law-enforcement _entitlement_ for law enforcement. D. It follows, then, that if digital telephony or widespread encryption were to create new burdens for law enforcement, this would not, as some law-enforcement representatives have argued, constitute an "effective repeal" of Title III. What it would constitute is a change in the environment in which law enforcement, along with the rest of us, has to work. Technology often creates changes in our social environment --some, such as the original innovation of the wiretap, may aid law enforcement, while others, such as powerful public-key cryptography, pose the risk of inhibiting law enforcement. Historically, law enforcement has responded to technological change by adapting. (Indeed, the original wiretaps were an adaptation to the widespread use of the telephone.) Does it make sense for law enforcement suddenly to be able to require that the rest of society adapt to its perceived needs?" (End Quote) Maybe it's just that time of the day or perhaps I just need for you to clarify this a bit more -- How does the ECPA offer protection, as it is cuurrently written, against warranted search and seizure with regards to technologically advanced systems (such as would crypto be considered)? Again, you fyrther wrote - "I. As my notes here suggest, these initiatives may be, in their essence, inconsistent with Constitutional guarantees of expression, association, and privacy." (End Quote) You are saying, in effect, that it is your opinion that these initiatives may be unconstitutional? If so, what course of action can be suggested, short of a class action lawsuit against an LEA after-the-fact? By the way, the article was excellent and since I have not seen it posted here in cypherpunks, I'd like your permission to repost it. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From fergp at sytex.com Wed May 5 13:44:28 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 5 May 93 13:44:28 PDT Subject: Additional amendments to the ECPA? Message-ID: Doing some research on existing laws and ran across this snippet concerning the ECPA and amendments made in 1986-87. Can someone with more legalese comment on whether this has again been amended or changed? How does this relate to LEA's selectively wiretapping private e-mail and other electronic communications? Or does it? 8<----- Begain forwarded text ------------ On October 21, 1986, President Reagan signed the new Electronic Communications Privacy Act of 1986 amending the federal wiretap law. ECPA went into effect during the beginning of 1987. (P.L. 99-508, Title I, sec. 111, 100 Stat. 1859; P.L. 99-508, Title II, sec. 202, 100 Stat. 1868.) ECPA created parallel privacy protection against both interception of electronic communications while in transmission and unauthorized access to electronic communications stored on a system. The new ECPA first provides privacy protection for any 'electronic communication' ... [by] any transfer of signs, signals, writing, images, sounds, data or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce...." (18 U.S.C. secs. 2510(12), 2511.) The Senate Report noted examples of electronic communications to include non-voice communications such as "electronic mail, digitized transmissions, and video teleconferences." (S. Rep. No. 541, 99th Cong., 2d Sess. 14 reprinted_in 1986 U.S. Code Cong. & Ad. News 3568.) Electronic communication is defined in terms of how it is transmitted. So long as the means by which a communication is transmitted affects interstate or foreign commerce, the communication is covered ECPA. (18 U.S.C. sec. 2510(12).) Generally, that would include all telephonic means including private networks and intra-company communications. (S. Rep. No. 541, 99th Cong., 2d Sess. 12 reprinted_in 1986 U.S. Code Cong. & Ad. News 3566.) Second, ECPA protects the electronic communication when it has been stored after transmission, such as e-mail left on an electronic computer communication system for later pickup by its intended recipient. (18 U.S.C. sec. 2510(17).) The legislation makes it a federal criminal offense to break into any electronic system holding private communications or to exceed authorized access to alter or obtain the stored communications. (18 U.S.C. sec. 2701(a).) The legislation would protect electronic computer communication systems from law enforcement invasion of user e-mail without a court order. (18 U.S.C. secs. 2517, 2518, 2703.) Although the burden of preventing disclosure of the e-mail is placed on the subscriber or user of the system, the government must give him fourteen days notice to allow him to file a motion to quash a subpoena or to vacate a court order seeking disclosure of his computer material. (18 U.S.C. sec. 2704(b).) However, the government may give delayed notice where there are exigent circumstances as listed by the Act (18 U.S.C. sec. 2705.) Recognizing the easy user destruction of computer data, ECPA allows the government to include in its subpoena or court order the requirement that the provider or operator retain a backup copy of electronic communications when there is risk of user destruction. (18 U.S.C. sec. 2704(a).) The legislation gives a civil cause of action to the provider or operator, subscriber, customer or user of the system aggrieved by an invasion of an electronic communication in the system in violation of the ECPA. (18 U.S.C. secs. 2520, 2707.) If the provider or operator has to disclose information stored on his system due to a court order, warrant, subpoena, or certification under ECPA, no cause of action can be brought against him by the person aggrieved by such disclosure. (18 U.S.C. sec. 2703(e); see_also 18 U.S.C. secs. 2701(c), 2702(b), 2511(2)(a)(i), 2511(3)(b)(iii) where the systems operator or provider is not held criminally liable, may observe a private communication while performing employment duties or according to authorization, etc., may intercept private communication while making quality control checks or during the course of forwarding communications to another system.) 8<----- End of forwarded text --------- Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From hibbert at memex.com Wed May 5 13:55:07 1993 From: hibbert at memex.com (Chris Hibbert) Date: Wed, 5 May 93 13:55:07 PDT Subject: ADMIN: Handling of "tags" In-Reply-To: Message-ID: <9305052036.AA13004@entropy.memex.com> >> I'd love to see [...] every cypherpunks message have a "CPUNK:" prepended >> to the subject [...] >> I notice that a lot of people reply to messages without editing the >> subject, and the subject gets "mangled" to "Re: ADMIN: ..." instead of >> "ADMIN: Re: ..." Would it be possible to have the redistribution >> software changed to [fix these?]. My mail reader (Xmh) allows me to sort incoming mail by any header field. I key off the "to: cypherpunks" to put this mail in a different box. The information you need is already in the header, and I would object to adding more noise to the beginning of the subject field to obscure the real subject. On the second point, I agree that the second is better, but my mail sorter is smart enough to sort "Re: foo" with "foo", so again, no change is necessary. Is there any chance you can get access to a more powerful mail reader, rather than asking everyone to clutter up the headers with redundant info? Chris From hughes at soda.berkeley.edu Wed May 5 16:13:01 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Wed, 5 May 93 16:13:01 PDT Subject: DH: Draft RSAREF/Diffie-Hellman specification Message-ID: <9305052309.AA00684@soda.berkeley.edu> Jim Bidzos sent the following to me, and I've received his blessing to forward it to cyphperpunks. Note that it is a draft specification, not the actual one. For those who have no idea what Diffie-Hellman key exchange is, this document may give you some idea. Eric ----------------------------------------------------------------------------- Date: Wed, 5 May 93 15:21:20 PDT From: jim at RSA.COM (Jim Bidzos) FYI. Subject to change, but probably minor ones. This will be added to RSAREF and will be subject to RSAREF license terms when released. --Jim Date: Fri, 30 Apr 93 16:05:14 PDT From: burt at RSA.COM (Burt Kaliski) To: jim at RSA.COM Subject: Draft RSAREF/Diffie-Hellman specification RSAREF/Diffie-Hellman Interface Specification RSA Laboratories April 30, 1993 Copyright (C) 1993 RSA Laboratories, a division of RSA Data Security, Inc. All rights reserved. DRAFT -- SUBJECT TO CHANGE The Diffie-Hellman extension to RSAREF adds three routines: R_GenerateDHParams generates Diffie-Hellman parameters R_SetupDHAgreement sets up a key agreement R_ComputeDHAgreedKey computes the agreed-upon key To generate new Diffie-Hellman parameters, an application calls R_GenerateDHParams, giving the length of the Diffie-Hellman prime and a random structure. R_GenerateDHParams generates the parameters and returns the status of the operation. Several users may share given Diffie-Hellman parameters, or they may be unique to a given user. To set up a key agreement, communicating applications call R_SetupDHAgreement, giving these parameters: - the Diffie-Hellman parameters - a random structure R_SetupDHAgreement generates a new "public value" and a new "private value" for each party and returns the status of the operation. The applications then exchange their public values. To compute the agreed-upon key, the applications call R_ComputeDHAgreedKey, giving these parameters: - the Diffie-Hellman parameters - the other party's public value - the private value R_ComputeDHAgreedKey computes the agreed-upon key and returns the status of the operation. The applications may encrypt subsequent data under the agreed-upon key. When the length of the Diffie-Hellman prime is large enough, it is considered impractical for someone who sees the Diffie-Hellman parameters and the exchanged public values to determine to agreed-upon key, so the subsequent encryption is secure. R_GenerateDHParams int R_GenerateDHParams ( R_DH_PARAMS *params, /* new Diffie-Hellman parameters */ R_DH_PROTO_PARAMS *protoParams, /* D-H prototype parameters */ R_RANDOM_STRUCT *randomStruct /* random structure */ ); R_GenerateDHParams generates random Diffie-Hellman parameters, storing the result in params. protoParams specifies the lengths in bits of the Diffie-Hellman prime. randomStruct must have been seeded. Return value: 0 success RE_MODULUS_LEN prime length invalid RE_NEED_RANDOM randomStruct is not seeded R_SetupDHAgreement int R_SetupDHAgreement ( unsigned char *publicValue, /* new public value */ unsigned int *publicValueLen, /* length of public value */ unsigned char *privateValue, /* new private value */ unsigned int *privateValueLen, /* length of private value */ R_DH_PARAMS *params, /* Diffie-Hellman parameters */ R_RANDOM_STRUCT *randomStruct /* random structure */ ); R_SetupDHAgreement sets up a Diffie-Hellman key agreement by generating a public value and a private value from the Diffie-Hellman parameters. It stores the resulting public value in publicValue and the resulting private value in private value, and their lengths in publicValueLen and privateValueLen. The private value is a random number x, and the public value is the number y such that y = g^x mod p, where p and g are the prime and generator in params. publicValue and privateValue will be represented most significant byte first, with no leading zero bytes. publicValueLen and privateValueLen will not be greater than MAX_DH_PRIME_LEN. randomStruct must have been seeded. Return value: 0 success RE_NEED_RANDOM randomStruct is not seeded (others to be determined) R_ComputeDHAgreedKey int R_ComputeDHAgreedKey ( unsigned char *agreedKey, /* new agreed key */ unsigned int *agreedKeyLen, /* length of agreed key */ unsigned char *otherPublicValue, /* other's public value */ unsigned int otherPublicValueLen, /* length of public value */ unsigned char *privateValue, /* private value */ unsigned int privateValueLen, /* length of private value */ R_DH_PARAMS *params /* Diffie-Hellman parameters */ ); R_ComputeDHAgreedKey computes an agreed key from the other party's public value, a private value, and the Diffie-Hellman parameters. It stores the resulting agreed key in agreedKey, and its length in agreedKeyLen. The agreed key is the number z such that z = (y')^x mod p, where y' is the other party's public value, x is the private value, and p is the prime in params. agreedKey will be represented most significant byte first, with no leading zero bytes. agreedKeyLen will not be greater than MAX_DH_PRIME_LEN. Return value: 0 success (others to be determined) R_DH_PARAMS typedef struct { unsigned int bits; /* length in bits of prime */ unsigned char prime[MAX_DH_PRIME_LEN]; /* prime */ unsigned char generator[MAX_DH_PRIME_LEN]; /* generator */ } R_DH_PARAMS; An R_DH_PARAMS value is a structure specifying Diffie-Hellman parameters. There are three fields: bits length in bits of the prime (not less than MIN_DH_PRIME_BITS and not greater than MAX_DH_PRIME_BITS) modulus prime p, represented as a MAX_DH_PRIME_LEN- byte number, most significant byte first, as many leading zero bytes as necessary generator generator g, represented like prime R_DH_PROTO_PARAMS typedef struct { unsigned int bits; /* length in bits of prime */ } R_DH_PROTO_PARAMS; An R_DH_PROTO_PARAMS value is a structure specifying the length in bits of the Diffie-Hellman prime for parameter generation. There is one field: bits length in bits of the prime (not less than MIN_DH_PRIME_BITS and not greater than MAX_DH_PRIME_BITS) From tom.jackson at oubbs.telecom.uoknor.edu Wed May 5 16:13:22 1993 From: tom.jackson at oubbs.telecom.uoknor.edu (tom.jackson at oubbs.telecom.uoknor.edu) Date: Wed, 5 May 93 16:13:22 PDT Subject: HOW TO FAKEMAIL Message-ID: <9305051748.A6016wk@oubbs.telecom.uoknor.edu> I'm new to this list and am sorry if this is a frequently asked question. Can someone tell me how "fakemail" works and how to do it. I need to send mail to the "ftp by mail" server at decwrl.dec.com and want the host to think that it is from another address. Basicly, I want to send it my ftp request from one e-mail address and have it mail what I'm requesting to a different one. The only way that I know of to do this is with fakemail. Any suggestions? From mnemonic at eff.org Wed May 5 17:06:33 1993 From: mnemonic at eff.org (Mike Godwin) Date: Wed, 5 May 93 17:06:33 PDT Subject: Notes from the field In-Reply-To: Message-ID: <199305060004.AA18125@eff.org> Paul Ferguson writes: > I recently became aware of an article that you wrote entitled, > "Notes on Cryptography, Diigital Telephony, and the Bill of > Rights", which was included in a recent CuD (5.32, Sun May 2, > 1993). It appeared to be a message you had originally posted to > the austin.eff newsgroup. I don't recall posting it to that newsgroup, but it doesn't surprise me that it appeared there. I have strong connections with Austin and with EFF-Austin. > Maybe it's just that time of the day or perhaps I just need for you > to clarify this a bit more -- How does the ECPA offer protection, as > it is cuurrently written, against warranted search and seizure with > regards to technologically advanced systems (such as would crypto be > considered)? ECPA doesn't mention encryption. It does, however, penalize unauthorized disclosure of communications. Whether "disclosure" occurs when a communication is seized, or when it's decrypted, is an open question. > "I. As my notes here suggest, these initiatives may be, in their > essence, inconsistent with Constitutional guarantees of expression, > association, and privacy." > > (End Quote) > > You are saying, in effect, that it is your opinion that these > initiatives may be unconstitutional? Yes. > If so, what course of action > can be suggested, short of a class action lawsuit against an LEA > after-the-fact? Lawsuits are almost inherently reactive. The best thing is to lobby Congress for guarantees of the right to encrypt. State legislatures may also be a useful target. > By the way, the article was excellent and since I have not seen it > posted here in cypherpunks, I'd like your permission to repost it. You have permission to repost it anywhere. I believe it appeared already in cypherpunks, though. Maybe some people want to see it again. --Mike From barlow at eff.org Thu May 6 04:10:05 1993 From: barlow at eff.org (John Perry Barlow) Date: Thu, 6 May 93 04:10:05 PDT Subject: Phil Zimmerman's Laurel Branch Message-ID: <199305061109.AA24844@eff.org> Jim, John Gilmore passed on to me Phil Zimmerman's recent peace overture to you. I expect I am joined by nearly everyone who cares about the issue of cryptography in the hope that you will bury an understandable sense of rancor and accept his offer. Further, if there is anything which the Electronic Frontier Foundation can do to introduce light and good will into the area between you and Phil, be assured we are ready and willing. While I realize that PGP has been a burr under your saddle for the last two years...growing steadily more irritating as it proliferated like a virus around the planet...one could argue that it has actually done PK Partners more good that harm. By introducing thousands to both public key cryptography and the RSA approach to it, it has gone a long way toward establishing RSA as the de facto international standard for personal encryption. This can only work to your long term benefit. On the other hand, if the current course of things remains fixed and no resolution is made between PK Partners and Phil, then PGP will continue to be modified and improved by many international volunteers and will eventually become seriously competitive to your own products. To me, it appears you have a choice between a position where everybody loses and one where everybody wins. Perhaps I'm wrong, but the only factor which supports the former course is an emotional sense of violated principle. As I say, I could hardly fault you for feeling bitter after all that's happened, but I sincerely hope you'll be able to rise above it. And please let me know if we can help in any way. Thanks, John Perry Barlow From hughes at soda.berkeley.edu Thu May 6 07:53:09 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Thu, 6 May 93 07:53:09 PDT Subject: Cypherpunks meeting Saturday, May 8 Message-ID: <9305061445.AA12095@soda.berkeley.edu> ANNOUNCEMENT ------------ Cypherpunks Physical Meeting Saturday, May 8, 1993 (the second Saturday, as always) 12:00 noon - 6:00 p.m. Cygnus Support offices, Mt. View, CA Even after our successful _ad hoc_ meeting two weeks ago, we're still going to have our regular meeting. There's more wiretap chip to discuss; there's more encrypted phones to be discussed. I apologize for the lateness of this announcement; I've been busy putting a machine on the Internet. Eric AGENDA ------ 1. Norm Hardy has some time reserved to talk about money. 2. There will be some demonstrations of speech compression implementations that a couple of people have worked on. 3. There will be some stuff on remailers, as always. DIRECTIONS ---------- [Directions to Cygnus provided by John Gilmore. -- EH] Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From wln at cs.columbia.edu Thu May 6 09:44:13 1993 From: wln at cs.columbia.edu (William Lee Nussbaum) Date: Thu, 6 May 93 09:44:13 PDT Subject: Markoff/NYTimes : "Big Brother & the Computer Age" Message-ID: <199305061643.AA15480@ground.cs.columbia.edu> Since I haven't seen any mention of this yet: On the D1 (business section) page, in the top center, in today's [May 6] New York Times, is a diagram and 38" story on issues re: Clipper. Given that it's a finals week, I don't have time to enter much from the article, but will note the following: The first two paragraphs: Can the nation trust its secrets to its spies? That question underpins a fierce debate over a recently disclosed plan by the Clinton Administration to secure the privacy of the nation's phone calls and computer data with a standard set of computer codes. The first quotation (and the only one appearing on D1) in the article is from Eric Hughes: "This plan creates the ears of Big Brother, just as Orwell warned," said Eric Hughes, an independent software designer in Berkeley, Calif. ... - Lee From fergp at sytex.com Thu May 6 12:45:37 1993 From: fergp at sytex.com (Paul Ferguson) Date: Thu, 6 May 93 12:45:37 PDT Subject: Eerie silence.... Message-ID: <2N853B1w165w@sytex.com> Gee, what happened guys? I've had nary a stick of mail all today. Don't tell me the mail server crashed? Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From fergp at sytex.com Thu May 6 12:45:39 1993 From: fergp at sytex.com (Paul Ferguson) Date: Thu, 6 May 93 12:45:39 PDT Subject: New York Times article on "Big Brother and the Computer Age" Message-ID: New York Times Thursday, May 6, 1993 Page D1, Business Day Big Brother and the Computer Age By John Markoff Can the nation trust its secrets to its spies? That question underpins a fierce debate over a recently disclosed plan by the Clinton Administration to secure the privacy of the nation's phone calls and computer data with a standard set of computer codes. The system was designed by scientists from the United States' most secretive intelligence organization, the National Security Agency. And newly disclosed memorandums, obtained under a legally enforceable request under the Freedom of Information Act, show that the agency waged a long and ultimately successful campaign within the Government to insure that the technical details of such a system would remain secret. The inner workings of the system would be in tamper-proof computer chips that could not be opened without being destroyed. That means that citizens and businesses could use the encoding technique to protect the privacy of their wireless phone calls or the transmissions of corporate computer files, but that independent computer experts would have no way to assure that the system was secure enough to keep savvy computer hackers from unscrambling messages. Nor, some computer experts say, can anyone be certain that the National Security Agency has not built in a "trap door" that could allow unauthorized Government eavesdropping. "This plan creates the ears of Big Brother, just as Orwell warned," said Eric Hughes, an independent software designer in Berkeley, Calif. Over the years, the N.S.A. has been the Government's communications policeman, with the job of protecting the sensitive telephone and computer networks used by the military, the State Department and other Federal agencies. It also operates a world-wide electronic-surveillance system, monitoring foreign communications in the name of national security. But the recently announced encoding plan would give the agency an unprecedented role in domestic civilian corporate communications. "The N.S.A. is split between the need to provide security and the fear that if information about cryptography gets out, it won't be able to perform its other job, which is intercepting and resolving codes." said David Kahn, author of "The Codebreakers," a history of the science of encryption. "It's an unresolvable problem." The Clinton Administration inherited the new project from the Bush Administration, and has embraced it. The goal is a national voice- and data-security standard intended to provide privacy for Government, civilian and corporate users of telephone and computer communications, while also assuring that law enforcement agencies can continue to eavesdrop on or wiretap voice and data conversations after obtaining warrants. For authorized wiretapping, the law enforcement agency must obtain special code keys held in escrow by two independent organizations. What computer experts fear is a secret trap door that would not require use of these legally obtained keys. Custodian of Security The agency has a long history of resisting industry efforts to develop such technology on the ground that any codes not breakable by the N.S.A. might compromise national security. But people like John Gage, director of the science office at Sun Microsystems in Mountain View, Calif., the maker of high-powered computer work stations, are uncomfortable with that line of reasoning. "These decisions can't be left solely to the gods of encryption, the N.S.A.," Mr. Gage said. "We need privacy for the world of business." He testified last week at a hearing by the House Commerce subcommittee on telecommunications and finance, which is studying computer encryption and the National Security Agency's role in it. Concerns about the agency's influence on civilian communications have been raised before. Last year, for instance, a number of cellular-telephone executives said that an industry standards committee had been pressed by N.S.A. officials to weaken the security of a coding scheme that cellular phone makers are planning to build into the next generation of phones. Although the agency denied the assertion, computer researchers who analyzed the industry committee's cellular coding scheme say that it would be simple to subvert by anyone with computer- programming skills. Written Response With the new plan, N.S.A. officials insist that they have no motive to undermine the security of the coding plan, which was originally developed to protect Government information. The agency routinely refuses requests for on-the-record interviews, but the agency's director of policy, Michael A. Smith, responded in writing to a reporter's questions. "N.S.A. states unequivocally there is no trap door built into the algorithm." he wrote, referring to the mathematical instructions on which the encoding system is based. "A trap door would be a vulnerability in the system, and would defeat the purpose of assuring the system provides U.S. citizens with excellent security." In resisting the N.S.A.'s effort to impose a secret standard, communications and computer-industry executives point out that various unofficial coding systems are already in use in this country and abroad, whether for legitimate purposes or to conceal criminal conspiracies. Among those criticizing the agency's effort to keep a lid on encryption is Representative Edward J. Markey, Democrat of Massachusetts, chairman of the House telecommunications subcommittee. What Power Do opponents Have? "There are many ways the N.S.A. is trying to put the cryptography genie back in the bottle, but it's already available for everyone openly," said Mr. Markey, who plans to conduct further hearings on the agency's role in the new system. The Clinton Administration plans to hold its own private review in coming months to study the nation's cryptography policies and consider public comment. It is not yet clear whether mounting controversy over the National Security Agency's role could derail the plan. The new technology is the result of the Computer Security Act of 1987. It called for creation of a national standard for computer encryption and assigned the task to the main Federal standards-setting body, now known as the National Institute for Standards and Technology. A 1989 memo by a technical working group from the institute detailed the goal for an encryption standard that would be open to public use and scrutiny. "The algorithms that we use must be public, unclassified implementable in both hardware or software, usable by Federal agencies and U.S.-based multinational corporations," the memo reads in part. The institute turned to the N.S.A. for technical assistance. "The act says we can draw on N.S.A.," said Raymond Kammer, who was at the institute at the time and is now deputy director. "They're the pre-eminent scientists in cryptography in the world. We asked the agency to design a technology to fit the needs of the civilian community." Memos Detail Opposition But previously classified Government memos, obtained last week through a Freedom of information filing by Computer Professional for Social Responsibility, a public-interest group, indicate that the agency used the process of technical working groups to wear down opposition by institute scientists who wanted to keep the standard open to scrutiny. A January 1990 memo by a National Institute scientist to a colleague expressed frustration. Referring to his own group by its acronym, he wrote, "It is increasingly evident that it is difficult, if not impossible, to reconcile the concerns of N.S.A., N.I.S.T. and the general public using this approach." The N.S.A. also largely ignored the public advisory group that Congress mandated in the 1987 law. That group, composed of industry and Government computer experts, plans a public hearing meeting next month to put forth its concerns. "This all happened within the N.S.A.," said a member of the advisory group, Stephen Walker, president of Trusted Information Systems, a computer security company in Glenwood, Md. "Then it was brought forward as an accomplished fact. This doesn't solve any of our problems relative to getting good cryptography for the American people." The new coding system, if adopted, would first be used for Government electronic communications. It is then expected to quickly spread to business and even to household use, as hardware and software makers incorporate the technology into their products. Export Process Is Slow Various types of encryption systems are in use today, but the standard approach in the United States is a 15-year-old system known as the Data Encryption Standard. Based on outdated technology, this system is not the best available for modern electronic commerce. And the Government has refused to authorize export of hardware and software containing it, except on a time-consuming case-by-case basis. The Clinton Administration is studying whether to allow the general export of products based on the new N.S.A.-designed coding system, although industry executives say they doubt that foreign buyers, especially foreign Governments, would want to use codes designed by American spy masters. When Congress passed the Computer Security Act, it recognized the need to update privacy laws and wiretapping regulations to modern digital communication, which, particularly in the case of cellular phone calls and other emerging forms of over-the-air technology, can be easily monitored either by those authorized to do so, or those who are not. To demonstrate just how easy unauthorized use might be, Mr. Gage, the Sun Microsystems executive, brought a computer hacker with him to the recent House hearing. Punching a special code into a standard cellular phone, the hacker quickly converted the phone into a scanner capable of eavesdropping on all the cellular channels being used on or near Capitol Hill. The intercepted snatches of innocuous conversation were amplified to the amusement and discomfort of those in the subcommittee hearing room -- including a woman in the audience who had her own cellular phone at her side. "This demonstration," Mr. Gage said, "shows it's not really safe to talk on the phone." Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From upham at cs.ubc.ca Thu May 6 13:57:15 1993 From: upham at cs.ubc.ca (Derek Upham) Date: Thu, 6 May 93 13:57:15 PDT Subject: HIDE: Alpha version of JFIF steganography available Message-ID: <199305062057.AA00672@grolsch.cs.ubc.ca> I've got a working version of a JPEG steganograpy program. It uses modified cjpeg/djpeg sources to stick arbitrary files in JPEG images and then extract them. It needs testing. The files are in ftp.cs.ubc.ca:pub/pickup/jsteg. There is a copy of the JPEG-v4 sources (or use your own), a context-diff of the source changes (use "patch -p0" in the directory above the sources), and a test ".jpg" file. Assuming everything works correctly, running djpeg -crypt filetoread.txt miyazaki.jpg > /dev/null will extract the steganized text into the file "testout.txt" and dump the PPM file. (The extracted text should be an exact copy of the "USING" file in the JPEG-v4 distribution.) To steganize a file, use cjpeg -crypt filetohide.txt image.ppm > image.jpg or replace "image.ppm" with "-G image.gif", etc. If "cjpeg" reports that it's unable to inject the file, compress the file or use a higher "-Q" parameter. In general, the stegfile needs a final JPEG file that's at least eight times larger. Derek "Naaaaaaaaaaah, Quess isn't stupid. A vicious, vindictive, underhanded, slimy, double-crossing, self-deluding, daddy-hunting, family-killing, conscienceless, callous, sexually repressed, Electra Complex victimized, self-interested, snot- ty, obnoxious little preadolescent whining B*T*H, yes. But she's not stupid." From fergp at sytex.com Thu May 6 14:44:15 1993 From: fergp at sytex.com (Paul Ferguson) Date: Thu, 6 May 93 14:44:15 PDT Subject: ECPA reports Message-ID: <5Tc63B1w165w@sytex.com> I was re-reading USC Title 18 (Crimes and Criminal Procedure) when I came across this snippet. Are these reports available under the Freedom of Information Act? If so, I'd be interested in examining them. This extract is from Title 18, Part I, Chp. 119 (Wire and Electronic communications interception of oral communications), Sec. 2519 (Reports concerning intercepted wire, oral or electronic communications) paragraphs (inclusive) 2 & 3. 8<----- Begin snippet ------- (2) In January of each year the Attorney General, an Assistant Attorney General specially designated by the Attorney General, or the principal prosecuting attorney of a State, or the principal prosecuting attorney for any political subdivision of a State, shall report to the Administrative Office of the United States Courts- (a) the information required by paragraphs (a) through (g) of subsection (1) of this section with respect to each application for an order or extension made during the preceding calendar year; (b) a general description of the interceptions made under such order or extension, including (i) the approximate nature and frequency of incriminating communications inter- cepted, (ii) the approximate nature and frequency of other communications intercepted, (iii) the approximate number of persons whose communications were intercepted, and (iv) the approximate nature, amount, and cost of the manpower and other resources used in the interceptions; (c) the number of arrests resulting from interceptions made under such order or extension, and the offenses for which arrests were made; (d) the number of trials resulting from such intercep- tions; (e) the number of motions to suppress made with respect to such interceptions, and the number granted or denied; (f) the number of convictions resulting from such interceptions and the offenses for which the convictions were obtained and a general assessment of the importance of the interceptions; and (g) the information required by paragraphs (b) through (f) of this subsection with respect to orders or extensions obtained in a preceding calendar year. (3) In April of each year the Director of the Administra- tive Office of the United States Courts shall transmit to the Congress a full and complete report concerning the number of applications for orders authorizing or approving the interception of wire, oral, or electronic communications pursuant to this chapter and the number of orders and extensions granted or denied pursuant to this chapter during the preceding calendar year. Such report shall include a summary and analysis of the data required to be filed with the Administrative Office by subsections (1) and (2) of this section. The Director of the Administrative Office of the United States Courts is authorized to issue binding regulations dealing with the content and form of the reports required to be filed by subsections (1) and (2) of this section. 8<------- End snippet ---------- Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From mnemonic at eff.org Thu May 6 15:31:05 1993 From: mnemonic at eff.org (Mike Godwin) Date: Thu, 6 May 93 15:31:05 PDT Subject: ECPA reports In-Reply-To: <5Tc63B1w165w@sytex.com> Message-ID: <199305062223.AA08620@eff.org> Paul Ferguson defines "snippet" in a funny way. > I was re-reading USC Title 18 (Crimes and Criminal Procedure) > when I came across this snippet. Are these reports available > under the Freedom of Information Act? Beats me. Probably, though. --Mike From mnemonic at eff.org Thu May 6 15:36:17 1993 From: mnemonic at eff.org (Mike Godwin) Date: Thu, 6 May 93 15:36:17 PDT Subject: EFF letter regarding crypto policy Message-ID: <199305062236.AA08753@eff.org> Forwarded message: From zane at genesis.mcs.com Thu May 6 15:59:41 1993 From: zane at genesis.mcs.com (Sameer) Date: Thu, 6 May 93 15:59:41 PDT Subject: DIGICASH: freely available article Message-ID: I'm looking for a freely distributable article about digicash & anonymous remailers. I want to have this information available for the libertarian party of Missouri convention... (Something along the lines of the article in _Extropy_ would be nice, but I want something which I can copy MANY MANY times..) -- | Sameer Parekh-zane at genesis.MCS.COM-PFA related mail to pfa at genesis.MCS.COM | | Apprentice Philosopher, Writer, Physicist, Healer, Programmer, Lover, more | | ----STOP THE WIRETAP CHIP/BIG BROTHER PROPOSAL!---MAIL ME FOR DETAILS! __/ | "Be God" - Me __ "Specialization is for Insects" - Robert A. Heinlein__/ \_____________/ \___________________________________________________/ From banisar at washofc.cpsr.org Thu May 6 16:00:20 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Thu, 6 May 93 16:00:20 PDT Subject: ECPA reports Message-ID: <9305061903.AA42000@hacker2.eff.org> > > I was re-reading USC Title 18 (Crimes and Criminal Procedure) > when I came across this snippet. Are these reports available > under the Freedom of Information Act? If so, I'd be interested > in examining them. The reports should be available from any federal depository library and many law libraries. The administrative office told me early this week that the new volume for 92 will be out in a few weeks. A Congressional source tells me that new figures are even higher than last year, upto the mid 900 range, which is the highest number ever reported. Dave Banisar CPSR Washington Office From banisar at washofc.cpsr.org Thu May 6 16:15:19 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Thu, 6 May 93 16:15:19 PDT Subject: New NIST/NSA Revelations (by CPSR) Message-ID: <9305061921.AA58911@hacker2.eff.org> New NIST/NSA Revelations Less than three weeks after the White House announced a controversial initiative to secure the nation's electronic communications with government-approved cryptography, newly released documents raise serious questions about the process that gave rise to the administration's proposal. The documents, released by the National Institute of Standards and Technology (NIST) in response to a Freedom of Information Act lawsuit, suggest that the super-secret National Security Agency (NSA) dominates the process of establishing security standards for civilian computer systems in contravention of the intent of legislation Congress enacted in 1987. The released material concerns the development of the Digital Signature Standard (DSS), a cryptographic method for authenticating the identity of the sender of an electronic communication and for authenticating the integrity of the data in that communication. NIST publicly proposed the DSS in August 1991 and initially made no mention of any NSA role in developing the standard, which was intended for use in unclassified, civilian communications systems. NIST finally conceded that NSA had, in fact, developed the technology after Computer Professionals for Social Responsibility (CPSR) filed suit against the agency for withholding relevant documents. The proposed DSS was widely criticized within the computer industry for its perceived weak security and inferiority to an existing authentication technology known as the RSA algorithm. Many observers have speculated that the RSA technique was disfavored by NSA because it was, in fact, more secure than the NSA-proposed algorithm and because the RSA technique could also be used to encrypt data very securely. The newly-disclosed documents -- released in heavily censored form at the insistence of NSA -- suggest that NSA was not merely involved in the development process, but dominated it. NIST and NSA worked together on the DSS through an intra-agency Technical Working Group (TWG). The documents suggest that the NIST-NSA relationship was contentious, with NSA insisting upon secrecy throughout the deliberations. A NIST report dated January 31, 1990, states that The members of the TWG acknowledged that the efforts expended to date in the determination of a public key algorithm which would be publicly known have not been successful. It's increasingly evident that it is difficult, if not impossible, to reconcile the concerns and requirements of NSA, NIST and the general public through using this approach. The civilian agency's frustration is also apparent in a July 21, 1990, memo from the NIST members of the TWG to NIST director John W. Lyons. The memo suggests that "national security" concerns hampered efforts to develop a standard: THE NIST/NSA Technical Working Group (TWG) has held 18 meetings over the past 13 months. A part of every meeting has focused on the NIST intent to develop a Public Key Standard Algorithm Standard. We are convinced that the TWG process has reached a point where continuing discussions of the public key issue will yield only marginal results. Simply stated, we believe that over the past 13 months we have explored the technical and national security equity issues to the point where a decision is required on the future direction of digital signature standards. An October 19, 1990, NIST memo discussing possible patent issues surrounding DSS noted that those questions would need to be addressed "if we ever get our NSA problem settled." Although much of the material remains classified and withheld from disclosure, the "NSA problem" was apparently the intelligence agency's demand that perceived "national security" considerations take precedence in the development of the DSS. From the outset, NSA cloaked the deliberations in secrecy. For instance, at the March 22, 1990, meeting of the TWG, NSA representatives presented NIST with NSA's classified proposal for a DSS algorithm. NIST's report of the meeting notes that The second document, classified TOP SECRET CODEWORD, was a position paper which discussed reasons for the selection of the algorithms identified in the first document. This document is available at NSA for review by properly cleared senior NIST officials. In other words, NSA presented highly classified material to NIST justifying NSA's selection of the proposed algorithm -- an algorithm intended to protect and authenticate unclassified information in civilian computer systems. The material was so highly classified that "properly cleared senior NIST officials" were required to view the material at NSA's facilities. These disclosures are disturbing for two reasons. First, the process as revealed in the documents contravenes the intent of Congress embodied in the Computer Security Act of 1987. Through that legislation, Congress intended to remove NSA from the process of developing civilian computer security standards and to place that responsibility with NIST, a civilian agency. Congress expressed a particular concern that NSA, a military intelligence agency, would improperly limit public access to information in a manner incompatible with civilian standard setting. The House Report on the legislation noted that NSA's natural tendency to restrict and even deny access to information that it deems important would disqualify that agency from being put in charge of the protection of non-national security information in the view of many officials in the civilian agencies and the private sector. While the Computer Security Act contemplated that NSA would provide NIST with "technical assistance" in the development of civilian standards, the newly released documents demonstrate that NSA has crossed that line and dominates the development process. The second reason why this material is significant is because of what it reveals about the process that gave rise to the so- called "Clipper" chip proposed by the administration earlier this month. Once again, NIST was identified as the agency actually proposing the new encryption technology, with "technical assistance" from NSA. Once again, the underlying information concerning the development process is classified. DSS was the first test of the Computer Security Act's division of labor between NIST and NSA. Clipper comes out of the same "collaborative" process. The newly released documents suggest that NSA continues to dominate the government's work on computer security and to cloak the process in secrecy, contrary to the clear intent of Congress. On the day the Clipper initiative was announced, CPSR submitted FOIA requests to key agencies -- including NIST and NSA -- for information concerning the proposal. CPSR will pursue those requests, as well as the pending litigation concerning NSA involvement in the development of the Digital Signature Standard. Before any meaningful debate can occur on the direction of cryptography policy, essential government information must be made public -- as Congress intended when it passed the Computer Security Act. CPSR is committed to that goal. *************************************************** David L. Sobel CPSR Legal Counsel (202) 544-9240 dsobel at washofc.cpsr.org From banisar at washofc.cpsr.org Thu May 6 18:00:55 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Thu, 6 May 93 18:00:55 PDT Subject: New NIST/NSA Revelations Message-ID: <00541.2819563074.3344@washofc.cpsr.org> New NIST/NSA Revelations Less than three weeks after the White House announced a controversial initiative to secure the nation's electronic communications with government-approved cryptography, newly released documents raise serious questions about the process that gave rise to the administration's proposal. The documents, released by the National Institute of Standards and Technology (NIST) in response to a Freedom of Information Act lawsuit, suggest that the super-secret National Security Agency (NSA) dominates the process of establishing security standards for civilian computer systems in contravention of the intent of legislation Congress enacted in 1987. The released material concerns the development of the Digital Signature Standard (DSS), a cryptographic method for authenticating the identity of the sender of an electronic communication and for authenticating the integrity of the data in that communication. NIST publicly proposed the DSS in August 1991 and initially made no mention of any NSA role in developing the standard, which was intended for use in unclassified, civilian communications systems. NIST finally conceded that NSA had, in fact, developed the technology after Computer Professionals for Social Responsibility (CPSR) filed suit against the agency for withholding relevant documents. The proposed DSS was widely criticized within the computer industry for its perceived weak security and inferiority to an existing authentication technology known as the RSA algorithm. Many observers have speculated that the RSA technique was disfavored by NSA because it was, in fact, more secure than the NSA-proposed algorithm and because the RSA technique could also be used to encrypt data very securely. The newly-disclosed documents -- released in heavily censored form at the insistence of NSA -- suggest that NSA was not merely involved in the development process, but dominated it. NIST and NSA worked together on the DSS through an intra-agency Technical Working Group (TWG). The documents suggest that the NIST-NSA relationship was contentious, with NSA insisting upon secrecy throughout the deliberations. A NIST report dated January 31, 1990, states that The members of the TWG acknowledged that the efforts expended to date in the determination of a public key algorithm which would be publicly known have not been successful. It's increasingly evident that it is difficult, if not impossible, to reconcile the concerns and requirements of NSA, NIST and the general public through using this approach. The civilian agency's frustration is also apparent in a July 21, 1990, memo from the NIST members of the TWG to NIST director John W. Lyons. The memo suggests that "national security" concerns hampered efforts to develop a standard: THE NIST/NSA Technical Working Group (TWG) has held 18 meetings over the past 13 months. A part of every meeting has focused on the NIST intent to develop a Public Key Standard Algorithm Standard. We are convinced that the TWG process has reached a point where continuing discussions of the public key issue will yield only marginal results. Simply stated, we believe that over the past 13 months we have explored the technical and national security equity issues to the point where a decision is required on the future direction of digital signature standards. An October 19, 1990, NIST memo discussing possible patent issues surrounding DSS noted that those questions would need to be addressed "if we ever get our NSA problem settled." Although much of the material remains classified and withheld from disclosure, the "NSA problem" was apparently the intelligence agency's demand that perceived "national security" considerations take precedence in the development of the DSS. From the outset, NSA cloaked the deliberations in secrecy. For instance, at the March 22, 1990, meeting of the TWG, NSA representatives presented NIST with NSA's classified proposal for a DSS algorithm. NIST's report of the meeting notes that The second document, classified TOP SECRET CODEWORD, was a position paper which discussed reasons for the selection of the algorithms identified in the first document. This document is available at NSA for review by properly cleared senior NIST officials. In other words, NSA presented highly classified material to NIST justifying NSA's selection of the proposed algorithm -- an algorithm intended to protect and authenticate unclassified information in civilian computer systems. The material was so highly classified that "properly cleared senior NIST officials" were required to view the material at NSA's facilities. These disclosures are disturbing for two reasons. First, the process as revealed in the documents contravenes the intent of Congress embodied in the Computer Security Act of 1987. Through that legislation, Congress intended to remove NSA from the process of developing civilian computer security standards and to place that responsibility with NIST, a civilian agency. Congress expressed a particular concern that NSA, a military intelligence agency, would improperly limit public access to information in a manner incompatible with civilian standard setting. The House Report on the legislation noted that NSA's natural tendency to restrict and even deny access to information that it deems important would disqualify that agency from being put in charge of the protection of non-national security information in the view of many officials in the civilian agencies and the private sector. While the Computer Security Act contemplated that NSA would provide NIST with "technical assistance" in the development of civilian standards, the newly released documents demonstrate that NSA has crossed that line and dominates the development process. The second reason why this material is significant is because of what it reveals about the process that gave rise to the so- called "Clipper" chip proposed by the administration earlier this month. Once again, NIST was identified as the agency actually proposing the new encryption technology, with "technical assistance" from NSA. Once again, the underlying information concerning the development process is classified. DSS was the first test of the Computer Security Act's division of labor between NIST and NSA. Clipper comes out of the same "collaborative" process. The newly released documents suggest that NSA continues to dominate the government's work on computer security and to cloak the process in secrecy, contrary to the clear intent of Congress. On the day the Clipper initiative was announced, CPSR submitted FOIA requests to key agencies -- including NIST and NSA -- for information concerning the proposal. CPSR will pursue those requests, as well as the pending litigation concerning NSA involvement in the development of the Digital Signature Standard. Before any meaningful debate can occur on the direction of cryptography policy, essential government information must be made public -- as Congress intended when it passed the Computer Security Act. CPSR is committed to that goal. *************************************************** David L. Sobel CPSR Legal Counsel (202) 544-9240 dsobel at washofc.cpsr.org From mnemonic Thu May 6 15:31:51 1993 From: mnemonic (Mike Godwin) Date: Thu, 6 May 1993 18:31:51 -0400 Subject: No Subject Message-ID: <199305062231.AA08688@eff.org> >From jberman Thu May 6 18:23:32 1993 Received: from [192.77.172.140] (bush.eff.org) by eff.org with SMTP id AA08608 (5.65c/IDA-1.4.4/pen-ident); Thu, 6 May 1993 18:23:09 -0400 Date: Thu, 6 May 1993 18:23:09 -0400 Message-Id: <199305062223.AA08608 at eff.org> To: eff-board, eff-staff From: jberman (Jerry Berman) Subject: LETTER TO PRES CRYTO Status: OR This is the letter to the President dated 5/6/93 on Cryptography and Clipper Chip from the digital privacy and security working group. PLEASE CIRCULATE BROADLY. For further information, contact jberman at eff.org (202-5449237) >The President >The White House >Washington, D.C. 20500 > >Dear Mr. President: > > On April 16 you initiated a broad industry/government review of >privacy and cryptography policies. We applaud your efforts to develop a >greater understanding of these complex issues. With the end of the Cold >War and the rapid evolution of technology in the computer and >communications industries, a comprehensive review of our communications >security policies such as you have directed is sorely needed. As the world >becomes linked by a myriad of interconnected digital networks, and computer >and communications technologies converge, both government and the private >sector need to evaluate information security and privacy issues. Of course, >any overall policy must recognize the authorized law enforcement and >national security needs, and must evaluate the impact on American >competitiveness. > > The Digital Privacy and Security Working Group -- a coalition of >communications and computer companies and associations, and consumer and >privacy advocates -- was formed almost a decade ago when Congress undertook >a review of technology and security policy. That review led to the >Electronic Communications Privacy Act of 1986. Subsequently, many members >of the Working Group served on the Privacy and Technology Task Force that >Senator Leahy charged with examining these and similar issues in 1991. > > While we recognize the importance of authorized national security >and law enforcement needs, we believe that there are fundamental privacy >and other constitutional rights that must be taken into account when any >domestic surveillance scheme is proposed. Moreover, it is unclear how your >proposal and the overall review of cryptography policy will impact on U.S. >export controls. Over the past two years, the Digital Privacy and Security >Working Group has held numerous meetings at which both public and private >sector representatives have exchanged technical and legal information with >the law enforcement community on just such issues. > > In the White House press release of April 16, the Press Secretary >stated that you have "directed early and frequent consultations with >affected industries...and groups that advocate the privacy rights of >individuals..." Our group of over 50 members -- from computer software and >hardware firms, to telecommunications companies and energy companies, to >the American Civil Liberties Union and the Electronic Frontier Foundation >-- requests the opportunity to participate in developing policy on the >broad range of security and privacy issues being considered, including >appropriate encryption techniques. We believe that our membership has the >breadth and depth of expertise and experience that would allow us to >provide an excellent forum for the development of new policies in these >areas. > During the past few weeks, the Working Group has met several times >to identify issues that need to be addressed. Several aspects of the >Administration's encryption proposal warrant further discussion, including, >but not limited to: > > o whether a key escrow system will produce the desired law >enforcement results; > o the level of strength and integrity of the algorithm and >the security of the key escrow system; > o the advisability of a government-developed and classified >algorithm; > o its practicality and commercial acceptability; > o the effect of the proposal on American competitiveness and >the balance of trade; > o possible implications for the development of digital >communications; and, > o the effect on the right to privacy and other constitutional >rights. > >A detailed list of our questions relating to this subject is being prepared >to facilitate this dialogue. > > We are making our views known to officials within your >Administration and Members of Congress as the review begins. We would >welcome the opportunity to participate in the review process and look >forward to working with you and your Administration on this important issue >in the coming months. Representatives of the Digital Privacy and Security >Working Group are anxious to meet with your staff at their earliest >convenience to establish a consultation process. > > Sincerely, > >abcd, The Microcomputer Industry Association >Hewlett-Packard Company >Advanced Network & Services, Inc. IBM >American Civil Liberties Union Information Technology Association of America >Apple Computer, Inc. Information Industry Association >AT&T > Iris Associates >Business Software Alliance >Lotus Development Corporation >Cavanagh Associates, Inc. >McCaw Cellular Communications >Cellular Telephone Industry Association MCI >Computer Professionals for Social Responsibility >Microsoft Corporation >Computer & Business Equipment Manufacturers Association RSA Data Security, Inc. >Computer & Communications Industry Association Software Publishers >Association >Crest Industries, Inc. Sun Microsystems, Inc. >Digital Equipment Corporation Toolmaker, Inc. >EDUCOM Trusted Information Systems >Electronic Mail Association >United States Telephone Association > > Electronic Frontier Foundation/Coordinator > Contact: Jerry Berman 202/544-6906 > > From fergp at sytex.com Thu May 6 19:47:04 1993 From: fergp at sytex.com (Paul Ferguson) Date: Thu, 6 May 93 19:47:04 PDT Subject: Legal Net News Message-ID: <8NR63B1w165w@sytex.com> Due to the increasing demands of external activities, Legal Net News will discontinue being sent on a mailing list. My apologies go out to all of you who sent subscription requests. Legal Net News will, however, continue to be compiled, produced, released and archived on a regular basis. It can be found at the following locations: Publicly Accessable BBS's ------------------------- The SENTRY Net BBS Arlington Software Exchange Centreville, Virginia USA Arlington, Virginia USA +1-703-815-3244 +1-703-532-7143 To 9,600 bps To 9,600 bps The Internet ------------ Legal Net News is available at the following archive site(s)- tstc.edu (161.109.128.2) Directory: /pub/legal-net-news Login as ANONYMOUS and use your net ID (for example: fergp at sytex.com) as the password. The most recently released issue was volume 1, issue 4 dated 6 May, 1993 and is in the following formmat: Filename Filename Compressed ASCII Vol 1, Issue 1 LNM0493.ZIP LNM0493.TXT Vol 1, Issue 2 LNN0102.ZIP LNN1.002 Vol 1, Issue 3 LNN0103.ZIP LNN1.003 Vol 1, Issue 4 LNN0104.ZIP LNN1.004 Thanks for the interest. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From fergp at sytex.com Thu May 6 19:47:12 1993 From: fergp at sytex.com (Paul Ferguson) Date: Thu, 6 May 93 19:47:12 PDT Subject: ITAR info Message-ID: Mike Godwin writes - > The best person on the Net to ask about the ITARs is, IMHO, > Lee Tien, the lawyer handling John Gilmore's cryptography-related > litigation. Lee can be reached at tien at well.sf.ca.us. Mr. Tien, I have bothered Mike Godwin and Shari Steele to the point of no return in legalese. (Blame them for pointing me in your direction.) Actually, I'm quite curious of the ITAR restrictions of cryptologic software/hardware legislation currently on the books and the chances of it being scaled back in light of the current "Clipper" fiasco. I'm well aware of the legal provisions within USC Title 18, and the ECPA but have no idea of additional transcripts that exist that the Dept. of State which have been circumscribed to regulate and tariff. Would you be so kind as to enlighten me (us) of the ITAR stuff that many of us have heard so much about? I know Phil Zimmerman has made limited mention of ITAR restrictions, so I think that we need to first lift the veil of ignorance. Thanks for your anticipated response. Cheers. Paul Ferguson | Uncle Sam wants to read Network Integrator | your e-mail... Centreville, Virginia USA | Just say "NO" to the Clipper fergp at sytex.com | Chip... -------------------------------+------------------------------ I love my country, but I fear it's government. From hughes at soda.berkeley.edu Thu May 6 22:13:07 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Thu, 6 May 93 22:13:07 PDT Subject: PRESS: Markoff/NYTimes : "Big Brother & the Computer Age" In-Reply-To: <199305061643.AA15480@ground.cs.columbia.edu> Message-ID: <9305070509.AA24429@soda.berkeley.edu> The quotation of mine in the NYT today was one I gave to John Markoff three weeks ago when the story first broke. I called him up on the afternoon of the announcment--his office is in SF, across the bay--and told him I wanted him to give him an opportunity to quote me. I was surprised to see it in today's article. The hook for this article was the recent FOIA disclosures. Newspaper articles usually don't get written unless there is something that has changed, something that is "new." An ongoing situation won't get reported on until something specific happens; this specific happening can be an event made just for the press--a press conference, a press release, a public statement, or some publication. For further reading on this subject, look at _Reading the News_, an anthology by Pantheon Press. The FOIA disclosures about NSA's involvement in NIST was the hook, but that wasn't the point of the story. The facts of the FOIA were at the back of the story, but they were there. This illustrates another principle of the newspaper: once you have a hook, there's lots of stuff you can hang on it. It really is easy to get quoted, but to do so, you have to make yourself available to the press. The recent FOIA story is a good hook. All the recent crypto events should be enough for a Sunday article (but are not enough without a hook!). I would encourage all of you to make contact with your local media and offer to explain this abstruse subject to them. Reporters have little enough time to learn about what they talk about as it is. If you can present yourself as a bona fide expert (and this does not necessarily mean as an academic) and make an offer to tutor someone on the subject, not only will the quality of coverage improve, but a friendship will have been made. Eric From hughes at soda.berkeley.edu Thu May 6 22:16:02 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Thu, 6 May 93 22:16:02 PDT Subject: ADMIN: Eerie silence.... In-Reply-To: <2N853B1w165w@sytex.com> Message-ID: <9305070512.AA24629@soda.berkeley.edu> relay2.uu.net was down again today for a while, leading to big delays and rearranged mail. To repeat, no interloper is filtering mail or trying to disrupt service to this list, to the best of our knowledge. These interruptions havefar more banal origins. Eric From mnemonic at eff.org Fri May 7 06:09:23 1993 From: mnemonic at eff.org (Mike Godwin) Date: Fri, 7 May 93 06:09:23 PDT Subject: PRESS: Markoff/NYTimes : "Big Brother & the Computer Age" In-Reply-To: <9305070509.AA24429@soda.berkeley.edu> Message-ID: <199305071309.AA15120@eff.org> Eric writes: > The hook for this article was the recent FOIA disclosures. Newspaper > articles usually don't get written unless there is something that has > changed, something that is "new." I know that John Schwartz is working on a major piece for the Washington Post--a kind of intro to the subject. --Mike From honey at citi.umich.edu Fri May 7 08:48:06 1993 From: honey at citi.umich.edu (peter honeyman) Date: Fri, 7 May 93 08:48:06 PDT Subject: EFF letter regarding crypto policy In-Reply-To: <199305062236.AA08753@eff.org> Message-ID: <9305071548.AA13593@toad.com> here we have at&t, on the one hand, questioning the wisdom and practicality of the principles underlying clipper, while on the other hand, it promises to be first to push clipped phones out the door. go figure. peter From hughes at soda.berkeley.edu Fri May 7 10:13:06 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Fri, 7 May 93 10:13:06 PDT Subject: EFF letter regarding crypto policy In-Reply-To: <9305071548.AA13593@toad.com> Message-ID: <9305071709.AA22408@soda.berkeley.edu> re: AT&T questioning clipper and pushing clipped phones. My guess is that AT&T corporate doesn't like the idea because they know the long term consequences and the Greensboro division does like it because it's income. It's a classic case of corport schizophrenia. Whether the patient ever becomes sane is an exercise left to the patient. Eric From david at staff.udc.upenn.edu Fri May 7 11:05:39 1993 From: david at staff.udc.upenn.edu (R. David Murray) Date: Fri, 7 May 93 11:05:39 PDT Subject: cheap secure telnet? Message-ID: <9305071804.AA19192@staff.udc.upenn.edu> I have a need to have a secure telnet connection. It has to be cheap (on the order of hundreds of dollars, not thousands), but it doesn't have to be free. It also has to be low cost in terms of setup; that is, I don't want to set up a full blown Kerberos system just to get a single secure telnet link. The link is to be between two unix systems. I have root and physical access to both systems. Anyone know of such a beast? On second thought, if you have leads on stuff in the thousands of dollars range, send me them too. This /could/ turn out to be that important. -- david david at staff.udc.upenn.edu From fnerd at smds.com Fri May 7 13:59:15 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Fri, 7 May 93 13:59:15 PDT Subject: Swaine Flames Denning Message-ID: <9305072034.AA03557@smds.com> Nice editorial on the back page of the June Dr. Dobb's: "Pay No Attention to the Man Behind the Curtain, Dorothy" I won't quote the whole thing, but the first paragraph reads: "The debate on digital-telephony legislation in the March 1993 issue of *Communications of the ACM* was a fraud and a dissappointment." It's by Michael Swaine. More serious than "Swaine's Flames" sometimes are. Cypherpunks reminds me of the very first issues of "Dr. Dobb's Journal of TINY BASIC Calisthenics and Orthodontia: Running Light without Overbyte." Those days, when it seemed we all had a chance to steer the future, were over fast. -fnerd From fergp at sytex.com Fri May 7 14:17:57 1993 From: fergp at sytex.com (Paul Ferguson) Date: Fri, 7 May 93 14:17:57 PDT Subject: Carrier humor Message-ID: <08673B1w165w@sytex.com> Buzzword (acronym) of the day: VLCC (Very Large Crude Carrier) Where: UNIX Review May 1993 Vol. 11, No. 5 in "Devil's Advocate," page 126, by Stan Kelly-Bootle "VLCC (Very Large Crude Carrier) is not MCI's view of AT&T, but rather one of those supertankers that regularly resort premature delivery, known as spillage." My $.02: If it's not, it should be. Cheers. Paul Ferguson | Boycott AT&T, Network Integrator | Write your elected Centreville, Virginia USA | Representatives. fergp at sytex.com | Do the right thing. Just say "NO" to the Wiretap (Clipper/Capstone) Chip(s) I love my country, but I fear its government. From clark at metal.psu.edu Fri May 7 17:51:18 1993 From: clark at metal.psu.edu (Clark Reynard) Date: Fri, 7 May 93 17:51:18 PDT Subject: One-time pads Message-ID: <9305080134.AA05436@metal.psu.edu> Is there any publically-available software which allows utilization of one-time pads? I know it's just a matter of XOR'ing digits, but something which would allow use by modem and transmit the pad itself by PGP or another secure encryption standard, or the delivery by mail or courier of the pad itself to allow the future exchange of information by a less-secure medium would seem to be something that SOMEONE must have thought of doing; and while it's by no means trivial, it would take a bit of work to program it with a snazzy front-end, idiot-proofing and other bells and whistles. Just wondering. Oh, yes, I've posted an amusing little bit of propaganda to sci.crypt and alt.privacy.clipper, a sensationalistic little hypothetical proposition which I'd be happy to email anyone who is interested and doesn't have UseNET access (is there such a person?). ---- Robert W. Clark Just Say No! to the rclark at nyx.cs.du.edu Big Brother Chip From mdiehl at hydra.unm.edu Fri May 7 18:39:54 1993 From: mdiehl at hydra.unm.edu (J. Michael Diehl) Date: Fri, 7 May 93 18:39:54 PDT Subject: testing.... Message-ID: <9305080139.AA01204@hydra.unm.edu> I haven't received anything from this list in about 4 days. Am I still on? Sorry to waste BW +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl at triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl at fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From i6t4 at jupiter.sun.csd.unb.ca Sat May 8 03:56:15 1993 From: i6t4 at jupiter.sun.csd.unb.ca (Nickey MacDonald) Date: Sat, 8 May 93 03:56:15 PDT Subject: A few different topics Message-ID: I have a couple of different things I want to talk about, so I'll make one large post rather than several smaller ones. I posted a link encryption post a while back, and one of the responses I got back implied I was very naive in using a "shuffle" as part of the initial manipulation of the packet to be sent. I have spent some further time thinking about this, and I still fail to see how reshuffling the order of the data is anything but a good thing. If the encryption algorithm generates one output character for each input character, then I can see a situation developing where an "interloper" could cause the message being sent to be changed: sender ---> interloper ---> receiver ^ Knows senders password, but sender is unaware. Changes sent message without senders knowledge. Now this situation is a possibility any time a store and forward (such as email) situation exists and someone (other than the sender and receiver as appropriate) knows the password(s). This could still be a problem in a real time link, unless the data is sent in a nonlinear (shuffled) order. The implication is, that if the data has to be rearranged to be understood, then the interloper is going to have to gather more than one packet, and rearrange them to understand whats being sent, in order to be able to know what changes to make to the message to make it have an altered meaning for the receiver. Collecting the packets would cause a delay that would (should) be noticeable on a real time link. I still don't like the idea of trying to use timing as the only control, given the modern communications can be filled with arbitrary delays, but I don't know of any other approach that will offer any hope of detecting that someone knows your password. This is probably another problem that would be solved by a "more powerful mailer", but not having one on hand I do not know this to be the case: I have a second thought about the subject handling of posts to this (and other) email lists. In my Bitnet days, I used to be on a number of Listserv lists. One of things I liked about them was that the messages always showed up as being from the list. The email I get now, all appears to be a collection of private mail from a collection of individual people... The problem occurs when someone replys privately to one of my posts. It is impossible for me to tell which mail is sent directly to me, and which mail has been redirected by the list. I am about to start "spec"ing a software licensing system using public key technology. I would like any comments... this is not something I have seen discussed on the list in the short time I've been subscribed. What I propose is that the software would require (say in an environment variable or a special file some where) an "activation key". The activation key would be some licensing data that was encrypted with a private key by the software manufacturer (say a serial number, licensee's name, and a license duration (or expiry date)). The software would have the public key compiled into it, and only if it could decode the activation key, and it had not expired, would the software run. The majority response on "should I try my survey" was positive (in fact I only got one "count me out"). I was warned that it may end up meaningless because everyone will submit anonymous responses... I don't see where that will be a problem, unless someone submits multiple responses or unless hiding behind anonymity means someone still feels inclined to be untruthful. I guess maybe I'm just being foolish by assuming that allowing anonymous posts would make people feel more secure in telling the truth about themselves... In any case, I will start collecting my thoughts and form some questions... --- Nick MacDonald | NMD on IRC i6t4 at jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From amcgee at netcom.com Sat May 8 08:35:48 1993 From: amcgee at netcom.com (Arthur R. McGee) Date: Sat, 8 May 93 08:35:48 PDT Subject: An end to the PGP quarrel? (fwd) Message-ID: ---------- Forwarded message ---------- Date: Fri, 7 May 93 02:13:29 -0500 From: Steve Jackson To: eff-austin at tic.com, eff-austin-directors at tic.com Cc: thesegroups at tic.com Subject: An end to the PGP quarrel? The creator of PGP has proposed to Jim Bidzos of RSA that RSA approve a new, already-written version of PGP which uses "RSAREF," an unprotected version of the PGP algorithm. I propose that EFF-Austin write to Bidzos endorsing the suggestion. Hmm. Perhaps other groups might feel the same way, so this will be copied appropriately. From amcgee at netcom.com Sat May 8 08:57:35 1993 From: amcgee at netcom.com (Arthur R. McGee) Date: Sat, 8 May 93 08:57:35 PDT Subject: An end to the PGP quarrel? (fwd) Message-ID: ---------- Forwarded message ---------- Date: Sat, 8 May 1993 01:57:56 +0800 From: John Perry Barlow To: Steve Jackson , eff-austin at tic.com, eff-austin-directors at tic.com Cc: thesegroups at tic.com Subject: Re: An end to the PGP quarrel? At 2:13 AM 5/7/93 -0500, Steve Jackson wrote: >The creator of PGP has proposed to Jim Bidzos of RSA that RSA approve >a new, already-written version of PGP which uses "RSAREF," an unprotected >version of the PGP algorithm. I propose that EFF-Austin write to Bidzos >endorsing the suggestion. While I don't necessarily want to us to stampede at ol' Jim I wrote him the following yesterday: Jim, John Gilmore passed on to me Phil Zimmerman's recent peace overture to you. I expect I am joined by nearly everyone who cares about the issue of cryptography in the hope that you will bury an understandable sense of rancor and accept his offer. Further, if there is anything which the Electronic Frontier Foundation can do to introduce light and good will into the area between you and Phil, be assured we are ready and willing. While I realize that PGP has been a burr under your saddle for the last two years...growing steadily more irritating as it proliferated like a virus around the planet...one could argue that it has actually done PK Partners more good that harm. By introducing thousands to both public key cryptography and the RSA approach to it, it has gone a long way toward establishing RSA as the de facto international standard for personal encryption. This can only work to your long term benefit. On the other hand, if the current course of things remains fixed and no resolution is made between PK Partners and Phil, then PGP will continue to be modified and improved by many international volunteers and will eventually become seriously competitive to your own products. To me, it appears you have a choice between a position where everybody loses and one where everybody wins. Perhaps I'm wrong, but the only factor which supports the former course is an emotional sense of violated principle. As I say, I could hardly fault you for feeling bitter after all that's happened, but I sincerely hope you'll be able to rise above it. And please let me know if we can help in any way. Thanks, John Perry Barlow From tcmay at netcom.com Sat May 8 09:45:07 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 8 May 93 09:45:07 PDT Subject: Shamir at Stanford on Thursday Message-ID: <9305081645.AA07281@netcom3.netcom.com> > From daemon at Sunburn.Stanford.EDU Thu May 6 14:34:13 1993 > Date: Thu, 6 May 93 14:18:26 -0700 > From: Daphne Koller > To: stc at Theory.Stanford.EDU > Subject: STANFORD THEORY COLLOQUIUM > > > S T A N F O R D T H E O R Y C O L L O Q U I U M > ===================================================== > > > The Stanford Computer Science Department is pleased to announce the > eighth Stanford Theory Colloquium this Thursday, May 13. > > > Polynomials and Cryptography - Some Recent Results > > Professor Adi Shamir > Weizmann Institute of Science > > > The talk will take place 4:15 -- 5:45 p.m. in Jordan 041. > > A RECEPTION in honor of the speaker will be held in the third floor > lounge of MJH around 3:45. Everyone is welcome. > > ------------------------------------------------------------------- > | Professor Adi Shamir is a coinventor of the RSA public key | > | cryptographic scheme and of several other key management and | > | signature schemes. He was involved in the cryptanalytic attack | > | on the knapsack scheme, and more recently he developed (with E. | > | Biham) the new technique of differential cryptanalysis and | > | applied it to the Data Encryption Standard. | > ------------------------------------------------------------------- > > ----------------------------------------------------------------------------- > > > Polynomials and Cryptography - Some Recent Results > > Professor Adi Shamir > Weizmann Institute of Science > > > Mappings defined by polynomials modulo n=pq are a fundamental tool in > modern cryptography. However, the inversion of such mappings usually > requires the extraction of roots or the evaluation of high degree > polynomials, which is quite slow. This talk will consist of two parts. > In the first part, we give an introduction to some basic cryptographic > techniques. The second part will describe some new results in the area. > We consider the class of birational permutations f, in which both f and > f^-1 are low degree multivariate rational functions mod n. We describe > new families of birational permutations, and how to turn them into new > cryptographic schemes which are much faster than previously known > schemes. In addition, we consider the general problems of factoring > multivariate polynomials mod n and solving systems of polynomial > equations mod n, and develop new techniques for proving the hardness of > randomly chosen instances of such problems. > > The talk will be self contained and accessible to a wide audience. > +----------------------------------------------------------------------------+ From mdiehl at triton.unm.edu Sat May 8 14:08:21 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sat, 8 May 93 14:08:21 PDT Subject: testing again. Message-ID: <9305082108.AA27172@triton.unm.edu> I never got my last test post, so I'm trying again. I have resubscribed. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl at triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl at fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From jdblair at nextsrv.cas.muohio.edu Sat May 8 19:02:10 1993 From: jdblair at nextsrv.cas.muohio.edu (John Blair) Date: Sat, 8 May 93 19:02:10 PDT Subject: ping? Message-ID: <9305090207.AA28329@ nextsrv.cas.muohio.EDU > Hello? Is anyone out there? The very high mail flow from cypherpunks suddenly ended. Is something wrong, or is this just a normal burp in the system? -john. From edgar at spectrx.Saigon.COM Sat May 8 19:48:05 1993 From: edgar at spectrx.Saigon.COM (Edgar W. Swank) Date: Sat, 8 May 93 19:48:05 PDT Subject: Correction! Message-ID: In part of my long post dated May 3, Subject: PGP: Re: Tough Choices: PGP vs. RSA Data Security I said: Jim Bidzos has told me that Phil Z. or anyone else can get a license from RSA for $20,000 plus minimum $10,000/yr. royalties. If we say we don't want to spend more than 50% of our revenues on licensing, then if Phil can get $60,000 of firm orders for a -commercial- USA version of PGP, he's in (a very profitable) business. $60,000 might be 600 copies at $100 or six site licenses at $10,000. Upon reviewing my records, I find I didn't remember those figures correctly. The above -should- have read: Jim Bidzos has told me that Phil Z. or anyone else can get a license from RSA for $25,000 plus minimum $10,000/yr. royalties. ^^^^^^^ If we say we don't want to spend more than 50% of our revenues on licensing, then if Phil can get $70,000 of firm orders for a -commercial- USA version of PGP, he's in (a very profitable) business. $70,000 might be 700 copies at $100 or seven site licenses at $10,000. My apologies to Jim Bidzos for misquoting him; however, the basic point of the paragraph that a commercial license is not too far out of reach remains valid. -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Silicon Valley, Ca From lg2g+ at andrew.cmu.edu Sat May 8 21:24:57 1993 From: lg2g+ at andrew.cmu.edu (Liam David Gray) Date: Sat, 8 May 93 21:24:57 PDT Subject: RNG: from Zener diode? Message-ID: Tim, I recall you or some other Cypherpunk mentioning that, by some means, strong random numbers can be had by observing some property of Zener diodes. Could you explain this? ...If feasible, I imagine exploiting this phenomenon to make a "random number dongle," an inline device for a PC's serial or parallel port, which could be polled by savvy software. If possible, and if someone hasn't done it already, I'd like to work up a simple recipe (schematic, list of ingredients, and sample code) for this--and get it put into our "crypto-anarchists' cookbook"--i.e., on soda.berkeley.edu. Perhaps a future version of PGP could take advantage of such a random noise dongle, selectable by command-line switch. This is pure speculation at this point. Am I completely off-base? In any case, I'd love to hear more about it. Liam --- PGP public key available by arrangement -- The cat is out of the bag. Too much of a dreamer not to be practical -- Go have your own "valiant defeat." Liam David Gray From habs at Panix.Com Sun May 9 08:52:26 1993 From: habs at Panix.Com (Harry Shapiro) Date: Sun, 9 May 93 08:52:26 PDT Subject: Press: Sunday NY Times Message-ID: <199305091552.AA28290@sun.Panix.Com> There is a major "technology" piece in the Sunday NY Times by John Markoff on the Cyhperpunk group, the Wired article (The cover is reproduced a long with the demasked photo to Tim, Eric and John), the encryption as a whole. Great job John!! /harry -- Harry Shapiro habs at panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From 76114.2307 at CompuServe.COM Sun May 9 10:07:36 1993 From: 76114.2307 at CompuServe.COM (William Oldacre) Date: Sun, 9 May 93 10:07:36 PDT Subject: RNG from zener is easy. Message-ID: <930509170215_76114.2307_BHA35-1@CompuServe.COM> To: >Internet:cypherpunks at toad.com This posting is in response to Liam's earlier message on creating a random number generator using a zener diode. I breadboarded such a circuit over year ago and it worked fine. Zener diodes, operated in their zener region with a reverse voltage generate electrical noise much like a "noise diode". This can be amplified and shaped using a single quad op amp package to create what appears to be a very random data stream. Best way to use this would be to shift it into an eight bit latch before reading the parallel port. Depending on design, it's operation is much (MUCH) faster than a pseudo random number generator written in software. It can fill a floppy disk so fast that the main limitation is the writing speed of the disk drive. A simple XOR with the message text is enough to create an unbreakable cyphertext. Problem is, that both parties have to have exact copies of the random numbers since they cannot be regenerated as with pseudo random numbers using a key. What is needed is a way to encrypt the random numbers so that they can be sent to someone else to use. This would be hard to decode, because it would be difficult to know when success had been achieved. If it is being tested against a message text, the loss of one byte shifts everything to that the text becomes gibberish again. I'm glad Liam brought this up. It is a good way to produce an absolutely unbreakable code. This, providing the design is good and no patterns are allowed to appear (introduced by amplifier oscillation or nearby noise sources) in the generated numbers. If there is any interest out there perhaps we (Liam or I) could produce a few for testing. From markh at wimsey.bc.ca Sun May 9 11:37:26 1993 From: markh at wimsey.bc.ca (Mark C. Henderson) Date: Sun, 9 May 93 11:37:26 PDT Subject: RNG from zener is easy. Message-ID: > To: >Internet:cypherpunks at toad.com > > A simple XOR with the message text is enough to create an unbreakable > cyphertext. Problem is, that both parties have to have exact copies > ... > I'm glad Liam brought this up. It is a good way to produce an > absolutely unbreakable code. This, providing the design is good and > no patterns are allowed to appear (introduced by amplifier > oscillation or nearby noise sources) in the generated numbers. If > there is any interest out there perhaps we (Liam or I) could produce > a few for testing. Yes, I'm certainly interested. A practical use for such a device would be to generate "random" data for use by PGP or RIPEM. Both need "random" data to generate session keys and public/secret keypairs. In fact, the whole security of these programs depends upon the unpredictability of the "random" data used. Mark -- Mark Henderson markh at wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From 74076.1041 at CompuServe.COM Sun May 9 11:47:17 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Sun, 9 May 93 11:47:17 PDT Subject: Random TSR Message-ID: <930509183959_74076.1041_FHD48-1@CompuServe.COM> -----BEGIN PGP SIGNED MESSAGE----- We had some discussion on the list a few months ago about hardware RNG's. As I recall, there were problems feared with the Zener diode noise generators involving coupling to other EM signals that might add regularity to the noise. Hardware random numbers are useful, not so much to fill one time pads, with their attendant problems with distribution, but rather as session key generators for Diffie-Hellman key exchange or RSA-type public key programs. This is one of the weak points of PGP, in my opinion; it times keystrokes when you first generate your public key, but then from then on it just uses and re-uses those same random numbers. (It does mix in the time of day for each message sent, but as pointed out on the PGP developers' list, this may not add that much randomness.) Each time you send a message, it has to generate a random session key, which it uses to encrypt your message, sending this random key RSA- encrypted at the head of your message. How random are these session keys? PGP is still re-using the same random information I supplied many months ago. There is no KNOWN way to exploit this lack of randomness but it is still worrisome. Perry Metzger mentioned that he deletes his randseed.bin file every night. This causes PGP to ask him for new keystroke timings every morning when he first runs it. This adds a new daily dose of randomness to the program but it is kind of a pain to do. This is where a hardware RNG would be really useful. Use it to generate your session keys and you don't have to worry too much about someone breaking your message by intelligent key guessing. RIPEM goes to greater lengths than PGP in trying to find good random bits. It has options to scan your filesystem or to use network information, both of which are presumed to be randomly changing. These approaches are more suitable for a multi-user workstation than for a regular PC, though. I had an idea for the PC environment which I don't think I've seen before. (Apologies if I'm regurgitating someone else's idea.) Have a TSR which just extracted random information from your use of the PC. Do keystroke timing all the time, check disk block contents and locations. Record this information and periodically pass it through MD5 then store it in a file. This file would basically hold entropy extracted from how you use your PC. PGP could then read this file (you could even have the file be PC's randseed.bin, making it compatible with current versions of PGP) to get its random bits for session keys. This does not sound like it would be that hard, although the few attempts I have made to write TSR programs which hooked into DOS calls have not been terribly robust. One technical issue is how much randomness or entropy exists in each event. This has been discussed in some detail on the PGP developers' list, but a simple solution would be to just ignore that problem and constantly merge in your new random bits with those in the file. Once you've gotten enough "true" randomness your file will be fully random. You won't know when that's happened but if your file isn't too big and you use the computer quite a bit it will hopefully be fast enough. Or, if you wanted to be more ambitious, I gather from the discussion on pgp-dev that you could collect statistics on the intervals between key- strokes and use these to estimate the amount of random information per keystroke. Then you could have a call to the TSR to tell how much random information is available in the file. This program could be constantly running in the background, unobtrusively, collecting and distilling the randomness you are discarding all the time. Randomness is precious; it's time to stop wasting these bits! Hal Finney 74076.1041 at compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK+0lWqgTA69YIUw3AQGPbQP/TUSbeusbaPQ3DF6wpr+tY5H8IcVTzJUb p78E+IZHx8pMSQP/fu8SnBGWuINnurq9fssJT9o7DQJnXBmcEgK+48OHbunHi9OV VrheN8tXHTY5OBd4pvKV9nh200+OalRny5lL4ZviMqGl+iYVJEU5PdZIPnPeRAzV AaZ2gvVBdbE= =gww0 -----END PGP SIGNATURE----- From norm at netcom.com Sun May 9 15:37:14 1993 From: norm at netcom.com (Norman Hardy) Date: Sun, 9 May 93 15:37:14 PDT Subject: Early Battles Message-ID: <9305092237.AA11893@netcom3.netcom.com> I remember hearing an anecdote from a fairly private but unclassified source. According to this source NSA was incensed when IBM first developed Lucifer for banking applications, especially because they published details in a Scientific American article. NSA accused IBM of stealing secrets from NSA thru IBM employees having access to NSA technology as part of their jobs developing hardware and software for NSA. IBM was of course prepared for this eventuality. They quoted an early paper by Shannon suggesting that a mixture of transpositions and permutations would likely produce strong ciphers. This is, of course, the heart of both Lucifer and DES. NSA backed off. From fnerd at smds.com Sun May 9 16:22:05 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Sun, 9 May 93 16:22:05 PDT Subject: Shamir papers are available Message-ID: <9305092305.AA06080@smds.com> The Adi Shamir papers are available by anonymous ftp from soda.berkeley.edu in pub/cypherpunks/papers/ shamir.abstracts shamir.birational shamir.hard.poly Thanks to Eric Hughes. -fnerd From jb at paris7.jussieu.fr Mon May 10 01:03:46 1993 From: jb at paris7.jussieu.fr (jb at paris7.jussieu.fr) Date: Mon, 10 May 93 01:03:46 PDT Subject: How to FAKE MAIL Message-ID: <0096c4a2.c6e6bbf2.19741@paris7.jussieu.fr> From: MX%"Postmaster at paris7.jussieu.fr" 8-MAY-1993 13:19:41.13 To: JB CC: Subj: SMTP delivery error Return-Path: <> Date: Sat, 08 May 1993 13:19:18 WET From: Postmaster at paris7.jussieu.fr (SMTP delivery agent) To: Subject: SMTP delivery error Note: this message was generated automatically. A problem occurred during SMTP delivery of your message. Error occurred sending to host oubbs.telecom.uoknor.edu: retry count exceeded message transmission could not be completed connect to network object rejected ======================================================================== Message follows. Date: Thu, 06 May 1993 11:10:50 WET From: jb at paris7.jussieu.fr To: tom.jackson at oubbs.telecom.uoknor.edu Message-ID: <0096c187.9189aeba.18431 at paris7.jussieu.fr> Subject: RE: HOW TO FAKEMAIL Hi, I'm interested on the subject too. Can u keep me inform on any information u might receive? Thanx in advance, Jean-Baptiste From kinney at spot.Colorado.EDU Mon May 10 07:34:03 1993 From: kinney at spot.Colorado.EDU (KINNEY WILLIAM H) Date: Mon, 10 May 93 07:34:03 PDT Subject: Random Numbers Message-ID: <199305101433.AA01828@spot.Colorado.EDU> There's was some traffic on sci.crypt today about generating random numbers by reading noise off a sound port, which ties in to discussion here of using a Zener diode device. The question is, if you have a noise source that is likely to create, say, long strings of zeros or to have some other statistical bias, how do you fix it up to create a good distribution? Certainly, if your only problem is that you have an input stream where the ones are randomly distributed but _rare_, in the sense that the stream is mostly zeros, you can just count ones for a period of time and create an output stream like output[i] = 1 if the parity of N input bits is odd 0 if the parity of N input bits is even Then the ouput stream will be very high-entropy. Something similar, but more complicated, would probably apply to reading thermal noise as well, since you know the input has a Boltzmann distribution or whatever, and can transform it to a distribution of your choice. The problem seems to boil down to having random input with a distribution f() and transforming it to random output with another distribuion g(). Or if you want to make it worse, having some not-really-random input f() and transforming it to random output g(). But this is probably naive -- what are the pitfalls here? What is the best way to do it for cryptographic purposes? -- Will From whitaker at eternity.demon.co.uk Mon May 10 10:49:03 1993 From: whitaker at eternity.demon.co.uk (Russell Earl Whitaker) Date: Mon, 10 May 93 10:49:03 PDT Subject: FWD: PGP Menu Utility Message-ID: <5351@eternity.demon.co.uk> This article was forwarded to you by whitaker at eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Xref: demon demon.security:118 demon.ip.cppnews:318 Path: eternity.demon.co.uk!demon!rundart.demon.co.uk!gt Newsgroups: demon.security,demon.ip.cppnews From: gt at rundart.demon.co.uk (Giles Todd) Cc: pbrett at tamara.demon.co.uk Reply-to: uploads at demon.co.uk Subject: PGP Menu Utility X-Mailer: VE3PZR VIEW DIS V1.01. Lines: 61 Date: Fri, 7 May 1993 22:35:33 +0000 Message-ID: <31617.gt at rundart.demon.co.uk> Sender: usenet at demon.co.uk > From: Paul Brett > Subject: PGP Menu Utility > Reply-To: pbrett at tamara.demon.co.uk > To: uploads at demon.co.uk > Message-ID: <736839528snx at tamara.demon.co.uk> > X-Mailer: cppnews $Revision: 1.35 $ > Date: Fri, 07 May 93 22:38:48 GMT > Organization: Disorganised > Lines: 41 > > -----BEGIN PGP SIGNED MESSAGE----- > > PGP MENU > ~~~~~~~~ > PGP menu is a simple utility to allow easy use of PGP from within CppNews (or > any other program that allows you to shell out to an editor as you prepare > your text). > > The program calls up your editor, to allow you to edit a text message, and > then prompts you to allow you to sign, encrypt or sign & encrypt (both) a > file. > > Known Bugs / Features > ~~~~~~~~~~~~~~~~~~~~~ > > 1. The program will always use default key for encryption of your message > (i.e. the key specified by 'MyName' in %PGPPATH%\config.txt). > > 2. There is currently no way to specify the encryption flags. > > Legal Stuff > ~~~~~~~~~~~ > > This program is copyright by me. It is made available as is, for unlimited > distribution and use provided that the program and documentation are > distributed as is. No warranty is given for malfunction of the program, > or consequent damages. > > - -- > Paul Brett EMail : pbrett at tamara.demon.co.uk > Uxbridge, UK Voice : 0895 251479 > PGP2.x key available > > > -----BEGIN PGP SIGNATURE----- > Version: 2.2 > > iQBVAgUBK+rVWdQocaCQTJGXAQE3JQH/UX6/QxlFJViBw3Na+/anMV78OsziHEfh > KfjRg65rrUWB4NY+rjBhBOSKtn8uSv+kVZYZjx6TiAYSqsLqpeNczg== > =OMdm > -----END PGP SIGNATURE----- pgpmenu.zip is available for anonymous ftp from ftp.demon.co.uk:/pub/pgp. Thanks for the upload. Giles. -- Giles Todd gt at rundart.demon.co.uk (Internet) Rundart Ltd Demon Internet Services Voice: +44 925 33472 PGP 2.x public key available. --------------------------------- cut here ----------------------------- From whitaker at eternity.demon.co.uk Mon May 10 10:50:28 1993 From: whitaker at eternity.demon.co.uk (Russell Earl Whitaker) Date: Mon, 10 May 93 10:50:28 PDT Subject: FWD: UK English language file for PGP Message-ID: <5352@eternity.demon.co.uk> This article was forwarded to you by whitaker at eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Path: eternity.demon.co.uk!demon!rundart.demon.co.uk!gt Newsgroups: demon.security From: gt at rundart.demon.co.uk (Giles Todd) Cc: pla at sktb.demon.co.uk Reply-to: uploads at demon.co.uk Subject: UK English language file for PGP X-Mailer: VE3PZR VIEW DIS V1.01. Lines: 40 Date: Sat, 8 May 1993 13:13:47 +0000 Message-ID: <31691.gt at rundart.demon.co.uk> Sender: usenet at demon.co.uk > Date: Sat, 8 May 1993 12:37:27 GMT > From: "Paul L. Allen" > To: uploads at demon.co.uk > Subject: UK English language file for PGP > Message-ID: <8FoXA4j024n at sktb.demon.co.uk> > Reply-To: pla at sktb.demon.co.uk > Organization: Chaos > Lines: 21 > X-Mailer: Archimedes ReadNews > > -----BEGIN PGP SIGNED MESSAGE----- > > I became a little tired of PGP misspelling `armour', so I created a UK > English language.txt (which also tells people to press keys instead of > hitting them). I've just uploaded it as language.uk. > > Archimedes users of PGP will need release 1.14 of PGP for the Archimedes > to use other languages (should appear on demon in the next day or two, if > it hasn't already). > > - --Paul > > -----BEGIN PGP SIGNATURE----- > Version: 2.2 > > iQCVAgUBK+upf2v14aSAK9PNAQFg9gP+NNareZokjgy+MJMWbfK+ny3CfzMdoTRO > cHhw8hOFDd+v8h4ezUFhI9YIFV6cfJDW9VesvcfFTlTkJ33V1x1YXKcPznxnF6fM > yUBbgWUEooLDMjEVjB+lpK3nBy+0HDTpH1zVwYgpNQTV8pITApVzG7FobwGJGFia > z21//VYWG6g= > =eiIE > -----END PGP SIGNATURE----- /pub/pgp/language.uk is now available. Thanks for the upload. Giles. -- Giles Todd gt at rundart.demon.co.uk (Internet) Rundart Ltd Demon Internet Services Voice: +44 925 33472 PGP 2.x public key available. --------------------------------- cut here ----------------------------- From whitaker at eternity.demon.co.uk Mon May 10 10:53:13 1993 From: whitaker at eternity.demon.co.uk (Russell Earl Whitaker) Date: Mon, 10 May 93 10:53:13 PDT Subject: FWD: Archimedes PGP 2.2 & PGPwimp Message-ID: <5353@eternity.demon.co.uk> This article was forwarded to you by whitaker at eternity.demon.co.uk (Russell Earl Whitaker): --------------------------------- cut here ----------------------------- Path: eternity.demon.co.uk!demon!rundart.demon.co.uk!gt Newsgroups: demon.security From: gt at rundart.demon.co.uk (Giles Todd) Cc: chrisg at nedman.demon.co.uk Reply-to: uploads at demon.co.uk Subject: Archimedes PGP 2.2 & PGPwimp X-Mailer: VE3PZR VIEW DIS V1.01. Lines: 34 Date: Sat, 8 May 1993 15:51:01 +0000 Message-ID: <31705.gt at rundart.demon.co.uk> Sender: usenet at demon.co.uk > Date: 08 May 93 16:05:23 GMT > Message-Id: <930508160523 at nedman.demon.co.uk> > From: Chris Gransden > Reply-To: chrisg at nedman.demon.co.uk > To: uploads at demon.co.uk > Subject: Archimedes PGP 2.2 & PGPwimp > Organization: Home > X-Mailer: ReaderS for the Acorn Archimedes > > I've just uploaded a new version of PGP 2.2 for the Archimedes to /incoming. > The main improvement for this release, v1.14, is the encryption/decryption > phase is significantly speeded up. Also using language translation files now > works. > > I've also uploaded PGPwimp. This is a desktop front end to Archimedes PGP. > This was produced by Peter Gaunt. This can only be used with RISC OS3. It > makes using PGP alot simpler. > > Could you put both these programs in /pub/archimedes. > Thanks. > > Chris > > -- > Email: chrisg at nedman.demon.co.uk These files are now available from /pub/archimedes. Thanks for the upload. Giles. -- Giles Todd gt at rundart.demon.co.uk (Internet) Rundart Ltd Demon Internet Services Voice: +44 925 33472 PGP 2.x public key available. --------------------------------- cut here ----------------------------- From pmetzger at lehman.com Mon May 10 11:06:43 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 10 May 93 11:06:43 PDT Subject: Early Battles In-Reply-To: <9305092237.AA11893@netcom3.netcom.com> Message-ID: <9305101806.AA14984@snark.shearson.com> Norman Hardy says: > I remember hearing an anecdote from a fairly private but > unclassified source. According to this source NSA was incensed when > IBM first developed Lucifer for banking applications, especially > because they published details in a Scientific American article. NSA > accused IBM of stealing secrets from NSA thru IBM employees having > access to NSA technology as part of their jobs developing hardware > and software for NSA. IBM was of course prepared for this > eventuality. They quoted an early paper by Shannon suggesting that a > mixture of transpositions and permutations would likely produce > strong ciphers. This is, of course, the heart of both Lucifer and > DES. > NSA backed off. This sounds like an urban legend -- NSA and IBM worked way too closely on the development of DES for this to sound likely. .pm From jet at nas.nasa.gov Mon May 10 13:27:04 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Mon, 10 May 93 13:27:04 PDT Subject: notes from meeting? Message-ID: <9305102026.AA12154@boxer.nas.nasa.gov> anybody keep some sort of notes/minutes/summary of the meeting that they can post? I managed to misplace mine, and with it, things like names and email addresses... thx -- J. Eric Townsend jet at nas.nasa.gov 415.604.4311 NASA Ames Numerical Aerodynamic Simulation | play: jet at well.sf.ca.us Parallel Systems Support, CM-5 POC | '92 R100R / DoD# 0378 PGP2.1 public key available upon request or finger jet at simeon.nas.nasa.gov From gnu at cygnus.com Mon May 10 17:54:30 1993 From: gnu at cygnus.com (gnu at cygnus.com) Date: Mon, 10 May 93 17:54:30 PDT Subject: [Torbjorn Granlund: GNU Multiple Precision Arithmetic Library] Message-ID: <9305110054.AA27764@cygnus.com> It might be interesting to compare the speed of this library with the speed of the multiprecision code in RSAREF and in PGP. May the fastest library win! John ------- Forwarded Message To: info-gnu at prep.ai.mit.edu, bug-gnu-utils at prep.ai.mit.edu Subject: GNU Multiple Precision Arithmetic Library Date: Mon, 10 May 1993 16:35:35 +0200 From: Torbjorn Granlund Version 1.3 of the GNU Multiple Precision Arithmetic Library is now available for anonymous ftp from prep.ai.mit.edu as /pub/gnu/gmp-1.3.tar.z. The main differences between 1.2 and 1.3 are bug fixes and support for 64-bit machines. There are also a couple of enhancements that affects the speed of some operations. There are no new user-visible functions in this version. (There will be a new major version of this library in a not distant future. That version, 2.0, will contain additions of new functions contributed from other people. It also has a documented low-level interface for really time-critical applications. I don't know exactly when it will be ready.) These people (in alphabetical order) helped with testing of this release: Per Bothner Bruno Haible J.W.Hawtin-SE0 at computer-science.birmingham.ac.uk Joachim Hollman Phil Howard Henrik Johansson AOKI Kazumaro Steve Linton Alyson Reeves Nils Rennebarth Joachim Schimpf Ken Weber Plus possibly somebody whose name I have lost. Many other people have contributed bug reports during the 1 1/2 years since the last release. Thanks everybody! Torbjorn Granlund [ Most GNU software is packed using the new `gzip' compression program. Source code is available on most sites distributing GNU software. For information on how to order GNU software on tape, floppy, or cd-rom, check the file etc/ORDERS in the GNU Emacs distribution or in GNUinfo/ORDERS on prep, or e-mail a request to: gnu at prep.ai.mit.edu By ordering tapes from the FSF you help us continue to develop more free software. Media revenues are our primary source of support. Donations to FSF are deductible on US tax returns. The above software will soon to be at these ftp sites as well. Please try them before prep.ai.mit.edu! thanx -gnu at prep.ai.mit.edu ASIA: ftp.cs.titech.ac.jp, utsun.s.u-tokyo.ac.jp:/ftpsync/prep, cair.kaist.ac.kr:/pub/gnu AUSTRALIA: archie.oz.au:/gnu (archie.oz or archie.oz.au for ACSnet) EUROPE: irisa.irisa.fr:/pub/gnu, grasp1.univ-lyon1.fr:pub/gnu, unix.hensa.ac.uk:/pub/uunet/systems/gnu, src.doc.ic.ac.uk:/gnu, ftp.informatik.tu-muenchen.de, ftp.informatik.rwth-aachen.de:/pub/gnu, isy.liu.se, ftp.stacken.kth.se, ftp.luth.se:/pub/unix/gnu, nic.funet.fi:/pub/gnu, ugle.unit.no, ftp.win.tue.nl, ftp.denet.dk, ftp.eunet.ch, nic.switch.ch:/mirror/gnu, archive.eu.net USA: wuarchive.wustl.edu, labrea.stanford.edu, ftp.kpc.com:/pub/mirror/gnu, ftp.cs.widener.edu, uxc.cso.uiuc.edu, col.hp.com:/mirrors/gnu, ftp.cs.columbia.edu:/archives/gnu/prep, gatekeeper.dec.com:/pub/GNU, ftp.uu.net:/systems/gnu ] ------- End of Forwarded Message From deboni at diego.llnl.gov Tue May 11 10:58:46 1993 From: deboni at diego.llnl.gov (Tom DeBoni) Date: Tue, 11 May 93 10:58:46 PDT Subject: book reference request Message-ID: <9305111757.AA02870@diego.llnl.gov> A month or so back, there appeared on this list a reference to a book on the history of cryptology in telecommunications in the country. If memory serves me (and it may well not) its title was something like "The Invisible Weapon". Could some knowing person please send oe the full reference, or otherwise unconfuse me? Thanks! Tom DeBoni deboni at llnl.gov From MJMISKI at macc.wisc.edu Tue May 11 14:48:24 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Tue, 11 May 93 14:48:24 PDT Subject: BYTE article Message-ID: <23051116244656@vms2.macc.wisc.edu> Cypherpunks, There is an article about the future of Encryption Regulation in the May 1993 issue of BYTE. Its not TOO bad and our side is at least represented. (With a most excellent spokesman BTW). They offer up a "solution" to the Denning/Privacy Schism. Including Silvio Micali's (I thought someone else had this idea first...) multiple repositories. I recall some talk about this with regard to time released crypto. I think they could use some refining. The author is Peter Wayner and can be reached at pcw at access.digex.com. Take it easy on him, I think he is really trying to struggle with issues that we understand already. Lets school 'im guys (and gals). The article actually mentions steganography also...Not bad BYTE. Matt mjmiski at macc.wisc.edu From fergp at sytex.com Tue May 11 15:15:33 1993 From: fergp at sytex.com (Paul Ferguson) Date: Tue, 11 May 93 15:15:33 PDT Subject: NIST Open Meeting Message-ID: This message is forwarded from RISKS Digest (14.59) 8<---------- Begin forwarded message -------------- Date: Tue, 11 May 93 13:42:18 EDT From: Clipper-Capstone Chip Info Organization: National Institute of Standards and Technology (NIST) Subject: NIST Advisory Board Seeks Comments on Crypto Note: This file has been posted to the following groups: RISKS Forum, Privacy Forum, Sci.crypt, Alt.privacy.clipper and will be made available for anonymous ftp from csrc.ncsl.nist.gov, filename pub/nistgen/cryptmtg.txt and for download from the NIST Computer Security BBS, 301-948-5717, filename cryptmtg.txt. Note: The following notice is scheduled to appear in the Federal Register this week. The notice announces a meeting of the Computer System Security and Privacy Advisory Board (established by the Computer Security Act of 1987) and solicits public and industry comments on a wide range of cryptographic issues. Please note that submissions due by 4:00 p.m. May 27, 1993. DEPARTMENT OF COMMERCE National Institute of Standards and Technology Announcing a Meeting of the COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD AGENCY: National Institute of Standards and Technology ACTION: Notice of Open Meeting SUMMARY: Pursuant to the Federal Advisory Committee Act, 5 U.S.C. App., notice is hereby given that the Computer System Security and Privacy Advisory Board will meet Wednesday, June 2, 1993, from 9:00 a.m. to 5:00 p.m., Thursday, June 3, 1993, from 9:00 a.m. to 5:00 p.m., and Friday, June 4, 1993 from 9:00 a.m. to 1:00 p.m. The Advisory Board was established by the Computer Security Act of 1987 (P.L. 100-235) to advise the Secretary of Commerce and the Director of NIST on security and privacy issues pertaining to Federal computer systems and report its findings to the Secretary of Commerce, the Director of the Office of Management and Budget, the Director of the National Security Agency, and the appropriate committees of the Congress. All sessions will be open to the public. DATES: The meeting will be held on June 2-4 1993. On June 2 and 3, 1993 the meeting will take place from 9:00 a.m. to 5:00 p.m. and on June 4, 1993 from 9:00 a.m. to 1:00 p.m. Public submissions (as described below) are due by 4:00 p.m. (EDT) May 27, 1993 to allow for sufficient time for distribution to and review by Board members. ADDRESS: The meeting will take place at the National Institute of Standards and Technology, Gaithersburg, MD. On June 2, 1993, the meeting will be held in the Administration Building, "Red Auditorium," on June 3 the meeting will be held in the Administration Building, "Green Auditorium," and on June 4, 1993 in the Administration Building, Lecture Room "B." Submissions (as described below), including copyright waiver if required, should be addressed to: Cryptographic Issue Statements, Computer System Security and Privacy Advisory Board, Technology Building, Room B-154, National Institute of Standards and Technology, Gaithersburg, MD, 20899 or via FAX to 301/948-1784. Submissions, including copyright waiver if required, may also be sent electronically to "crypto at csrc.ncsl.nist.gov". AGENDA: - Welcome and Review of Meeting Agenda - Government-developed "Key Escrow" Chip Announcement Review - Discussion of Escrowed Cryptographic Key Technologies - Review of Submitted Issue Papers - Position Presentations & Discussion - Public Participation - Annual Report and Pending Business - Close PUBLIC PARTICIPATION: This Advisory Board meeting will be devoted to the issue of the Administration's recently announced government-developed "key escrow" chip cryptographic technology and, more broadly, to public use of cryptography and government cryptographic policies and regulations. The Board has been asked by NIST to obtain public comments on this matter for submission to NIST for the national review that the Administration's has announced it will conduct of cryptographic-related issues. Therefore, the Board is interested in: 1) obtaining public views and reactions to the government-developed "key escrow" chip technology announcement, "key escrow" technology generally, and government cryptographic policies and regulations 2) hearing selected summaries of written views that have been submitted, and 3) conducting a general discussion of these issues in public. The Board solicits all interested parties to submit well-written, concise issue papers, position statements, and background materials on areas such as those listed below. Industry input is particularly encouraged in addressing the questions below. Because of the volume of responses expected, submittors are asked to identify the issues above to which their submission(s) are responsive. Submittors should be aware that copyrighted documents cannot be accepted unless a written waiver is included concurrently with the submission to allow NIST to reproduce the material. Also, company proprietary information should not be included, since submissions will be made publicly available. This meeting specifically will not be a tutorial or briefing on technical details of the government-developed "key escrow" chip or escrowed cryptographic key technologies. Those wishing to address the Board and/or submit written position statements are requested to be thoroughly familiar with the topic and to have concise, well-formulated opinions on its societal ramifications. Issues on which comments are sought include the following: 1. CRYPTOGRAPHIC POLICIES AND SOCIAL/PUBLIC POLICY ISSUES Public and Social policy aspects of the government-developed "key escrow" chip and, more generally, escrowed key technology and government cryptographic policies. Issues involved in balancing various interests affected by government cryptographic policies. 2. LEGAL AND CONSTITUTIONAL ISSUES Consequences of the government-developed "key escrow" chip technology and, more generally, key escrow technology and government cryptographic policies. 3. INDIVIDUAL PRIVACY Issues and impacts of cryptographic-related statutes, regulations, and standards, both national and international, upon individual privacy. Issues related to the privacy impacts of the government-developed "key escrow" chip and "key escrow" technology generally. 4. QUESTIONS DIRECTED TO AMERICAN INDUSTRY 4.A Industry Questions: U.S. Export Controls 4.A.1 Exports - General What has been the impact on industry of past export controls on products with password and data security features for voice or data? Can such an impact, if any, be quantified in terms of lost export sales or market share? If yes, please provide that impact. How many exports involving cryptographic products did you attempt over the last five years? How many were denied? What reason was given for denial? Can you provide documentation of sales of cryptographic equipment which were lost to a foreign competitor, due solely to U.S. Export Regulations. What are the current market trends for the export sales of information security devices implemented in hardware solutions? For software solutions? 4.A.2 Exports - Software If the U.S. software producers of mass market or general purpose software (word processing, spreadsheets, operating environments, accounting, graphics, etc.) are prohibited from exporting such packages with file encryption capabilities, what foreign competitors in what countries are able and willing to take foreign market share from U.S. producers by supplying file encryption capabilities? What is the impact on the export market share and dollar sales of the U.S. software industry if a relatively inexpensive hardware solution for voice or data encryption is available such as the government-developed "key escrow" chip? What has been the impact of U.S. export controls on COMPUTER UTILITIES software packages such as Norton Utilities and PCTools? What has been the impact of U.S. export controls on exporters of OTHER SOFTWARE PACKAGES (e.g., word processing) containing file encryption capabilities? What information does industry have that Data Encryption Standard (DES) based software programs are widely available abroad in software applications programs? 4.A.3 Exports - Hardware Measured in dollar sales, units, and transactions, what have been the historic exports for: Standard telephone sets Cellular telephone sets Personal computers and work stations FAX machines Modems Telephone switches What are the projected export sales of these products if there is no change in export control policy and if the government- developed "key escrow" chip is not made available to industry? What are the projected export sales of these products if the government-developed "key escrow" chip is installed in the above products, the above products are freely available at an additional price of no more than $25.00, and the above products are exported WITHOUT ADDITIONAL LICENSING REQUIREMENTS? What are the projected export sales of these products if the government-developed "key escrow" chip is installed in the above products, the above products are freely available at an additional price of no more than $25.00, and the above products are to be exported WITH AN ITAR MUNITIONS LICENSING REQUIREMENT for all destinations? What are the projected export sales of these products if the government-developed "key escrow" chip is installed in the above products, the above products are freely available at an additional price of no more than $25.00, and the above products are to be exported WITH A DEPARTMENT OF COMMERCE LICENSING REQUIREMENT for all destinations? 4.A.4 Exports - Advanced Telecommunications What has been the impact on industry of past export controls on other advanced telecommunications products? Can such an impact on the export of other advanced telecommunications products, if any, be quantified in terms of lost export sales or market share? If yes, provide that impact. 4.B Industry Questions: Foreign Import/Export Regulations How do regulations of foreign countries affect the import and export of products containing cryptographic functions? Specific examples of countries and regulations will prove useful. 4.C Industry Questions: Customer Requirements for Cryptography What are current and future customer requirements for information security by function and industry? For example, what are current and future customer requirements for domestic banking, international banking, funds transfer systems, automatic teller systems, payroll records, financial information, business plans, competitive strategy plans, cost analyses, research and development records, technology trade secrets, personal privacy for voice communications, and so forth? What might be good sources of such data? What impact do U.S. Government mandated information security standards for defense contracts have upon demands by other commercial users for information security systems in the U.S.? In foreign markets? What threats are your product designed to protect against? What threats do you consider unaddressed? What demand do you foresee for a) cryptographic only products, and b) products incorporating cryptography in: 1) the domestic market, 2) in the foreign-only market, and 3) in the global market? 4.D Industry Questions: Standards If the European Community were to announce a non-DES, non-public key European Community Encryption Standard (ECES), how would your company react? Include the new standard in product line? Withdraw from the market? Wait and see? What are the impacts of government cryptographic standards on U.S. industry (e.g., Federal Information Processing Standard 46-1 [the Data Encryption Standard] and the proposed Digital Signature Standard)? 5. QUESTIONS DIRECTED TO THE AMERICAN BUSINESS COMMUNITY 5.A American Business: Threats and Security Requirements Describe, in detail, the threat(s), to which you are exposed and which you believe cryptographic solutions can address. Please provide actual incidents of U.S. business experiences with economic espionage which could have been thwarted by applications of cryptographic technologies. What are the relevant standards of care that businesses must apply to safeguard information and what are the sources of those standards other than Federal standards for government contractors? What are U.S. business experiences with the use of cryptography to protect against economic espionage, (including current and projected investment levels in cryptographic products)? 5.B American Business: Use of Cryptography Describe the types of cryptographic products now in use by your organization. Describe the protection they provide (e.g., data encryption or data integrity through digital signatures). Please indicate how these products are being used. Describe any problems you have encountered in finding, installing, operating, importing, or exporting cryptographic devices. Describe current and future uses of cryptographic technology to protect commercial information (including types of information being protected and against what threats). Which factors in the list below inhibit your use of cryptographic products? Please rank: -- no need -- no appropriate product on market -- fear of interoperability problems -- regulatory concerns -- a) U.S. export laws -- b) foreign country regulations -- c) other -- cost of equipment -- cost of operation -- other Please comment on any of these factors. In your opinion, what is the one most important unaddressed need involving cryptographic technology? Please provide your views on the adequacy of the government-developed "key escrow" chip technological approach for the protection of all your international voice and data communication requirements. Comments on other U.S. Government cryptographic standards? 6. OTHER Please describe any other impacts arising from Federal government cryptographic policies and regulations. Please describe any other impacts upon the Federal government in the protection of unclassified computer systems. Are there any other comments you wish to share? The Board agenda will include a period of time, not to exceed ten hours, for oral presentations of summaries of selected written statements submitted to the Board by May 27, 1993. As appropriate and to the extent possible, speakers addressing the same topic will be grouped together. Speakers, prescheduled by the Secretariat and notified in advance, will be allotted fifteen to thirty minutes to orally present their written statements. Individuals and organizations submitting written materials are requested to advise the Secretariat if they would be interested in orally summarizing their materials for the Board at the meeting. Another period of time, not to exceed one hour, will be reserved for oral comments and questions from the public. Each speaker will be allotted up to five minutes; it will be necessary to strictly control the length of presentations to maximize public participation and the number of presentations. Except as provided for above, participation in the Board's discussions during the meeting will be at the discretion of the Designated Federal Official. Approximately thirty seats will be available for the public, including three seats reserved for the media. Seats will be available on a first-come, first-served basis. FOR FURTHER INFORMATION CONTACT: Mr. Lynn McNulty, Executive Secretary and Associate Director for Computer Security, Computer Systems Laboratory, National Institute of Standards and Technology, Building 225, Room B154, Gaithersburg, Maryland 20899, telephone: (301) 975-3240. SUPPLEMENTARY INFORMATION: Background information on the government- developed "key escrow" chip proposal is available from the Board Secretariat; see address in "for further information" section. Also, information on the government-developed "key escrow" chip is available electronically from the NIST computer security bulletin board, phone 301-948-5717. The Board intends to stress the public and social policy aspects, the legal and Constitutional consequences of this technology, and the impacts upon American business and industry during its meeting. It is the Board's intention to create, as a product of this meeting, a publicly available digest of the important points of discussion, conclusions (if any) that might be reached, and an inventory of the policy issues that need to be considered by the government. Within the procedures described above, public participation is encouraged and solicited. /signed/ Raymond G. Kammer, Acting Director May 10, 1993 8<--------- End forwarded message ---------------- I didn't see "Clipper" or "Capstone" or "SkipJack" mention once in the entire post. What did they do -- drop the name? I'm starting on my own submission for presentation tonight... Cheers. Paul Ferguson | Boycott AT&T, Network Integrator | Write your elected Centreville, Virginia USA | Representatives. fergp at sytex.com | Do the right thing. Just say "NO" to the Wiretap (Clipper/Capstone) Chip(s) I love my country, but I fear its government. From 72114.1712 at CompuServe.COM Tue May 11 15:52:39 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Tue, 11 May 93 15:52:39 PDT Subject: CALLER ID? Message-ID: <930511191724_72114.1712_FHF57-1@CompuServe.COM> _________________________________________________________________ SANDY SANDFORT ssandfort at attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Cypherpunks, You think CALLER ID isn't available where you live? Think again. Any time you call an 800 number, regardless of where you live, your number is captured by ANI (Automatic Number Identification) and given to the owners of the 800 number. This includes the various "crime stopper" snitch lines that claim "we don't want your name, just the pusher's." A special 800 number has been set up to demonstrate this. It's: 1-800-235-1414 Call it, and it will recite your phone number back to you. It then gives a pitch for two worthwhile items--a 900 phone number service that lets you make calls which cannot be traced by ANI, and FULL DISCLOSURE, a privacy oriented magazine. If you leave your name and address, you will be sent FULL DISCLOSURE info. Check it out, S a n d y (arbitration volunteer) >>>>>>>> Please address e-mail to: ssandfort at attmail.com <<<<<<<< _________________________________________________________________ From spencew at BIX.com Tue May 11 16:14:14 1993 From: spencew at BIX.com (spencew at BIX.com) Date: Tue, 11 May 93 16:14:14 PDT Subject: Unsubscribe Message-ID: <9305111905.memo.22609@BIX.com> Please remove me from the list. Spencer K. Whetstone From jet at nas.nasa.gov Tue May 11 17:25:45 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Tue, 11 May 93 17:25:45 PDT Subject: CALLER ID? In-Reply-To: <930511191724_72114.1712_FHF57-1@CompuServe.COM> Message-ID: <9305120025.AA27965@boxer.nas.nasa.gov> Sandy writes: > Call it, and it will recite your phone number back to you. It Too bad it gets the wrong number for my work #: My number: 415.604.4311. The number it claims I'm at: 415.967.7227 (No one answers the second number, fyi.) From markh at wimsey.bc.ca Tue May 11 17:42:23 1993 From: markh at wimsey.bc.ca (Mark C. Henderson) Date: Tue, 11 May 93 17:42:23 PDT Subject: [Torbjorn Granlund: GNU Multiple Precision Arithmetic Library] Message-ID: > It might be interesting to compare the speed of this library with the > speed of the multiprecision code in RSAREF and in PGP. May the fastest > library win! > > John > > ------- Forwarded Message > > To: info-gnu at prep.ai.mit.edu, bug-gnu-utils at prep.ai.mit.edu > Subject: GNU Multiple Precision Arithmetic Library > Date: Mon, 10 May 1993 16:35:35 +0200 > From: Torbjorn Granlund > > Version 1.3 of the GNU Multiple Precision Arithmetic Library is now > available for anonymous ftp from prep.ai.mit.edu as /pub/gnu/gmp-1.3.tar.z. Well, I've done some comparison between gmp 1.3 and RSAREF (as distributed with RIPEM 1.07) on a RS6000/320 The key generation speeds turned out to be almost exactly the same using the "aixgcc/xlc mixed" version of RSAREF/RIPEM and gmp compiled entirely with IBM's xlc compiler. (for those who haven't poked around in RIPEM, I'll say that this RS6000 version of RIPEM uses the "long long" data type to get 32 bit by 32 bit multiplications with 64 bit results quickly). So, it wouldn't surprise me if some clever person could optimize gmp for the RS6000 and end up with something faster than what's provided in RIPEM 1.07. Mark -- Mark Henderson markh at wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From tcmay at netcom.com Tue May 11 17:42:44 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 11 May 93 17:42:44 PDT Subject: BYTE article In-Reply-To: <23051116244656@vms2.macc.wisc.edu> Message-ID: <9305120043.AA07654@netcom3.netcom.com> Matt M. writes: > I think they could use some refining. The author is Peter Wayner and can be > reached at pcw at access.digex.com. Take it easy on him, I think he is really > trying to struggle with issues that we understand already. Lets school 'im guys > (and gals). > I suspect Peter will also comment on this! Peter Wayner is a member of this very list. (I know this from reading his posts, not from seeing the distribution list, which I haven't.) The article was excellent, in my opinion. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. From nmh at thumper.bellcore.com Tue May 11 17:52:46 1993 From: nmh at thumper.bellcore.com (Neil Haller) Date: Tue, 11 May 93 17:52:46 PDT Subject: CALLER ID? Message-ID: <9305120052.AA10916@latour.bellcore.com> That means your office is served by a PBX. With PBX service you have some incoming trunks and outgoing trunks (technically they are lines, but let's ignore that). The number of lines in your company is much greater than the number of incoming and outgoing trunks. The ANI data is the line id of your outgoing trunk. Incoming calls must pass your extension id and connect through an incoming trunk. Neil From MJMISKI at macc.wisc.edu Tue May 11 18:49:22 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Tue, 11 May 93 18:49:22 PDT Subject: BYTE article Message-ID: <23051120482662@vms2.macc.wisc.edu> Shheeesh. I wasnt even implying the article was bad. To the contrary it was one of the best mainstream articles I have ever seen on the subject. That is why I posted the note to the list. I thought some list members could find the explanations useful. The refinement I was refering to was the authors implied acceptance of Micali's "fair crypto system" as a "solution". I could be wrong, and Im sure I will be corrected if i am, but my feelings were that this system still depended on the trustworthiness of the branches to which the "pieces" of your key would be distributed. If these were all TLAs, we still have a Denning problem, no? I thought I made it clear in the last post that i thought that the article was very good. If not I am sorry. And if your listening Peter, Great Article! --------------------------------------- Matt (Respectfully Questioning in part) mjmiski at macc.wisc.edu From ral at telerama.pgh.pa.us Tue May 11 19:55:18 1993 From: ral at telerama.pgh.pa.us (Robert Luscombe) Date: Tue, 11 May 93 19:55:18 PDT Subject: PGP for 4.3 BSD Unix Message-ID: I want to install PGP 2.2 in my Unix account, and may need some assistance. I have never needed to compile anything before, and need some guidance. Actually, if someone has an executable for 4.3 BSD, that is all i really need. Otherwise, would anyone care to help? I really don't know what other info i need to provide to make this easier... i did see in the makefile.unx that there was a target for BSD with gcc; gcc -v here shows that version 2.3.3 is here. Email me if anyone can help. Thanks, bob BTW- Thanks to Eric Hughes for helping me install some stuff. It seems like cypherpunks is a list where people don't only talk, they actually accomplish something, thanks to people like Eric. --Robert Luscombe------------------------------------------------------ - Internet: ral at telerama.pgh.pa.us Voice:412/488-0941 - - robert at well.sf.ca.us (Finger for PGP Pub Key) - ----------------------------------------------------------------------- From markh at wimsey.bc.ca Tue May 11 22:54:49 1993 From: markh at wimsey.bc.ca (Mark C. Henderson) Date: Tue, 11 May 93 22:54:49 PDT Subject: [Torbjorn Granlund: GNU Multiple Precision Arithmetic Library] Message-ID: > Well, I've done some comparison between gmp 1.3 and RSAREF (as distributed > with RIPEM 1.07) on a RS6000/320 > > The key generation speeds turned out to be almost exactly the same using > the "aixgcc/xlc mixed" version of RSAREF/RIPEM and gmp compiled entirely > with IBM's xlc compiler. > > (for those who haven't poked around in RIPEM, I'll say that this RS6000 > version of RIPEM uses the "long long" data type to get 32 bit by 32 bit > multiplications with 64 bit results quickly). > > So, it wouldn't surprise me if some clever person could optimize > gmp for the RS6000 and end up with something faster than what's > provided in RIPEM 1.07. In fact, after reading some code, I noticed the optimisations are in there, if one compiles with gcc (a few bytes of RS6k assembler makes a significant difference!). Anyway, the particular benchmark I'm playing with (key generation) is now about 20% faster with gmp than with the routines provided with RIPEM. Mark -- Mark Henderson markh at wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From gg at well.sf.ca.us Wed May 12 02:21:41 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Wed, 12 May 93 02:21:41 PDT Subject: CALLER ID? Message-ID: <199305120921.AA05565@well.sf.ca.us> Getting the wrong number: That can happen if you're in a PBX with a separate outgoing and incoming trunk group. Particularly if your incoming number is a Direct Inward Dialing (DID) number, which means that people in the Outside World can call right to your desk by dialing (area code +) 7-digits. There is no facility on most PBXs to have DID numbers or other station directory numbers follow outgoing calls, though you might have a call accounting system hooked up to provide information to your company about which extensions are making which outside calls; but again, that's entirely within your own system. If you do have an outgoing trunk group, I would advise setting it up so that incoming calls on that group at least ring to the receptionist's console, and then give out those numbers to company folks who might have reason to need a way to get through in a pinch if everything else is down. Also the outgoing group will be regular loop- or ground-start trunks, and as a last-ditch backup you can terminate them on single-line jacks for use with emergency phones in case of a system crash or an extended power failure. You can also use the outgoing group to provide night service, where calls to various lines in that group would ring to specified extensions in the areas where people may be working after hours. -gg From eaeu362 at orion.oac.uci.edu Wed May 12 11:21:37 1993 From: eaeu362 at orion.oac.uci.edu (Satan) Date: Wed, 12 May 93 11:21:37 PDT Subject: CALLER ID? In-Reply-To: <199305120921.AA05565@well.sf.ca.us> Message-ID: <199305121821.AA13501@orion.oac.uci.edu> well i have the same problem because i am also on a pbx system where you can call me by extension inside or the 7 digit outside but isnt/wasnt there a phone company number you could call i forget what it was 631 4231 or something? hell.. and besides.. 800 numbers get your phone number the same way your caller gets your number when you call collect THEY ARE PAYING FOR THE CALL they kinda have a right to know what they are paying for From peb at PROCASE.COM Wed May 12 12:00:25 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Wed, 12 May 93 12:00:25 PDT Subject: The Halting Problem Message-ID: <9305121900.AA09630@banff> It occurred to me that determining whether a set of random bytes is actually a crypto message could be reduced to the halting problem. Given this, it would be theoretically impossible to prove that an uncrackable message was indeed a crypto message. The revelation here (for me, anyway) is that if arbitrary crypto were made illegal, the burden of proof would be on the prosecution which would have to crack the message (at least partially). Paul E. Baclace peb at procase.com From mrnoise at econs.umass.edu Wed May 12 12:07:33 1993 From: mrnoise at econs.umass.edu (Mr. Noise) Date: Wed, 12 May 93 12:07:33 PDT Subject: CALLER ID? Message-ID: <9305121907.AA21109@titan.ucs.umass.edu> > and besides.. 800 numbers get your phone number the > same way your caller gets your number when you call collect > THEY ARE PAYING FOR THE CALL > they kinda have a right to know what they are paying for Maybe...but what about 'crisis hotlines' and number for 'anonymous referrals'? The average person is probably unaware that the folks at the 800 number they're calling can get their number... From mrnoise at econs.umass.edu Wed May 12 12:31:13 1993 From: mrnoise at econs.umass.edu (Mr. Noise) Date: Wed, 12 May 93 12:31:13 PDT Subject: Phil Zimmerman on the Radio Message-ID: <9305121931.AA22199@titan.ucs.umass.edu> > FYI, for those of you in the NYC area, I'm going to be conducting a > brief interview with Phil Zimmerman (author of PGP) on my radio show > tomorrow to discuss the recent NSA/Big Brother crypto developments > (see the front page of today's New York Times). > > WFMU, East Orange, NJ, 91.1 FM. My show airs from noon-3:00 local time, > and the interview will start at around 1:00. > > N.B.: I will NOT be taping the show, so I can't make tapes for anyone. > Anyone else listening is free to make copies and do whatever they want > with them, of course. ACK! My mailbox has been so backlogged that I read this message a month late! *Did* anyone tape the show? I'd really like a copy...maybe to replay on the radio at WCNI (New London, 91.1) if it's really good (if that's o.k....?)... If someone has a tape, please let me know at mrnoise at econs.umass.edu, or if you're feeling both ambitious & altruistic, please mail a copy to me at P.O. Box 109, Bozrah, CT...I'll mail you back $$ for the tape & postage. Thanks in advance for any help on this one... From x62727g2 at usma8.USMA.EDU Wed May 12 13:05:01 1993 From: x62727g2 at usma8.USMA.EDU (Gatlin Anthony CDT) Date: Wed, 12 May 93 13:05:01 PDT Subject: Publications Message-ID: <9305121958.AA14189@usma8.usma.edu> Greetings fellow crypto warriors, I am attempting to locate several publications to see if they are still in existence and where I might them or archives of previous issues. The publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone knows where I might be able to obtain these or similar publications, please let me know. Also, does anyone know where any "interesting" ftp sites which carry files or other data related to these type publications? Thanks, Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From stig at netcom.com Wed May 12 13:14:45 1993 From: stig at netcom.com (Jonathan Stigelman) Date: Wed, 12 May 93 13:14:45 PDT Subject: CALLER ID? Message-ID: <9305122015.AA24570@netcom.netcom.com> > From: Satan > Subject: Re: CALLER ID? > > and besides.. 800 numbers get your phone number the > same way your caller gets your number when you call collect > THEY ARE PAYING FOR THE CALL > they kinda have a right to know what they are paying for > You're confused or you miswrote: 800 number owners pay for your calls, people with caller ID boxes do not. So, do you think that the "privacy protecting 900 number" ($2/min) uses your number (remember that they DO have it) for privacy junk mailing purposes? Stig >> Jonathan Stigelman, stig at netcom.com, PGP key on request << From mab at crypto.com Wed May 12 13:26:22 1993 From: mab at crypto.com (Matt Blaze) Date: Wed, 12 May 93 13:26:22 PDT Subject: The Halting Problem In-Reply-To: <9305121900.AA09630@banff> Message-ID: <9305122009.AA08373@crypto.com> > >It occurred to me that determining whether a set of random bytes is >actually a crypto message could be reduced to the halting problem. >Given this, it would be theoretically impossible to prove that an >uncrackable message was indeed a crypto message. The revelation here >(for me, anyway) is that if arbitrary crypto were made illegal, the >burden of proof would be on the prosecution which would have to crack >the message (at least partially). > > >Paul E. Baclace >peb at procase.com > I don't see how determining that a particular string is an encrypted message reduces to the halting problem. For an arbitrary cipher, you can't prove anything about any given potential ciphertext, since the cipher could be a one-time pad. (for one time pads, where keylength=message length, any string can encrypt to any other string by selecting the right key). So it's true that you can't prove anything about arbitrary ciphertext, but that doesn't involve the halting problem. If the cipher is known, on the other hand, there are perfectly deterministic methods to determine whether a particular ciphertext may coresponds to some given plaintext, simply by exhaustive search of the keyspace. However, I do agree with your basic conclusion - there is no way to determine, by the bitstream alone, whether something has been encrypted with an arbitrary cipher. -matt From eric at Synopsys.COM Wed May 12 13:27:51 1993 From: eric at Synopsys.COM (eric at Synopsys.COM) Date: Wed, 12 May 93 13:27:51 PDT Subject: CALLER ID? In-Reply-To: <930511191724_72114.1712_FHF57-1@CompuServe.COM> Message-ID: <199305122027.AA11739@gaea.synopsys.com> >>>>> On 11 May 93 15:17:25 EDT, Sandy <72114.1712 at compuserve.com> said: SS> A special 800 number has been set up to demonstrate this. It's: SS> 1-800-235-1414 SS> Call it, and it will recite your phone number back to you. The voice at the other end laughed and said "This wouldn't happen to be YOUR phone number, would it?". I had to laugh back, because it wasn't. This is a great way to find out just how much information they really are getting about you. I work for a company with several hundred employees, and when I called, it recited the company's main switchboard number. Without my company's cooperation, there'd be no way for trace a particular call back to me. Does our phone system even log 800 number calls? I don't know. -eric messick (eric at synopsys.com) From peb at PROCASE.COM Wed May 12 13:47:56 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Wed, 12 May 93 13:47:56 PDT Subject: The Halting Problem Message-ID: <9305122047.AA09694@banff> >From mab at crypto.com Wed May 12 13:26:04 1993 >I don't see how determining that a particular string is an encrypted >message reduces to the halting problem. Consider that the cyphertext is a program for an abstract machine called the cyphercracker which returns TRUE if a message is encoded otherwise FALSE. Such a system for determining message-ness could take an arbitrary amount of cpu time and no amount of static analysis could determine the return value quicker. Paul E. Baclace peb at procase.com From Brian.Hawthorne at East.Sun.COM Wed May 12 13:48:44 1993 From: Brian.Hawthorne at East.Sun.COM (Brian Holt Hawthorne - SunSelect Engineering) Date: Wed, 12 May 93 13:48:44 PDT Subject: The Halting Problem Message-ID: <9305122045.AA01782@sea.East.Sun.COM> > The revelation here > (for me, anyway) is that if arbitrary crypto were made illegal, the > burden of proof would be on the prosecution which would have to crack > the message (at least partially). I believe the burden would actually be on them to crack the message entirely. Otherwise, you are applying arbitrary algorithms to what may be a random stream. If you get something comprehensible out, you have either partially cracked the message, or run into the British Museum problem (AKA 100 monkeys with typewriters). From marc at GZA.COM Wed May 12 14:40:58 1993 From: marc at GZA.COM (Marc Horowitz) Date: Wed, 12 May 93 14:40:58 PDT Subject: The Halting Problem In-Reply-To: <9305122045.AA01782@sea.East.Sun.COM> Message-ID: <9305122140.AA11117@dun-dun-noodles.aktis.com> This is all very nice. But if the government can get away with outlawing crypto, it's a simple matter for them to outlaw any stream of data they can't read or don't like. And who says that the burden of proof will remain on them? Think about RICO. You're not necessarily dealing with rational, technically aware people. You're dealing with law enforcement, judges, and juries. Is this paranoia? Maybe. There was recently a series of stories on RISKS recently about people who had warrants issued and their houses entered on the basis of unusual electrical consumption or heat output. Yes, people were monitoring these things. Do you not think that if crypto were outlawed, that they couldn't get a warrant to enter your house or office based on unidentifiable or suspicious data coming out of it? And even if they couldn't prove anything, you still need to convince them to give back your computer and every other piece of digital equipment they confiscated. Steganography is useful to keep them from noticing you. But it's still low-bandwidth, because unless you're in the business of distributing video, you're going to look really strange sending megabytes of gif's over and over again to the same strange addresses (anonymous remailers). Once they do notice you, you're going to have to be a lot more careful. I see steganography to be useful in sending short messages, once codewords, etc. have been agreed upon out-of-band. It's just not useful for anything like the cypherpunks mailing list, or even for personal messages unless it is used sparingly. Marc From marc at GZA.COM Wed May 12 14:49:10 1993 From: marc at GZA.COM (Marc Horowitz) Date: Wed, 12 May 93 14:49:10 PDT Subject: The Halting Problem In-Reply-To: <9305122047.AA09694@banff> Message-ID: <9305122149.AA11140@dun-dun-noodles.aktis.com> >> Consider that the cyphertext is a program for an abstract machine >> called the cyphercracker which returns TRUE if a message is encoded >> otherwise FALSE. Such a system for determining message-ness could >> take an arbitrary amount of cpu time and no amount of static >> analysis could determine the return value quicker. Nope. Such a system will take no more than O(2^n) time, where n is the number of bits in the key. You can never do worse than brute-force. Now, you still might not be able to determine if a message is encoded, since maybe I was just encoding true random noise from a radioactive source. And you might have false positives, too, esp. with one-time pads. But it will always halt. The failure modes have nothing to do with the halting problem, they have to do with the fact that is-encoded(message) cannot be formally defined. Marc From eaeu362 at orion.oac.uci.edu Wed May 12 14:59:19 1993 From: eaeu362 at orion.oac.uci.edu (Satan) Date: Wed, 12 May 93 14:59:19 PDT Subject: CALLER ID? Message-ID: <199305122136.AA02867@orion.oac.uci.edu> > You're confused or you miswrote: 800 number owners pay for your calls, > people with caller ID boxes do not. > > So, do you think that the "privacy protecting 900 number" ($2/min) uses > your number (remember that they DO have it) for privacy junk mailing > purposes? i realize that caller ID box owners are not paying for your call but this system was talking about 800 numbers two things i will grant 1) most 800 numbers are pro-watts or whatever it is and pay just one huge charge a month and dont deal with each bill seperately so they dont get charged for your specific call BUT it is a great way to get marketting stuff ive wroked for companies that do that 2) most peopel dont know that an 800 number isnt anonymous but that goes to educating the public and i really dont think the public cares enough to want to know From Marc.Ringuette at GS80.SP.CS.CMU.EDU Wed May 12 15:16:57 1993 From: Marc.Ringuette at GS80.SP.CS.CMU.EDU (Marc.Ringuette at GS80.SP.CS.CMU.EDU) Date: Wed, 12 May 93 15:16:57 PDT Subject: The Halting Problem Message-ID: <9305122216.AA16730@toad.com> peb> It occurred to me that determining whether a set of random bytes is peb> actually a crypto message could be reduced to the halting problem. I think I can prove this can't be done for most kinds of messages. For a wide range of cases we can know trivially that decryption is in NP. The line of reasoning is this: one definition of the class NP is the class of all problems whose solutions can be verified in polynomial time. So for any encryption method which allows the recipient to verify in polynomial time that his decryption is the only possible intended message, we know that the decryption problem is in NP. These conditions are met in the following cases: - Conventional public key encryption - Any cryptosystem with a short key and a space of allowable messages which is sparse enough that there's a low probability of two messages corresponding to the same ciphertext. This includes most cases in which a digital signature or CRC is added to the end of a message. -- Marc Ringuette (mnr at cs.cmu.edu) From mab at crypto.com Wed May 12 15:46:01 1993 From: mab at crypto.com (Matt Blaze) Date: Wed, 12 May 93 15:46:01 PDT Subject: The Halting Problem In-Reply-To: <9305122047.AA09694@banff> Message-ID: <9305122233.AA08689@crypto.com> >>From mab at crypto.com Wed May 12 13:26:04 1993 > >>I don't see how determining that a particular string is an encrypted >>message reduces to the halting problem. > >Consider that the cyphertext is a program for an abstract machine >called the cyphercracker which returns TRUE if a message is encoded >otherwise FALSE. Such a system for determining message-ness could >take an arbitrary amount of cpu time and no amount of static >analysis could determine the return value quicker. > > >Paul E. Baclace >peb at procase.com > > Well, that formulation is a bit fuzzy, but I think you've got your reduction technique backwards. To reduce something to the halting problem, you need to show that you could use a machne that solves your problem to solve halting, not the other way around. -matt From karn at qualcomm.com Wed May 12 15:50:22 1993 From: karn at qualcomm.com (Phil Karn) Date: Wed, 12 May 93 15:50:22 PDT Subject: CALLER ID? Message-ID: <9305122249.AA00229@servo> Interesting. As expected, when I called 1-800-235-1414 from a PBX extension here at work, it read back the trunk number, not my actual extension number. The same for a developmental CDMA digital cellphone, since we use PBX-style trunks from our switch. But when I called it from a conventional AMPS (FM) cell phone using Pac Tel Cellular, I also got a number that was different than my mobile's real number. And when I called it back, I got a number-not-valid intercept. Interesting. Apparently one real cellular switch also looks like a PBX as far as ANI goes. I wonder how widespread this is. Anybody with a cell phone on a service other than Pac Bell who is willing to give it a try? Phil From pmetzger at lehman.com Wed May 12 16:08:32 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 12 May 93 16:08:32 PDT Subject: CALLER ID? In-Reply-To: <9305122249.AA00229@servo> Message-ID: <9305122308.AA00601@snark.shearson.com> Phil Karn says: > Interesting. As expected, when I called 1-800-235-1414 from a PBX > extension here at work, it read back the trunk number, not my actual > extension number. The same for a developmental CDMA digital > cellphone, since we use PBX-style trunks from our switch. > > But when I called it from a conventional AMPS (FM) cell phone using > Pac Tel Cellular, I also got a number that was different than my > mobile's real number. And when I called it back, I got a > number-not-valid intercept. > > Interesting. Apparently one real cellular switch also looks like a PBX > as far as ANI goes. I wonder how widespread this is. Anybody with a > cell phone on a service other than Pac Bell who is willing to give it > a try? I have an even stranger datum to report -- when called from the ISDN PBX here, ANI gets not just the building trunks but *MY* phone number. Yes, it got the extension right, on the other side of the PBX. Hmmm... .pm From peb at PROCASE.COM Wed May 12 17:01:21 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Wed, 12 May 93 17:01:21 PDT Subject: The Halting Problem Message-ID: <9305130000.AA09703@banff> >From pmetzger at lehman.com Wed May 12 15:28:22 1993 >you missed the word "particular". Well, I was considering this an unknown--that is, the cryptoanalyzer does *not* know the particular Turing machine, so it is an arbitrary machine, although the program is finite. That is, I am suggesting a decrypt-machine that is turing-complete, however, as: >From: Marc.Ringuette at GS80.SP.CS.CMU.EDU points out: >So for >any encryption method which allows the recipient to verify in polynomial time >that his decryption is the only possible intended message, we know that the >decryption problem is in NP. a practical crypto algorithm must allow decrypt in P time and since NP problems do theoretically halt, then the halting problem is not a blanket defense. The realities Brian.Hawthorne at East.Sun.COM mentions are all too real: Anonymous remailers could be effectively broken by requiring tracability (say, they way banks must fill out special forms for any transaction over $10k (which is why Oliver North sent money to the Contras in $9.7k packets)); in the same law, the remailer would be shut down if it did not comply. I think the widespread use of video phones would make steganography easier, however. Paul E. Baclace peb at procase.com From rjc at gnu.ai.mit.edu Wed May 12 17:50:18 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Wed, 12 May 93 17:50:18 PDT Subject: CALLER ID? In-Reply-To: <199305122136.AA02867@orion.oac.uci.edu> Message-ID: <9305130049.AA90390@hal.gnu.ai.mit.edu> I sent out a reply to this thread by replied normally instead of with group reply (I'm so used to the extropians list automatically changing the Reply-To). Could the person who received this message forward it to the list? -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From speth at cats.UCSC.EDU Wed May 12 18:14:54 1993 From: speth at cats.UCSC.EDU (speth at cats.UCSC.EDU) Date: Wed, 12 May 93 18:14:54 PDT Subject: CALLER ID? Message-ID: <9305130114.AA27275@am.ucsc.edu> Years ago, when I crossed the country with a regular cell-phone, I tried calling another ANI demo at points along the way. The result was just the same, in a couple different calling areas: the demo always read back some strange number with the area code of the place I was in. I figured it must just go out of some line at the cell-site like a regular phone call. I never tried calling the number that was read back though. ________________________________________________________________________________ james speth email for pgp compatible public-key speth at cats.ucsc.edu ________________________________________________________________________________ Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you... AT&T From tcmay at netcom.com Wed May 12 18:36:45 1993 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 12 May 93 18:36:45 PDT Subject: The Halting Problem Message-ID: <9305130136.AA09123@netcom.netcom.com> >It occurred to me that determining whether a set of random bytes is >actually a crypto message could be reduced to the halting problem. >Given this, it would be theoretically impossible to prove that an >uncrackable message was indeed a crypto message. The revelation here >(for me, anyway) is that if arbitrary crypto were made illegal, the >burden of proof would be on the prosecution which would have to crack >the message (at least partially). > >Paul E. Baclace Sorry I was out today and missed the halting problem debate! Paul's intuition (or perhaps proof) is correct, at least according to a paper Len Adleman wrote some years back, showing this. (I don't have the paper, but I heard Len describe the results at the Crypto '88 Conference. As with most such results, the result probably depends on a very careful statement of what the terms mean, so take my comments as being only indicative of the flavor of the results.) What follows is not from Adleman's talk or paper, but from information theory. The Kolmogorov-Chaitin view of "randomness" is very similar in spirit: how does one know whether a sequence/string is "effectively random" (short definition: effectively random means there is no shorter description of a sequence than itself) or is instead describable by some shorter sequence? Thus the string "31415926535897932384626433" is recognizable to most agents (people, smart programs) as the first 25 digits of pi (however, it *could* be something else, but I won't get into that right now). But the string "67902371045873651853" is probably not recognizable as anything other than this string. Kolmogorov complexity is defined as the length of the shortest programs which can generate (print) the object. Thus, "alternating 1s and Os" is very short, "the digits of pi" is slightly longer, and the digit mentioned above ("679023...") may not have any shorter program than itself. (The famous Berry Paradox enters here: "The shortest not nameable in under ten words." Does this number exist? If so, what is it?) Finding the generating program is very similar to decrypting a message (I suspect there's a way to formalize the equivalence of encryption and Kolmogorov complexity, beyond this admitted hand-waving, but I don't know it offhand). Strings or expressions which "appear" random but which are actually very regular, or easy to describe, with the proper "key" are called "crypto-regular." Encrypted messages are clearly crypto-regular. Cover and Thomas, in "Elements of Information Theory," 1991, write: "One of the consequences of the non-existence of an algorithm for the halting problem is the non-computability of Kolmogorov complexity. The only way to find the shortest program in general is to try all short programs and see which if them can do the job. However, at any time some of the short programs may not have halted and there is no effective (finite mechanical) way to tell whether they will halt or not and what they will print out. Hence, there is no effective way to find the shortest program to print a given string." (By the way, exhaustive search of a keyspace--as someone suggested--is also not enough, as the cryptostring above (""679023...") may result in several syntactically valid English expressions, such as "attack at dawn," "whopper with fries," "robins migrate peripherally." Knowing when to stop further crypanalysis of a message might be called the "crypto halting problem.") Fascinating stuff! (To my current thinking, the core of the universe!) I recommend Gregory Chaitin's "Algorithmic Information Theory" and "Algorithms and Randomness." And the Cover and Thomas book. A (mundane) consequence for cypherpunks is that the sending of any random-looking stuff may be banned, someday. (No doubt it is in many countries, if they bother to look. Sending unreadable stuff is grounds for a visit by the Federales.) And clearly even "real messages," like this one, like Peter Wayner's baseball scores, like GIF images, etc., can have messages attached. If simple cryptanalysis reveals simple English-like messages, Occam's razor suggests a decryption has been made. But it can never be known for sure whether other messages exist. --Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement From mdiehl at triton.unm.edu Wed May 12 18:56:10 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 12 May 93 18:56:10 PDT Subject: Publications In-Reply-To: <9305121958.AA14189@usma8.usma.edu> Message-ID: <9305130155.AA03463@triton.unm.edu> > Greetings fellow crypto warriors, > I am attempting to locate several publications to see if they are still > in existence and where I might them or archives of previous issues. The > publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone > knows where I might be able to obtain these or similar publications, please > let me know. Also, does anyone know where any "interesting" ftp sites which > carry files or other data related to these type publications? Please post them to the list. Thanx. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl at triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl at fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From i6t4 at jupiter.sun.csd.unb.ca Wed May 12 21:57:37 1993 From: i6t4 at jupiter.sun.csd.unb.ca (Nickey MacDonald) Date: Wed, 12 May 93 21:57:37 PDT Subject: CALLER ID? In-Reply-To: <9305120025.AA27965@boxer.nas.nasa.gov> Message-ID: It also gets (analog, I don't know if digital is available elsewhere, its not here yet) cellular phones wrong... Apparently it gets the number of one of the towers instead... This may be handy if you want to be anonymous, and you have access to a cellular phone... (And can afford the prime time rates... :-) Its not my phone, I had a friend test it for me... (isn't conference calling wonderful... :-) --- Nick MacDonald | NMD on IRC i6t4 at jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger On Tue, 11 May 1993, J. Eric Townsend wrote: > Too bad it gets the wrong number for my work #: > > My number: 415.604.4311. The number it claims I'm at: 415.967.7227 > (No one answers the second number, fyi.) From jas at netcom.com Wed May 12 23:01:14 1993 From: jas at netcom.com (jas at netcom.com) Date: Wed, 12 May 93 23:01:14 PDT Subject: Talking Chips! Message-ID: <9305130601.AB24838@netcom3.netcom.com> Hiya guys! Does anybody know of or read the book Talking Chips by Nelson Morgan (Mcgraw-Hill). It's supposed to mention something about DSP chips. Can some one tell me something about the book or recommend a reference manual or something close to a ref. man. related to DSP(I need to look up some specs) jas at netcom.com From karn at qualcomm.com Thu May 13 00:11:38 1993 From: karn at qualcomm.com (Phil Karn) Date: Thu, 13 May 93 00:11:38 PDT Subject: CALLER ID? Message-ID: <9305130711.AA03137@servo> Well, gee. If I can avoid caller ID and 800 number ANI by simply using any old cellular carrier for $0.40/minute (cheaper off peak), then why should I pay $1.95/minute for the same service to 1-900-STOPPER? Yeah, I know, that $1.95 probably includes the long distance portion too, but I doubt there are any ordinary domestic calls that cost as much as $1.55/minute... Phil From rjc at gnu.ai.mit.edu Thu May 13 00:28:25 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Thu, 13 May 93 00:28:25 PDT Subject: CALLER ID? In-Reply-To: <9305130711.AA03137@servo> Message-ID: <9305130728.AA49407@hal.gnu.ai.mit.edu> Phil Karn writes: > > Well, gee. If I can avoid caller ID and 800 number ANI by simply using > any old cellular carrier for $0.40/minute (cheaper off peak), then why > should I pay $1.95/minute for the same service to 1-900-STOPPER? > > Yeah, I know, that $1.95 probably includes the long distance portion too, > but I doubt there are any ordinary domestic calls that cost as much as > $1.55/minute... > > Phil I sent this out before, but it got lost. You can avoid ANIs for $0.00 in most areas by dialing your local operator and saying "Could you please dial this 800 number, I am having problems getting through to it." The ANI returns a bogus number, and toll free operator assistance costs nothing here (C&P bell). -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From yerazunis at aidev.enet.dec.com Thu May 13 06:09:28 1993 From: yerazunis at aidev.enet.dec.com (gone, like tears in the rain. 13-May-1993 0910) Date: Thu, 13 May 93 06:09:28 PDT Subject: Caller ID Message-ID: <9305131309.AA19729@enet-gw.pa.dec.com> > You can avoid ANIs for $0.00 in most areas by dialing your local >operator and saying "Could you please dial this 800 number, I am having >problems getting through to it." The ANI returns a bogus number, and >toll free operator assistance costs nothing here (C&P bell). Well, that would be the truth here! I haven't been able to complete the call to the 800 number *yet*. My home phone gets a couple of clicks, and then a fast busy, my work phone goes immediately to fast busy. *sigh* -Bill From MJMISKI at macc.wisc.edu Thu May 13 07:37:50 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Thu, 13 May 93 07:37:50 PDT Subject: CLIP: CNN Message-ID: <23051309332459@vms2.macc.wisc.edu> Cypherpunks, Rumor has it CNN is carrying a clip on the Wiretap Chip Today. (I, Being the poor Law Student that I am, have neither cable nor the time to waatch it). Could someone type up an extract so we can gage our effectiveness? Thanx, Matt From markh at wimsey.bc.ca Thu May 13 11:07:03 1993 From: markh at wimsey.bc.ca (Mark C. Henderson) Date: Thu, 13 May 93 11:07:03 PDT Subject: CALLER ID? Message-ID: > Well, gee. If I can avoid caller ID and 800 number ANI by simply using > any old cellular carrier for $0.40/minute (cheaper off peak), then why > should I pay $1.95/minute for the same service to 1-900-STOPPER? > > Yeah, I know, that $1.95 probably includes the long distance portion too, > but I doubt there are any ordinary domestic calls that cost as much as > $1.55/minute... > > Phil Of course, for Canadians, the services which allow one to dial U.S. 800 numbers (for a fee) work really nicely to defeat ANI. 1-800-235-1414 reports my phone number is 1-206-441-8364 (somewhere in Western Washington state). Mark -- Mark Henderson markh at wimsey.bc.ca RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From jet at nas.nasa.gov Thu May 13 13:03:34 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Thu, 13 May 93 13:03:34 PDT Subject: CLIP: CNN In-Reply-To: <23051309332459@vms2.macc.wisc.edu> Message-ID: <9305132003.AA08865@boxer.nas.nasa.gov> Matthew J Miszewski writes: > Rumor has it CNN is carrying a clip on the Wiretap Chip Today. (I, Being > the poor Law Student that I am, have neither cable nor the time to waatch > it). Could someone type up an extract so we can gage our effectiveness? I saw the lame short on CNN. They usually know better than to try and do something technical in too short a time. Oh well, maybe they ran something on CNN Regular? From eggo at student.umass.edu Thu May 13 13:08:04 1993 From: eggo at student.umass.edu (Round Waffle) Date: Thu, 13 May 93 13:08:04 PDT Subject: Publications In-Reply-To: <9305121958.AA14189@usma8.usma.edu> Message-ID: <9305131957.AA22819@titan.ucs.umass.edu> Possessed by The Unholy, Gatlin Anthony CDT scrawled the following in blood: > > Greetings fellow crypto warriors, > I am attempting to locate several publications to see if they are still > in existence and where I might them or archives of previous issues. The > publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone > knows where I might be able to obtain these or similar publications, please > let me know. Also, does anyone know where any "interesting" ftp sites which > carry files or other data related to these type publications? > To my knowledge, none of those publications are still being put out. However, all of them (with the exception of TAP, which was a paper 'zine -- although they did put out one online issue) are archived at ftp.eff.org, in the /pub/cud directory. > Thanks, > > Anthony J. Gatlin |-------------------------------------| > Cadet Private, Co. G-2 |PGP Public Key available on request. | > United States Military Academy |-------------------------------------| > +- eggo at titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From jas at netcom.com Thu May 13 23:20:32 1993 From: jas at netcom.com (jas at netcom.com) Date: Thu, 13 May 93 23:20:32 PDT Subject: Banning Laptops! Message-ID: <9305140621.AA14219@netcom3.netcom.com> I was just siting at home watching a local newscast while reading my favorite alt. newsgroup when the news on the t.v mentioned something about banning laptops and cd players on airplanes. The story did not mention any reason behind this ban on our favourite machines except quote " something is causing problems to our intsruments and we can't figure out what " What else are they gonna ban on flights? My freq jammer. Anyway I'm just wondering what will happen to those new planes that have ports on the seats. So that we can download our e-mail. ( Would we still call it downloading even if we were flying over the site we were downloading the e-mail from ) ^^^^ -jas From karn at qualcomm.com Fri May 14 02:07:43 1993 From: karn at qualcomm.com (Phil Karn) Date: Fri, 14 May 93 02:07:43 PDT Subject: Banning Laptops! Message-ID: <9305140907.AA10114@servo> You may be referring to the clip that appeared on CNN today that said American Airlines had banned the use of laptop computers and CD players *during takeoff and landing*. Use during cruise is OK. I think this policy has been in effect for a while. I've been flying American lately and have heard it mentioned. Phil From gg at well.sf.ca.us Fri May 14 03:03:51 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Fri, 14 May 93 03:03:51 PDT Subject: Banning Laptops! Message-ID: <199305141003.AA12460@well.sf.ca.us> Here's what's up: some alarming malfunctions of navigational instruments were traced to consumer electronics in use by passengers. The worst offenders were CD players, but laptops etc were also found to cause trouble. Eventually, aircraft will be retrofitted for greater immunity to this, and of course laptops will probably be developed with reduced RF emissions so that business travellers can use them in flight. (In case it isn't clear, all of these devices emit radio frequency energy which can seriously fuck up radio frequency navigational equipment and onboard computers.) Anyway, until the tech upgrades come down the line, leave your laptop and CD player in the overhead luggage rack. The small increment of pleasure or convenience gained by using these things in the air can't begin to compare with the risk of causing a fatal accident. -gg From wtap at mindvox.phantom.com Fri May 14 07:54:38 1993 From: wtap at mindvox.phantom.com (Wire Tap!) Date: Fri, 14 May 93 07:54:38 PDT Subject: Banning Laptops! Message-ID: When I was flying overseas a year ago I was told to keep my paltry laptop off during takeoff. I questioned why and was told that it causes instruments only used in takeoff and landing to fluctuate, but it rarely happened, if at all. So were someone to sneak a flip of the power switch on a laptop during takeoff, most likely the pilots would never know. But hey, this IS airplanes we are talking about. Even a little flucuation is too much for me. Piloting a plane is a precision art, and I would hate to be the one to throw the wrench in the works. One of the more interesting things dealing with this is even getting them on the plane. I had to unpack my carry case, power it up, give the fed type guy a dir listing (he said he had to see words), pull out the battery (I suppose to prove it wasn't a really small battery and a stick of dynamite stuffed in there), etc. Joking about a bomb when boarding a plane is a federal offense too. wtap at mindvox.phantom.com PGP key available upon request. From ncselxsi!drzaphod at ncselxsi.netcom.com Fri May 14 07:58:44 1993 From: ncselxsi!drzaphod at ncselxsi.netcom.com (DrZaphod) Date: Fri, 14 May 93 07:58:44 PDT Subject: Banning Laptops! Message-ID: <1892.drzaphod@ncselxsi> In Message Thu, 13 May 93 23:20:59 PDT, netcom!jas at netcomsv.netcom.com writes: >banning laptops and cd players on airplanes. Maybe we should invest in some TEMPEST bags for our stuff.. better yet.. maybe there's a market for selling these at airports.. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - DrZaphod #Don't Come Any Closer Or I'll Encrypt! - - [AC/DC] / [DnA][HP] #Xcitement thru Technology and Creativity - - [drzaphod at ncselxsi.uucp]# [MindPolice Censored This Bit] - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From cnotting at cosmos.gmu.edu Fri May 14 10:40:54 1993 From: cnotting at cosmos.gmu.edu (Craig Nottingham) Date: Fri, 14 May 93 10:40:54 PDT Subject: Navigation Prblems and Laptops... Message-ID: <9305141740.AA18653@toad.com> There are NO documented reports of malfunction of navigational or other instruments on aircraft due to personal electronic devices. The FAA has done studies and conducted investigations and they do not have a singledocumented case of interfence. (Lovely what you can learn from TV thses days) ----- Craig Nottingham -Reality is for people who lack imagination NeXTmail-I hate to advocate drugs, alcohol, violence or insanity to anyone, but they've always worked for me. <=> Hunter S ThompsonZ From smb at research.att.com Fri May 14 12:07:30 1993 From: smb at research.att.com (smb at research.att.com) Date: Fri, 14 May 93 12:07:30 PDT Subject: Navigation Prblems and Laptops... Message-ID: <9305141907.AA19079@toad.com> There are NO documented reports of malfunction of navigational or other instruments on aircraft due to personal electronic devices. The FAA has done studies and conducted investigations and they do not have a singledocumented case of interfence. (Lovely what you can learn from TV thses days) According to one report (in the NY Times, I believe), SwissAir reports one incident where the apparent interference not only stopped when electronic devices were turned off, it resumed when the pilot gave permission for people to start using them again. ``Documented'' is the wrong word. There have been plenty of cases of trouble attributed to electromagnetic interference; what's lacking is controlled studies that demonstrate an effect, as opposed to anecdotal evidence from the pilots of various aircraft. From jet at nas.nasa.gov Fri May 14 14:32:12 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Fri, 14 May 93 14:32:12 PDT Subject: computer and privacy on all things considered (bay area, 1430, fri) Message-ID: <9305142132.AA18476@boxer.nas.nasa.gov> Fri/1430/Mountain View just heard NPR/All Things Considered announcement that they're going to do a bit on data privacy. I dunno the freq, right above 88. (Damn analog jam box. :-) -eric From tcmay at netcom.com Fri May 14 15:10:50 1993 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 14 May 93 15:10:50 PDT Subject: computer and privacy on all things considered (bay area, 1430, fri) Message-ID: <9305142210.AA19678@netcom.netcom.com> >Fri/1430/Mountain View > >just heard NPR/All Things Considered announcement that they're going >to do a bit on data privacy. I dunno the freq, right above 88. (Damn >analog jam box. :-) > >-eric As soon as I read this (and thankfully the toad.com machine was sending stuff through in a timely way), I flicked on KQED (San Francisco), where the NPR report was already underway. The hacker spokesman was, I think, a "Fred Davis." An unimpressive interview, in my opinion. Confusing stuff about how if your computer has "wires going into it, hackers can get in" (paraphrased from the hacker's comments, not the interviewers). Perhaps the time allotted was just too short to make any reasonable points. Those who didn't hear it, didn't miss much. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement From pfry at us.oracle.com Fri May 14 15:19:16 1993 From: pfry at us.oracle.com (Phil Fry) Date: Fri, 14 May 93 15:19:16 PDT Subject: NPR coverage of Clipper/PGP 5/14/93 Message-ID: <9305142218.AA24538@wrpyr4.us.oracle.com> In the hopes that this can reach at least some of you before NPR airs locally, there is a reasonably in-depth discussion of Clipper (its problems), PGP (its benefits), etc. at about 50 minutes into the program today (5/14/93). Phil Fry pfry at oracle.com Oracle Consulting Cincinnati, Ohio 513 651 4444 From gnu Fri May 14 15:34:35 1993 From: gnu (John Gilmore) Date: Fri, 14 May 93 15:34:35 PDT Subject: Questions to the White House from the Digital Privacy and Security Working Group Message-ID: <9305142234.AA20885@toad.com> Cypherpunks will recognize some of the questions from the brainstorming session of a few weeks ago. ------- Forwarded Message From: djw at eff.org (Daniel J. Weitzner) ... The Digital Privacy and Security Working Group, coordinated by the Electronic Frontier Foundation, sent the following questions to the White House, the Department of Commerce, and key members of Congress. ================== Digital Privacy and Security Working Group 666 Pennsylvania Ave, SE Suite 303 Washington, DC 20003 Jerry Berman or Daniel J. Weitzner 202/544-9237 Leah Gurowitz 202/544-6909 ISSUES AND QUESTIONS REGARDING THE ADMINISTRATION'S CLIPPER CHIP PROPOSAL A. Process by Which the Proposal Was Developed 1. Why the secrecy in which the encryption code scheme was developed? Were any members of the computer, communications, or security industries consulted? Were any privacy experts consulted? Has the Justice Department or the White House Office of Legal Counsel considered the constitutional implications? 2. The Administration's announcement implies that a policy review on encryption has been commenced; but at the same time, it appears that a decision has already been reached to support the Clipper proposal or some other key-escrow scheme. Is any review of the Clipper chip itself now underway? What progress has been made? When will this expedited review be complete? 3. What role has the National Security Agency played in the development and selection of the Clipper Chip and key escrow system? What will NSA's role be in the deployment and evaluation of the system? Are these roles consistent with the principle of civilian control of computer security, as required by the Computer Security Act of 1987? 4. What efforts are underway to improve the government's ability to decrypt non-Clipper algorithms which are likely to be used by criminals? Can the government decrypt all commercially available hardware sold domestically and abroad? If not, wouldn't it be a better policy to direct U.S. resources in that direction instead of the Clipper approach? 5. What percentage of the 800 to 900 annual Title III interceptions encounter encrypted communications? What percentage of law enforcement encountered encryption is estimated to be Clipper as opposed to the other encryption schemes? Is this a solution in search of a problem? 6. Did the government consider commercially-available encryption schemes and reject them? If so, why were they rejected, and is that analysis available? If not, why not? 7. Capstone is the successor to Clipper with the addition of public key exchange and digital signature capabilities. Is Clipper just an intermediate step before Capstone is released? Why did the White House press release not mention Capstone? 8. How will this relate to the FBI's Digital Telephony Proposal? Has the Administration committed to supporting, discarding or reintroducing the proposal in a new form? 9. What is the history of the proposal? How long has this been under consideration? 10. How long has the Clipper Chip and escrow concept been in development? Which agency originated these concepts? B. Secrecy of the Algorithm 11. Will the Clipper proposal have the same degree of public review that other NIST standards, such as DSS have gone through? 12. How can the public trust the security and reliability of an algorithm that is kept classified? 13. If American firms are not able to have their encryption experts examine the algorithm, how can they be sure that there is no "trap door" that would allow any Clipper Chip security system to be overridden? Dr. Kammer of NIST has said that "respected experts from outside the government will be offered access" to the algorithm. How do interested parties go about obtaining this access to the classified material about the Clipper algorithm and participate in the analysis of the design to search for trap doors and other weaknesses? What specific reports from this process will serve to reassure users regarding the integrity of the Clipper Chip? 14. What will be the consequence if the algorithm is published? Will it become less secure? If publication (i.e., de-classification) would make it less secure, how secure can it be? 15. If the Clipper Chip is too weak to protect classified government communications, why should it be used for sensitive proprietary private sector communications? 16. Executive Order 12356 has procedures on classification and declassification of information. Is the algorithm being classified under the framework of this order? What agency is in charge of classification/ declassification? 17. How much effort has the government put into the design and cryptoanalysis of the Clipper Chip as compared to the public analysis of the Data Encryption Standard during the last 16 years? 18. Is the Skipjack algorithm being used by the Clipper Chip derived from codes used in the management of our nuclear arsenal? Is this why the algorithm is being kept secret? If this is so, why are we using this secret system for a dubious commercial standard? If there is a national security justification to avoid having this encryption technique revealed, why risk compromising it by integrating it into publicly distributed products? 19. If the algorithm is classified, how will it be legal to distribute the chips to users not qualified to handle classified encryption equipment? This seems contrary to Facility Security Clearance procedures and the Personal Security Clearance requirements of DoD 5220.222-M, Industrial Security Manual for Safeguarding Classified Information. 20. Is it illegal to reverse engineer the Clipper Chip? If it were reverse engineered, would it then be illegal to reveal the algorithm? C. Voluntariness of Clipper System 21. Will this system be truly voluntary? If so, won't criminals and terrorists just use some other type of encryption? 22. If the use of the Clipper Chip is "voluntary," why would any party desiring privacy or secrecy of communications use it, knowing that the US. government has a process to allow decryption? If the Administration's ultimate goal is to ban other forms of encryption for use domestically, what is the legal basis for such an approach? 23. Isn't the Administration doing more than "encouraging" use of Clipper? (E.g., discontinuing DES at the end of the current certification cycle, directing NIST to adopt Clipper as a Federal standard, and maintaining export restrictions on hardware/software using different algorithms?) 24. Does the government have any plans to campaign for the implementation of the Clipper Chip as a standard for data cryptography? 25. What impact will the introduction of Clipper have on the market for other encryption technologies? Will the government otherwise try to discourage other cryptographic mechanisms from being marketed domestically and abroad? 26. Isn't the government dictating the design of technology into commercial products rather than allowing market demand to dictate? 27. What prevents a sender of information from encrypting with secure, easy to obtain software using DES or RSA algorithms before sending data through a channel encrypted with the Clipper system? 28. Would the Administration ever consider making the Clipper Chip or other key escrow system mandatory? D. Key Escrow System 29. How can the government assure us that the keys held in escrow are not compromised? What public or private agencies have sufficient integrity and public trust to serve as escrow agents? 30. How can the public be sure that keys will only be revealed upon proper warrant? Will there be clerks who actually operate the equipment who could get anyone's keys? Or will judges have personal keys, which would be directly authenticated to the escrow agents' equipment that protects the users' keys? 31. Once the keys are obtained from the escrow holders, is it envisioned that electronic surveillance can be done "real-time," or will recording and post-processing be required? 32. To hear both sides of a conversation, does law enforcement need the keys of both participants? 33. After law enforcement has properly obtained a pair of unit keys from the escrow agents and conducted a wiretap, will the keys be "returned" to the agents? What safeguards exist to prevent law enforcement from re-using the keys without authorization in the future? 34. Once in possession of the unit keys, can the government pretend to be ("spoof") the original unit owner? 35. What is the smallest number of people who would be in a position to compromise the security of the system? 36. Can an escrow agent exercise discretion in the release of key information? E.g., can they refuse an inappropriate request? (Phone companies ensure that court orders are facially valid.) Can they publicize an inappropriate request? Can they tell the person whose communications were intended to be violated? 37. Who will be responsible for auditing the escrow process and the use of revealed keys? 38. How will the government ensure that unanticipated uses of the escrow database are prevented in the long term? (E.g., the Census database was supposed to stay confidential for 75 years, but was released during World War Two to allow Japanese-Americans to be imprisoned without cause. What protections are in place to make sure that this never happens again? 39. What happens when one discovers that the keys have been captured through theft? How difficult would it be to change keys? What is done in the meanwhile? How difficult is it to reprogram the chip, or do you need a replacement? 40. If the chip can be reprogrammed, how do you prevent covert changes that will not be discovered until authorization to tap is received and execution of the warrant is forestalled? 41. It appears that once a given chip has been compromised due to use of the escrowed keys, the chip and the equipment it is used in are vulnerable forever. Is there any mechanism or program to re-key or replace compromised hardware? Is there any method for a potential acquiring party to verify whether the keys on a given chip have been compromised? Who should bear the cost of replacement or re-keying of compromised hardware? 42. What safeguards will be used when transporting the escrow keys? 43. What are the national security implications of widespread deployment of Clipper? Does it make our communications more susceptible to disruption or jamming? 44. Doesn't the two-escrowee approach make these locations targets of opportunity for any party or foreign government that wants to gain access to sensitive US. information? If an escrow location is compromised, all chip data contained there is compromised. Wouldn't these locations also become targets of opportunity for any criminal or terrorist organization that wanted to disrupt US. law enforcement? What back-up or physical security measures are envisioned? If multiple copies are kept, doesn't this increase the threat of compromise? E. Choice of Agents for the Keys 45. Who will be the agents for the keys? How secure will they be from the outside and from the inside? What is the cost of maintaining the escrow system? Who will pay? Who will profit? 46. When will the escrow agents be announced? Will there be a process to allow input into the selection of these individuals/agencies? 47. Although it has been reported that the escrow holders will not be the FBI, DoD, CIA or NSA, is it envisioned that one or both of the escrow locations will be non-government entities? Can one or both be private parties? What will the process be to determine what private party will be awarded the contract for key holder? 48. Can the set of escrow agents be changed after the initial selection? How can the government be prevented from moving the escrow contract to a more pliable escrow agent, if one of the agents stands up against the government for the rights of the people whose keys they are protecting? 49. Will escrow agents be immune from prosecution during their term of office, like Members of Congress, the President, and Justices of the Supreme Court? If not, what will prevent the government from harassing the agents during a dispute with the Justice Department? 50. Will there be a mechanism for particular people to keep their keys out of the key escrow database, or to obtain Clipper Chips with keys that have not been escrowed? (E.g. Judges, law enforcement officers, NSA officials, the President, etc.) F. Level of Security of Clipper Chip Encryption 51. How will the government assure American businesses that their proprietary information is not compromised? Given the extremely competitive nature of the high-tech industries, and the importance of intellectual property, how can American firms be adequately protected? 52. How will the government assure American citizens that the privacy of their electronic communications and the security of personal information that is transmitted in electronic form will all be secure under the Clipper Chip? 53. f the Administration is so confident about the level of security of the Clipper Chip scheme, why will classified information not be encrypted with it? 54. What warranty is the US. government prepared to make regarding the security of the Clipper Chip compared to other algorithms, and indemnity for failures for breaches of the algorithm, chips that are compromised due to failures in the security of the escrow system, or other failures in the Clipper approach? 55. What effect does Clipper have on other NSA and DOD programs aimed at encryption and authentication of unclassified messages (e.g., MOSAIC)? 56. If Clipper is not approved for classified traffic, what government agencies will be utilizing Clipper, and for what applications? 57. Normal security procedures involve changing cryptography keys periodically, in case one has been compromised. But the family and unit keys cannot be changed by the user. If these keys are compromised, it won't matter how frequently the user changed their session keys. Doesn't the long use of the same family and unit keys increase the likelihood that these keys will be compromised while they are still in use? Doesn't this also eliminate a significant degree of the user's control of the level of security that their his or her system provides? 58. If the government discovered that the algorithm or family key had been discovered by a foreign government or private individuals, would it tell the public that the system had been compromised? Are there plans to restore privacy and authentication if the algorithm is compromised? 59. How secure is the Clipper algorithm if it is attacked by a person with half the key? G. Level of Privacy Protection 60. Given the dramatic growth in transmission and storage of personal information in electronic form, does the Administration recognize that private individuals, as well as large organizations, need access to affordable, robust encryption systems? 61. Is law enforcement permitted to identify the specific piece of communications equipment without obtaining a warrant? If encrypted communications include the serial number ("chip family key"), will law enforcement be able to keep track of communications traffic and track private citizens without even securing the keys from the escrow agents? 62. Does the Administration believe that all household phones are going to be replaced with secure versions over some period of time? At what cost? 63. It has been impossible to keep any large collection of information completely private, including Social Security records, tax information, police files, motor vehicle records, medical records, video rentals, highly classified military information, and information on abuses of power. How will users be able to tell when this happens to the key escrow information? H. Constitutional/Legal Implications 64. Has the Administration fully considered the constitutional implications of the Clipper Chip and other key escrow systems? 65. Does forcing someone to disclose a key for future law enforcement access infringe the fundamental right against self incrimination embodied in the Fifth Amendment? 66. Does requiring key disclosure in conjunction with a particular technology violate users' right to free speech under the First Amendment? Courts frown most severely on any government attempts to compel a particular form of speech. 67. Does the escrow system violate the letter or the spirit of the Fourth Amendment protections which safeguard citizens against intrusive law enforcement practices? 68. When the Administration says "nor is the U.S. saying that 'every American, as a matter of right, is entitled to an unbreakable commercial encryption product,'" are they therefore saying the inverse, that every American is not allowed to have an unbreakable commercial encryption product? 69. Does the Administration see the need for any new legislation to implement its Clipper Chip proposal? If so, specifically identify. 70. In the event that one or more escrow keys are obtained through unauthorized means, what liability, if any, might the equipment manufacturer have to bear? 71. What will be the relationship between Federal and state law enforcement? Will the policy pre-empt state law? How will state law enforcement access the "key" system? 72. What is the statutory authority for regulation of domestic encryption? Are any of these statutes cold war relics? Should the efficacy of all statutes that effect civilian encryption be reviewed? 73. What protections do we have against blackmailing by escrow agents, or by others who have gained possession of escrowed keys? Is there civil or criminal liability for escrow agents who reveal keys illegally? 74. What is the impact on society if the right to hold a truly private conversation is withdrawn? 75. Is strong encryption technology important for protecting intellectual property in a digital network environment? I. Logistics of Chip Development and Manufacture 76. Why weren't other Chip manufacturers given the chance to bid on the chip production process? Why was the choice made to have only one manufacturer? 77. Since the Clipper Chip design data will need to be released to manufacturers, how will we be assured that this information, in itself, will not allow the user systems to be compromised? 78. What assurances will there be that the manufacturer is not keeping a record of all keys issued? 79. We have read Dorothy Denning's explanation of how the two 80-bit keys will be created in the SCIF. Is this description accurate? If not, how would this process occur? If so, is the system feasible? What will the cost be for this process and for the increased security of the involved government agents? 80. The chips will be programmed in a Secure Compartmented Information Facility (SCIF). Does this suggest that the chips should at some point be classified Secret or Top Secret? What is the classification of the Clipper and Capstone chips and the Skipjack algorithm? How will these chips be declassified once leaving the SCIF? 81. Some of the press reports imply that AT&T has had access to this information in order to incorporate Clipper into some of its equipment designs. Is that implication accurate? 82. Can this scheme be implemented in software? If so, why haven't we seen information on that software? If not, were issues of how this hardware solution would affect continued use of software encryption adequately evaluated? Were the comparative costs of software and hardware encryption schemes evaluated? Is this evaluation available for analysis? 83. Current high speed DES processors have encryption rates of approximately 200 megabits per second, while the Clipper Chip has a throughput of 12.5 megabits per second. Within two to five years, 100 Mbs+ technologies, such as Fast Ethernet, FDDI and ATM, will become commonplace. How will the Clipper technology be used in environments where data is sent at 100 Mbs or faster? J. Feasibility/Implementation 84. What testing has been done to verify the ability of Clipper to work across the panoply of new emerging technologies? If the underlying digital transport protocol drops a bit or two, will that interfere with Clipper operation? How critical is synchronization of the bit stream for Clipper operation? Has this technology been tested with ISDN, TDMA, Cellular, CDMA Cellular, ATM, SONET, SMDS, etc. and other emerging technologies? What effect does Clipper have on the Cellular Authentication and Voice Encryption (CAVE) algorithm? Are these differences for key generation, authentication, or voice privacy? 85. Does the Administration seek to extend the Clipper Chip proposal to the TDMA and CDMA digital cellular standards? 86. When will the government publish the various Modes of Operation and other documents for Clipper, together with a physical implementation standard (similar to the old FS-1027)? 87. Will the government consider the development of alternate sources for the chip or will vendors be limited to a single, monopoly supplier? 88. Initially, the Clipper Chip is being proposed for telephone technology, but the White House specifically mentions that the technology will be used for electronic data transmission. What is the timetable for implementing this? 89. What is the scope that the Administration envisions for the Clipper Chip's algorithm use? What about Capstone? Is it limited to choice, or does it encompass electronic mail, network encryption, security modems, long-haul bulk encryptors, video applications, computer password protection, Intelligent Vehicle Highway Systems ("IVHS"), satellite communications -- both transport and control, electronic funds transfers, etc.? 90. What is the Administration's policy on other security mechanisms beyond privacy, such as message authentication codes for banking and EFT, and for integrity and digital signatures for sender authentication and non-repudiation? What is the impact on international standards such as X.500 and X.509? 91. Since Clipper, as currently defined, cannot be implemented in software, what options are available to those who can benefit from cryptography in software? Was a study of the impact on these vendors or of the potential cost to the software industry conducted? 92. What is are the success criterion for the Clipper initiative? Would the government abandon its initiative if the Clipper is shown to be unsuccessful beyond government use? 93. What is the expected useful lifetime of the Clipper technology? What do you expect will render it useless at some point? 94. Is it true that the name "Clipper Chip" is the intellectual property of another company? K. Impact on American Competitiveness 95. As the key-escrow approach is designed to ensure the ability of the American government to access confidential data, do NIST and NSA expect overseas customers (who do not have the protection of due process) to purchase the chip for data protection? 96. In testimony before the House Telecommunications Subcommittee, Mr. Kammer of NIST indicated that if he were a foreign customer, he would not purchase devices that included the Clipper Chip. Doesn't this raise serious balance-of-trade problems? 97. Will the technology, or the Chip itself, be shared with other allied governments (e.g., the UK), or will US. producers of data security products, forced by government standards to develop clipper-based products for the US. market, be permanently closed out of the overseas security market? 98. If Clipper won't be commercially accepted abroad, and export controls continue to prohibit the exportation of other encryption schemes, isn't the US. government limiting American companies to a US. market? 99. Given the restrictions on who can build Clipper devices, how will Clipper keep up with advances in semiconductor speed, power, capacity and integration? Openly available devices, such as Intel-compatible microprocessors, have seen dramatic gains, but only because everyone was free to try to build a better version. 100. Will the Clipper Chip be used nationally and internationally? How will multinational operations accommodate this new system? 101. Banking and finance are truly global today. Most European financial institutions use technology described in standards such as ISO 9796. Many innovative new financial products and services will employ the reversible cryptography described in these standards. Clipper does not comply with these standards. Will US. financial institutions be able to export Clipper? If so, will their overseas customers find Clipper acceptable? 102. If overseas companies provide systems based on algorithms that do not have key escrow schemes that encrypt faster and more securely, how will we compete internationally? We are market leaders in applications software and operating systems. our world leadership in operating systems is dependent on integrating security in internationally distributed systems. 103. Internet Privacy Enhanced Mail (PEM) is becoming an internationally recognized system for encrypting Electronic Mail. Would Skipjack encryption become a US. standard for encrypting electronic mail while the rest of the world used PEM? How would E-mail traffic between the US. and other countries be encrypted? L. Effect on Export Control Policy 104. In light of the Clipper initiative, will export restrictions on hardware and software encryption regimes using DES and RSA algorithms (which are widely available abroad) remain in place? 105. Will American firms be allowed to sell devices containing the Clipper Chip abroad? Under which governmental regulatory regime would exports of devices containing the Clipper Chip fall? What conditions would be applied to exports of devices containing the Clipper Chip? (E.g., would American firms be allowed to export devices to non-US. customers without the escrow requirement? If not, who would hold the keys?) 106. What governmental regulations will apply to imports of devices containing the Clipper Chip? Given that most US. companies source most customer premise equipment (e.g., telephones, fax machines, etc.) offshore, how will the logistics be handled for the export of the Clipper Chip as a component, and the subsequent import of the device containing the chip? Will the US. permit non-US. manufacturers to have the Clipper algorithm? If not, how will the Administration justify this trade barrier? 107. If the Clipper Chip cannot be reverse-engineered, and if the US. government is capable of decrypting, why would there be any reason to limit Clipper products from being exported? 108. If Clipper is allowed to be exported, does the US. government foresee a problem with other governments? Would the US. government's access to escrow keys be viewed as an exercise of extraterritorial jurisdiction? M. Implications for Installed-Base/Existing Products 109. What are the implications of NSA/NIST withdrawing the certification of DES? Although it may -- at some point in the future -- no longer be used for government purposes, that is not going to effect commercial or private users' applications of DES. What about the embedded base of DES hardware? 110. Will existing systems need to be replaced? 111. What efforts were spent to make the new encryption approach compatible with the embedded base of equipment? If DES was becoming weak (vulnerable), wouldn't merely extending the DES key length to 80 bits have solved that problem? 112. There are a number of companies that employ non-escrowed cryptography in their products today. These products range from secure voice, data, and fax, to secure e-mail, electronic forms, and software distribution, to name but a few. With over a million such products in use today, what does the Clipper scheme foretell for these products and the many corporations and individuals that are invested in them and use them? Will the investment made by the vendors in encryption-enhanced products be protected? If so, how? Is it envisioned that they will add escrow features to their products or be asked to employ Clipper? N. Process by which Input Will Be Received from Industry/Public Interest Groups 113. If the outcome of the policy review is not pre-ordained, then the process to analyze the issues and arrive at solutions would seem to need a great deal of definition. What roles have been identified for Congress, the private sector, and other interested parties? Who is coordinating the process? 114. Why does the Presidential directive on the review process remain classified? o o o o o ------- End of Forwarded Message From amcgee at netcom.com Fri May 14 17:34:40 1993 From: amcgee at netcom.com (Arthur R. McGee) Date: Fri, 14 May 93 17:34:40 PDT Subject: CALLER ID? In-Reply-To: <930511191724_72114.1712_FHF57-1@CompuServe.COM> Message-ID: Of course! How else would the phone company be able to bill for those calls if they couldn't put the number of the person calling on the customer's phone bill?! Damn! I thought we were safe here in CA. :-( From amcgee at netcom.com Fri May 14 17:45:42 1993 From: amcgee at netcom.com (Arthur R. McGee) Date: Fri, 14 May 93 17:45:42 PDT Subject: Anonymous Email From Finland (fwd) Message-ID: ---------- Forwarded message ---------- Date: Wed, 12 May 1993 06:54:50 CDT From: "Michael S. Hart" To: Multiple recipients of list GUTNBERG Subject: Anonymous Email From Finland Peter Graham recently posted a comment about a Finnish service allowing for the anonymous sending of email. Can someone provide any details? Thanks. ===================================================== Michael S. Hart, Professor of Electronic Text Executive Director of Project Gutenberg Etext Illinois Benedictine College, Lisle, IL 60532 No official connection to U of Illinois--UIUC hart at uiucvmd.bitnet and hart at vmd.cso.uiuc.edu From mdiehl at triton.unm.edu Sat May 15 00:27:02 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sat, 15 May 93 00:27:02 PDT Subject: mixed plaintext and crypted text. Message-ID: <9305150726.AA05075@triton.unm.edu> Hey again, all. I've RTFM'd, and I don't even know if it can be done, but does anyone know how I can have pgp display the un-encrypted AND the decrypted parts of a message? Lets say my message goes like this: This is a plaintext message to tell you stuff that needs not be private. BTW, can you find the subliminal message? ;^)j -------- begin pgp block ----- asdfkasjd;fThEjsflajslfjaslfjadfajs;flasjdaslfjasldfjalsj asjlgfiuituqoNsAj;slkjasdifuoejrqlwfiasuokjel;rqwiuasdsii asdfasljdflasjfdSuXsldfjalsjljeqljerwljrlejqlwjerlqwjerlq elqrkjlasjl 134as -------- end pgp block ------- Thanx a lot Yours virtually, +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl at triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl at fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From JZP1102%HUSZEG11.bitnet at HEARN.nic.SURFnet.nl Sat May 15 04:46:28 1993 From: JZP1102%HUSZEG11.bitnet at HEARN.nic.SURFnet.nl (Barna Janos) Date: Sat, 15 May 93 04:46:28 PDT Subject: cyberpunk Message-ID: <9305151146.AA01438@toad.com> ******************************************************************************* ******************************************************************************* | ***** * ****** ******* ***** ****** ****** ***** | | * *** ** ** * * * ** ** ** * | | **** ** ** *** * **** * ** ** **** | | * ** ** *** * * * ** ** **** * | | * ********* ** ** * * * ** ** ** * | | ***** ** ** ****** * ***** ****** ****** ***** | ******************************************************************************* ******************************************************************************* SEARCHING CONTACTS TO JOIN & | Cyberart & tech | ESTABLISH WORLDNET 4 FUTURE ******************* HELP! We are the first forming cyberpunk group in the Eastern block. We NEED YOUR informations, datas, opinion and knowledge about CYBERPUNK CULTURE, CYBERARTS, HACKERS, NEW EDGE CYBER TECHNOLOGIES, VIRTUAL REALITY, MIND MACHINES, ARTIFICAL INTELLIGENCE BRAIN BOOSTER DRUGS, BBS, WETWARE, INTERACTIVE AND HYPERMEDIA UNDERGROUND CULTURE WAVES, SLANG, MUSIC, GRAPHICS, etc. We have great difficulties in ordering books, mags, fanzines or any kind of brochure, so please let us get some if you can : Molnar Daniel Our answers will contain short stories,graphics: H-6723, Szeged, Csorba u. 9/A novels, musics and experiences on this them. : Hungary BITNET mail: jzp1102 at huszeg11 /Barna Janos/ -=PAX WITH YOU=- From jslee at well.sf.ca.us Sat May 15 07:40:15 1993 From: jslee at well.sf.ca.us (John S. Lee) Date: Sat, 15 May 93 07:40:15 PDT Subject: PGP 4 da MAC Message-ID: <199305151439.AA21760@well.sf.ca.us> Is there a program or source for PGP for the Mac. Where can I get it? Thanks! From fergp at sytex.com Sat May 15 07:45:12 1993 From: fergp at sytex.com (Paul Ferguson) Date: Sat, 15 May 93 07:45:12 PDT Subject: Receipt acknowleged? Message-ID: This is a transcript of a letter that I received in the mail from Senator John Warner of Virginia - 8<------ Begin transcript ------------------ JOHN WARNER Virginia Committees: Armed Services Select Committee on Intelligence Environment and Public Works Rules and Administration United States Senate May 11, 1993 Mr. Paul Ferguson
Centreville, Virginia 22020 Dear Mr. Ferguson, Thanks you very much for writing to inform me of President Clinton's new initiative in telecommunications encryption technology. I was not aware of this proposal as presented by the new Administration. Your letter does reveal that you are very knowledgeable in the details of the "Clipper Chip". You have expressed clearly the impact the "Clipper Chip" technology and program would have on government and private business. I will seek more information concerning this new initiative from the Clinton Administration. I appreciate being made aware of this proposal and learning of your specific insights. With kind regards, I am Sincerely, /*signed*/ John Warner 8<-------- End transcript ------------ Paul Ferguson | Boycott AT&T, Network Integrator | Write your elected Centreville, Virginia USA | Representatives. fergp at sytex.com | Do the right thing. Just say "NO" to the Wiretap (Clipper/Capstone) Chip(s) I love my country, but I fear its government. From gnu Sun May 16 00:02:19 1993 From: gnu (John Gilmore) Date: Sun, 16 May 93 00:02:19 PDT Subject: Forestalling paranoia Message-ID: <9305160702.AA03390@toad.com> The Little Garden network, which connects toad.com to the Internet, was down today due to some scheduled power outages in a building that our link goes through. Fear not...if you sent something to cypherpunks, it will get through when the power comes back on. John From deltorto at aol.com Sun May 16 12:32:05 1993 From: deltorto at aol.com (deltorto at aol.com) Date: Sun, 16 May 93 12:32:05 PDT Subject: End of the Universe Hacked Message-ID: <9305160615.tn21936@aol.com> Hi Everybody, This is FYI. Apologies for any overlaps if you get this twice. Note: I was in the Netherlands last year and crashed/partied with these guys and gals and they're ALL RIGHT kinds-a folks. This should be a real feth-ti-val for those who can make it over there. The central Netherlands area is noted for the lack of a "There" there, but what they lack in "There-ness," they more than make up for with a wonderful sense of wackiness. Subliminal Hint: l e t ' s a l l g o ... Peace, ^ ^ dave '[' ...Clip the Clipper Chip! u ------------------------------------------------------------------- H A C K I N G A T T H E E N D O F T H E U N I V E R S E ------------------------------------------------------------------- An 'in-tents' summer congress H U H? ------- Remember the Galactic Hacker Party back in 1989? Ever wondered what happened to the people behind it? We sold out to big business, you think. Think again, we're back! That's right. On august 4th, 5th and 6th 1993, we're organising a three-day summer congress for hackers, phone phreaks, programmers, computer haters, data travellers, electro-wizards, networkers, hardware freaks, techno-anarchists, communications junkies, cyberpunks, system managers, stupid users, paranoid androids, Unix gurus, whizz kids, warez dudes, law enforcement officers (appropriate undercover dress required), guerilla heating engineers and other assorted bald, long-haired and/or unshaven scum. And all this in the middle of nowhere (well, the middle of Holland, actually, but that's the same thing) at the Larserbos campground four metres below sea level. The three days will be filled with lectures, discussions and workshops on hacking, phreaking, people's networks, Unix security risks, virtual reality, semafun, social engineering, magstrips, lockpicking, virusses, paranoia, legal sanctions against hacking in Holland and elsewhere and much, much more. English will be the lingua franca for this event, although some workshops may take place in Dutch. There will be an Internet connection, an intertent ethernet and social interaction (both electronic and live). Included in the price are four nights in your own tent. Also included are inspiration, transpiration, a shortage of showers (but a lake to swim in), good weather (guaranteed by god), campfires and plenty of wide open space and fresh air. All of this for only 100 dutch guilders (currently around US$70). We will also arrange for the availability of food, drink and smokes of assorted types, but this is not included in the price. Our bar will be open 24 hours a day, as well as a guarded depository for valuables (like laptops, cameras etc.). You may even get your stuff back! For people with no tent or air matress: you can buy a tent through us for 100 guilders, a matress costs 10 guilders. You can arrive from 17:00 (that's five p.m. for analogue types) on August 3rd. We don't have to vacate the premises until 12:00 noon on Saturday, August 7 so you can even try to sleep through the devastating Party at the End of Time (PET) on the closing night (live music provided). We will arrange for shuttle buses to and from train stations in the vicinity. H O W ? ------- Payment: In advance only. Even poor techno-freaks like us would like to get to the Bahamas at least once, and if enough cash comes in we may just decide to go. So pay today, or tomorrow, or yesterday, or in any case before Friday, June 25th 1993. Since the banks still haven't figured out why the Any key doesn't work for private international money transfers, you should call, fax or e-mail us for the best way to launder your currency into our account. We accept American Express, even if they do not accept us. But we are more understanding than they are. Foreign cheques go directly into the toilet paper recycling bin for the summer camp, which is about all they're good for here. H A ! ----- Very Important: Bring many guitars and laptops. M E ? ----- Yes, you! Busloads of alternative techno-freaks from all over the planet will descend on this event. You wouldn't want to miss that, now, would you? Maybe you are part of that select group that has something special to offer! Participating in 'Hacking at the End of the Universe' is exciting, but organising your very own part of it is even more fun. We already have a load of interesting workshops and lectures scheduled, but we're always on the lookout for more. We're also still in the market for people who want to help us organize this during the congress. In whatever way you wish to participate, call, write, e-mail or fax us soon, and make sure your money gets here on time. Space is limited. S O : ----- > 4th, 5th and 6th of August > Hacking at the End of the Universe (a hacker summer congress) > ANWB groepsterrein Larserbos (Flevopolder, Netherlands) > Cost: fl. 100,- (+/- 70 US$) per person (including 4 nights in your own tent) M O R E I N F O : ------------------- Hack-Tic Postbus 22953 1100 DL Amsterdam The Netherlands tel : +31 20 6001480 fax : +31 20 6900968 E-mail : heu at hacktic.nl V I R U S : ----------- If you know a forum or network that you feel this message belongs on, by all means slip it in. Echo-areas, your favorite bbs, /etc/motd, IRC, WP.BAT, you name it. Spread the worm, uh, word. From nowhere at bsu-cs.bsu.edu Sun May 16 12:34:09 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Sun, 16 May 93 12:34:09 PDT Subject: No Subject Message-ID: <9305160940.AA13873@bsu-cs.bsu.edu> Info on Mykotronx! First of Two Documents. (This info was sent to me anonymously. I have no idea if it's real, accurate, bogus, etc. Maybe it's real. This may help us in some way. Considering what Mykotronx has planned for us, publishing this stuff is justified. Just take it with a grain of salt. It could be fake.) >Howdy. The following is a sampling of the information I was >able to grab.... .......[stuff deleted to better protect source]...... >and their entire general ledger. Will post more as I get the >time. Do not disclose the origin of this document (me) but >you can publish it if you like to show that the people the >government wants us to trust to keep the Clipper design >secret, don't know jack shit about security. > > > >Information: > >Mykotronx Inc. >357 Van Ness Way (1 blk so. of Del Amo) >Suite 200 >Torrance CA 90501 >(310) 533-8100 >fax (310) 533-0527 >STU III (310) 533-0738 >Founded 1979 > >Resale # SR-AB 12-711252 >Dunn & Bradstreet # 00-611-5281 > >Banking: Shearson Lehman Brothers > Attn: Steve Scerra > Acct # 509 24261 12011 > 21250 Hawthorne Bl > Torrance, CA 90509 > (310) 540-9511 > >Employee Names: > >Bob Gottfried, CEO >Leonard J. Baker, President >Ralph O' Connell, aka "The Father of COMSEC", NSA Lobbyist >Mike Furusawa, Space COMSEC Manager >Patti Linahan, Executive Secretary >Kikuo Ogawa, Buyer >R. Todd, W. Greenfield, KG-44B (Outrunner) Project >John C. Droge, Personnel >Bob Todd, Manufacturing Manager >Landy Riley, Engineering > >Federal Express Acct # 1122-7492-8 > >NSA Contact Home Address: >Ralph O' Connell >1401 Woodbridge Road >Baltimore, MD 21228 >(301) 747-6276 >Principle NSA Technical Contact: >National Security Agency >Maryland Procurement Office >Attn: N244 (CEB) (MDA904-92-G-0354/J.O. 5001) >9800 Savage Road >Fort George G. Meade, MD 20755-6000 >(301) 688-8086 > >NSA Accounting Contact: >National Security Agency >Maryland Procurement Office >Finance and Accounting Office >9800 Savage Road >Fort George G. Meade, MD 20755-6000 >(301) 859-6715 > >KG-46 Tactical Decryptor Unit and >KG-48B Outrunner Provisioning Conference participants: >Robert Todd, Mykotronx >Bill Greenfield, Mykotronx >G. Burgio, NSA >J. Gochnour, NSA >J. Wimpy, Air Force Computer Systems Command >S. Solis, Air Force Computer Systems Command > >To Be Discussed at meeting May 18 & 19, 1993 > >Outrunner Project Milestone Payments: > >1. Preliminary Studies $268,074 2/14/92 >2. Place Subcontract w/ VLSI $47,917 2/22/92 >3. Complete PDR KG-44B $61,431 4/13/92 >4. Complete PDR VLSI $71,090 5/19/92 >5. Complete SFA Review VLSI $78,470 7/12/92 >6. Complete CDR VLSI $106,638 7/17/92 >7. Complete first KG-44B $166,641 8/12/92 >8. Complete CDR $132,454 6/18/92 >9. Complete tests 1st KG-48B $151,957 12/16/92 >10. Complete fab VLSI $203,941 11/17/92 >11a.Deliver 2 KG-44B to NSA $81,080 9/8/92 >11b.Deliver 2 KG-44B to NSA $81,081 10/7/92 >12. Complete Cryto Verif VLSI $152,223 12/16/92 >13. Deliver 4 KG-44B to NSA $171,571 3/2/93 >14a.Deliver 2 KG-44B to NSA $30,432 3/30/93 >14b.Deliver 2 KG-44B to NSA $30,432 4/20/93 >15. Deliver 4 KG-44B to NSA $60,864 4/24/93 >16a.Deliver 1 KG-44B to NSA $15,216 4/28/93 >16b.Deliver 3 KG-44B to NSA $45,648 5/12/93 >17. Deliver 4 KG-44B to NSA $42,840 5/13/93 > >Total: $2,000,000 > > >KG-44 VLSI Procurement: >United Technologies Microelectronics Center >1575 Garden of the Gods Road >Colorodo Springs, CO 80907 >PO#5703-44ACN1 Feb 19, 1992 >Invoice Date Feb 5, 1993 >"Customer to pick up parts. Secret item handling. >Secret Design KG-44LSI. Mykotronx P/N M20/00301XXX" >Government contract # MDA904-92-C-A027 >Group C Testing: $4,400 >5 Parts @ $675ea $3,375 >Job #BE-7281 Group C Samples >PIC Number: HP67AG84WTDLC >"Note: Group B samples also included with this shipment (ref >Packlist #10128" >"The export of this product is controlled by the US Government. >The export of this product or the disclosure of related technical >data to foreign nationals without the appropriate export license >is prohibited by law." > >Test Plan for MYK-80: >Statement of Work for Exatron Inc. 5/13/93 >Develop test interface board for MYK-80 (176 pin TQFP) and >I.M.S. tester. Interface to utilize "particle interconnect" >system. Data on MYK-80 I.O. and IMS tester to be supplied >by Mykotronx. >Interface board to be installed in a work station which utilizes >Exatron "PET" handler, tooled for the MYK-80; a vacuum pick-up >device (manual, pencil type); work surfaces for JEDEC tray >storage and operator support. The IMS tester will mount directly >under the "PET" handler. Two "PET" handlers are to be quoted >with two sets of specific nesting tools for the MYK-80. >Installation in place at Mykotronx and initial operator and >maintenance training to be included. >Design review of the interface board layout, prior to release of >the board to fabrication is to be held at Mykotronx. > > > >Manuals and Training Manuals subcontracted to: > >ELITE Technical Corporation >Warren A. Griswold, President >1903 B Marshallfield Lane >Redondo Beach, CA 90278 >(310) 372-5616 > > >CAPSTONE Financial Commitments by Mykotronx > >Basic VII Cap VLSI 10 $212,000 >Sun 1 Yr maint hw&sw $2,700 >Compass $159,400 >IKOS Systems & sw $57,500 >ELITE Technical Corp $8,000 >IMS/Sun $119,000 >Versatec Plotter $36,500 >SJ (1) $71,200 >SJ (2) $76,200 >Exatron Test System $78,000 >ROM Cell $60,000 >AT&T $100,000 >Surf Mgt (real estate) $13,900 >Universal Shielding (Tempest) $20,600 >Plotter maint $5,000 >Litronics $225,000 >Spyrus (1) $45,600 >Spyrus (2) $44,800 >Compass (2) $110,000 >VLSI Tech $30,000 >VLSI Tech (2) $163,000 >VLSI Tech CAPSTONE TQFP $10,000 >New Media NRE Design $18,700 >South Coast Designers $14,600 >South Coast $6,000 >VLSI Tech Exponeniator Tamper Sys $163,000 >Conres logic analyzer $3,200 >VLSI Myk-78 tester $33,800 > ..end... From nobody at alumni.cco.caltech.edu Sun May 16 13:24:42 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Sun, 16 May 93 13:24:42 PDT Subject: No Subject Message-ID: <9305160934.AA12398@alumni.cco.caltech.edu> This is the second of two documents I received anonymously. Maybe they're real, maybe they're forgeries. Decide for yourself. >Here are exerpts of the .......... of Mykotronx, > >the Torrance Based Big-Brother outfit that is going > >to make the Clinton Clipper wiretap chip. I have > >left off their chart of accounts numbers, since you > >don't care about that. ......... > >Period: 01/01/93 to 04/30/93 (first 4 months of 1993) > > > >Acct Descr Beg Bal Debits Credits > > > >==1000 series== > >Shearson Lehman 286,511 2,620,096 2,670,822 > >Paine Webber 95,602 868 0 > >Dean Whitter 55,391 484 0 > >Petty Cash 3,000 0 0 > >Union bank payroll act 13,408 900,000 816,443 > >Accts rcvbl -customer 1,185,829 1,981,356 2,562,064 > >Accts rcvbl - eployees 7,125 48,450 55,575 > >Franchise tx rcvbl 2,165 0 0 > >Unbilled costs&fees 567,792 533,347 0 > >Raw inventory 172,252 0 76,064 > >Prepaid taxes 1,116 0 0 > >Prepaid sales tax 688 0 688 > >Equp/mach/furn 383,038 20,695 0 > >Accum depreciation 234,425 0 23,000 > >Deposits 9,272 0 0 > > > >==2000 series== > >Accts Payable 482,895CR 1,869,477 1,684,555 > >Sales tax payable 147CR 176 0 > >Sales tax paid 0 0 0 > >FIT withheld 0 10,854 135,741 > >FICA withheld 0 0 56,622 > >CA state IT withh 0 0 36,163 > >CA state disability 0 0 8,730 > >SUI pybl employer 0 0 5,788 > >FUTA payable 0 0 2,007 > >FICA employer 0 0 56,621 > >Pd Payroll txs withh 0 290,820 0 > >401K withheld 0 0 42,712 > >Accrued payroll 25,637CR 343,682 318,045 > >Dental withheld 0 0 674 > >Dental plan pd 0 674 0 > >Withh 401K pd 0 42,712 0 > >Accrued bonuses 214,040 341,240 127,200 > >(holy shit - I wish I worked for a place that paid bonuses like that!) > >Accrued Vacation 44,252 0 0 > >Excess billings 139,216 154,706 55,036 > >Gross payroll 0 751,859 0 > >Gross payroll distrd 0 2,552 754,412 > >Lease obligations 4,911CR 0 0 > > > >==3000 series== > >Common Stock 169,320 0 61,435 > >Capital disbursement 916,675 222,230 0 > >Retd Earnings, begng 2,385,020CR 0 0 > > > >==4000 series== > >Sales, returns&allowc 0 6,014 2,577,323 > >Interest income 0 0 1,353 > >Int income tax free 0 0 2,490 > > > > > >==5000 series== > >Consultants 0 47,395 47,395 > >Subcontracts 0 932,210 110,419 > >Other direct costs 0 62,265 5,454 > >Printing/repro costs 0 542 0 > >Equipment rental/leasg 0 1,537 1,537 > >Maint, repairs 0 1,761 0 > >Delivery 0 3,217 0 > >Postage 0 960 0 > >Materials/parts 0 186,252 22,423 > >Telephone 0 93 0 > >Travel 0 10,437 0 > >Inv Cost of Mfg Prod 0 76,064 0 > >Direct labor-Engnrg 0 240,341 54,172 > >Direct labor-Technician 0 129,839 37,459 > >Direct labor-Adminst 0 47,542 10,081 > > > > > >==6000 series== > >Indirect labor 0 60,319 0 > >Holidays 0 32,867 27,331 > >Sick leave 0 3,276 0 > >Vacation 0 38,096 25,976 > >Retroactive pay 0 4,400 0 > >Job advertisments 0 655 0 > >Grp Med Ins non sharhl 0 25,522 1,818 > >Mykotronx pd payrl txs 0 64,417 0 > >Workers comp 0 9,554 1,418 > >Interest pd 0 0 0 > >Consultants 0 2,013 0 > >ADP Acctg 0 1,493 0 > >Real World Acct Suppt 0 1,485 0 > >Bank charges 0 155 0 > >Blueprints/repro 0 390 0 > >Proposals 0 2,817 0 > >Copier expense 0 514 0 > >Depreciation - elec eq 0 23,000 0 > >Dues & memberships 0 749 0 > >Education & Training 0 2,850 0 > >Employee relations 0 4,531 0 > >Business expense 0 7,431 0 > >Equip rental/lsng 0 4,458 0 > >Computer software 0 2,114 0 > >Insurance 0 9,061 1,380 > >Janitorial 0 20 0 > >Licenses & Permits 0 175 0 > >Maint, repairs 0 2,096 0 > >Delivery 0 995 13 > >Postage 0 942 0 > >Amort organiz expense 0 0 0 > >Taxes - franchise 0 2,763 0 > >Real & Pers prop tax 0 0 0 > >Rent 0 54,080 0 > >Subscriptions/books 0 325 0 > >Office/lab supplies 0 14,183 446 > >Telephone 0 7,961 36 > >Travel 0 10,296 1,303 > >Utilities 0 5,833 0 > >LTD Ins, non sharehld 0 2,877 594 > >401K Mykotronx contrib 0 17,411 0 > > > > > >==7000 series== > >Special Bonus 0 132,200 123,200 > >(Double holy shit!) > >G&A Labor 0 103,4520 0 > >Legal Services 0 5,895 0 > >Board of Dir Expnse 0 1,078 0 > >Financial Svc 0 7,505 0 > > > >Totals 0 12,555,101 12,555,101 > > > > > > > >Other little items: > > > >Locks at Mykotronx installed and maintained by Torrance Lock and Key, > >2421 Torrance Bl. Torrance, CA 90501 (310) 320-8840 For some > >reason, Mykotronx is over 90 days late paying a lousy $50 invoice. > > > >Mykotronx has a Mossler safe. It cost $1,693 when they bought it > >11/27/90. They have never changed the combination. > > > >Outstanding VLSI purchase orders: > >VLSI Tech (Capstone) $212,000 > >AT&T (Myk-78) $71,200 > >Motorola (Myk-77) $76,200 > >AT&T (Misc) $100,000 > >Compass (Software) $159,400 > >VLSI Tech (Myk-78) $66,200 > >Litronics (PCMCIA Crypto) $225,000 > >VLSI Tech (Expoteniator) $163,000 > >VLSI Tech (Capstone TFQP) $10,000 > >VLSI Tech (Myk-78 fix) $68,500 > >VLSI Tech (Myk-78A proto) $11,000 > >VLSI Tech (Myk-78A prod.) $220,000 > >VLSI Tech (Myk-80 #1) $48,000 > >VLSI Tech (Myk-80 #2) $33,750 > >VLSI Tech (Myk-82) $80,000 > >VLSI Tech (Myk-79) $79,500 > > > > > > > >Their LAN was installed by Strategies, Inc for about $14,000. > > >-- From x62727g2 at usma8.USMA.EDU Sun May 16 13:26:35 1993 From: x62727g2 at usma8.USMA.EDU (Gatlin Anthony CDT) Date: Sun, 16 May 93 13:26:35 PDT Subject: List Message-ID: <9305162022.AA13690@usma8.usma.edu> I think I may have somehow gotten wiped off the mailing list. I haven't received in cypherpunk mail in 3 days. Anthony J. Gatlin |-------------------------------------| Cadet Private, Co. G-2 |PGP Public Key available on request. | United States Military Academy |-------------------------------------| From whitfield.diffie at Eng.Sun.COM Sun May 16 14:23:48 1993 From: whitfield.diffie at Eng.Sun.COM (whitfield.diffie at Eng.Sun.COM) Date: Sun, 16 May 93 14:23:48 PDT Subject: Diffie Statement to Boucher's Committee Message-ID: <9305151803.AA02490@morale.Eng.Sun.COM> The Impact of a Secret Cryptographic Standard on Encryption, Privacy, Law Enforcement and Technology Whitfield Diffie Sun Microsystems 11 May 1993 I'd like to begin by expressing my thanks to Congressman Boucher, the other members of the committee, and the committee staff for giving us the opportunity to appear before the committee and express our views. On Friday, the 16th of April, a sweeping new proposal for both the promotion and control of cryptography was made public on the front page of the New York Times and in press releases from the White House and other organizations. This proposal was to adopt a new cryptographic system as a federal standard, but at the same time to keep the system's functioning secret. The standard would call for the use of a tamper resistant chip, called Clipper, and embody a `back door' that will allow the government to decrypt the traffic for law enforcement and national security purposes. So far, available information about the chip is minimal and to some extent contradictory, but the essence appears to be this: When a Clipper chip prepares to encrypt a message, it generates a short preliminary signal rather candidly entitled the Law Enforcement Exploitation Field. Before another Clipper chip will decrypt the message, this signal must be fed into it. The Law Enforcement Exploitation Field or LEEF is tied to the key in use and the two must match for decryption to be successful. The LEEF in turn, when decrypted by a government held key that is unique to the chip, will reveal the key used to encrypt the message. The effect is very much like that of the little keyhole in the back of the combination locks used on the lockers of school children. The children open the locks with the combinations, which is supposed to keep the other children out, but the teachers can always look in the lockers by using the key. In the month that has elapsed since the announcement, we have studied the Clipper chip proposal as carefully as the available information permits. We conclude that such a proposal is at best premature and at worst will have a damaging effect on both business security and civil rights without making any improvement in law enforcement. To give you some idea of the importance of the issues this raises, I'd like to suggest that you think about what are the most essential security mechanisms in your daily life and work. I believe you will realize that the most important things any of you ever do by way of security have nothing to do with guards, fences, badges, or safes. Far and away the most important element of your security is that you recognize your family, your friends, and your colleagues. Probably second to that is that you sign your signature, which provides the people to whom you give letters, checks, or documents, with a way of proving to third parties that you have said or promised something. Finally you engage in private conversations, saying things to your loved ones, your friends, or your staff that you do not wish to be overheard by anyone else. These three mechanisms lean heavily on the physical: face to face contact between people or the exchange of written messages. At this moment in history, however, we are transferring our medium of social interaction from the physical to the electronic at a pace limited only by the development of our technology. Many of us spend half the day on the telephone talking to people we may visit in person at most a few times a year and the other half exchanging electronic mail with people we never meet in person. Communication security has traditionally been seen as an arcane security technology of real concern only to the military and perhaps the banks and oil companies. Viewed in light of the observations above, however, it is revealed as nothing less than the transplantation of fundamental social mechanisms from the world of face to face meetings and pen and ink communication into a world of electronic mail, video conferences, electronic funds transfers, electronic data interchange, and, in the not too distant future, digital money and electronic voting. No right of private conversation was enumerated in the constitution. I don't suppose it occurred to anyone at the time that it could be prevented. Now, however, we are on the verge of a world in which electronic communication is both so good and so inexpensive that intimate business and personal relationships will flourish between parties who can at most occasionally afford the luxury of traveling to visit each other. If we do not accept the right of these people to protect the privacy of their communication, we take a long step in the direction of a world in which privacy will belong only to the rich. The import of this is clear: The decisions we make about communication security today will determine the kind of society we live in tomorrow. The objective of the administration's proposal can be simply stated: They want to provide a high level of security to their friends, while being sure that the equipment cannot be used to prevent them from spying on their enemies. Within a command society like the military, a mechanism of this sort that allows soldiers' communications to be protected from the enemy, but not necessarily from the Inspector General, is an entirely natural objective. Its imposition on a free society, however, is quite another matter. Let us begin by examining the monitoring requirement and ask both whether it is essential to future law enforcement and what measures would be required to make it work as planned. Eavesdropping, as its name reminds us, is not a new phenomenon. But in spite of the fact that police and spies have been doing it for a long time, it has acquired a whole new dimension since the invention of the telegraph. Prior to electronic communication, it was a hit or miss affair. Postal services as we know them today are a fairly new phenomenon and messages were carried by a variety of couriers, travelers, and merchants. Sensitive messages in particular, did not necessarily go by standardized channels. Paul Revere, who is generally remembered for only one short ride, was the American Revolution's courier, traveling routinely from Boston to Philadelphia with his saddle bags full of political broadsides. Even when a letter was intercepted, opened, and read, there was no guarantee, despite some people's great skill with flaps and seals, that the victim would not notice the intrusion. The development of the telephone, telegraph, and radio have given the spies a systematic way of intercepting messages. The telephone provides a means of communication so effective and convenient that even people who are aware of the danger routinely put aside their caution and use it to convey sensitive information. Digital switching has helped eavesdroppers immensely in automating their activities and made it possible for them to do their listening a long way from the target with negligible chance of detection. Police work was not born with the invention of wiretapping and at present the significance of wiretaps as an investigative tool is quite limited. Even if their phone calls were perfectly secure, criminals would still be vulnerable to bugs in their offices, body wires on agents, betrayal by co-conspirators who saw a brighter future in cooperating with the police, and ordinary forensic inquiry. Moreover, cryptography, even without intentional back doors, will no more guarantee that a criminal's communications are secure than the Enigma guaranteed that German communications were secure in World War II. Traditionally, the richest source of success in communications intelligence is the ubiquity of busts: failures to use the equipment correctly. Even if the best cryptographic equipment we know how to build is available to them, criminal communications will only be secure to the degree that the criminals energetically pursue that goal. The question thus becomes, ``If criminals energetically pursue secure communications, will a government standard with a built in inspection port, stop them. It goes without saying that unless unapproved cryptography is outlawed, and probably even if it is, users bent on not having their communications read by the state will implement their own encryption. If this requires them to forgo a broad variety of approved products, it will be an expensive route taken only by the dedicated, but this sacrifice does not appear to be necessary. The law enforcement function of the Clipper system, as it has been described, is not difficult to bypass. Users who have faith in the secret Skipjack algorithm and merely want to protect themselves from compromise via the Law Enforcement Exploitation Field, need only encrypt that one item at the start of transmission. In many systems, this would require very small changes to supporting programs already present. This makes it likely that if Clipper chips become as freely available as has been suggested, many products will employ them in ways that defeat a major objective of the plan. What then is the alternative? In order to guarantee that the government can always read Clipper traffic when it feels the need, the construction of equipment will have to be carefully controlled to prevent non-conforming implementations. A major incentive that has been cited for industry to implement products using the new standard is that these will be required for communication with the government. If this strategy is successful, it is a club that few manufacturers will be able to resist. The program therefore threatens to bring communications manufacturers under an all encompassing regulatory regime. It is noteworthy that such a regime already exists to govern the manufacture of equipment designed to protect `unclassified but sensitive' government information, the application for which Clipper is to be mandated. The program, called the Type II Commercial COMSEC Endorsement Program, requires facility clearances, memoranda of agreement with NSA, and access to secret `Functional Security Requirements Specifications.' Under this program member companies submit designs to NSA and refine them in an iterative process before they are approved for manufacture. The rationale for this onerous procedure has always been, and with much justification, that even though these manufacturers build equipment around approved tamper resistant modules analogous to the Clipper chip, the equipment must be carefully vetted to assure that it provides adequate security. One requirement that would likely be imposed on conforming Clipper applications is that they offer no alternative or additional encryption mechanisms. Beyond the damaging effects that such regulation would have on innovation in the communications and computer industries, we must also consider the fact that the public cryptographic community has been the principal source of innovation in cryptography. Despite NSA's undocumented claim to have discovered public key cryptography, evidence suggests that, although they may have been aware of the mathematics, they entirely failed to understand the significance. The fact that public key is now widely used in government as well as commercial cryptographic equipment is a consequence of the public community being there to show the way. Farsightedness continues to characterize public research in cryptography, with steady progress toward acceptable schemes for digital money, electronic voting, distributed contract negotiation, and other elements of the computer mediated infrastructure of the future. Even in the absence of a draconian regulatory framework, the effect of a secret standard, available only in a tamper resistant chip, will be a profound increase in the prices of many computing devices. Cryptography is often embodied in microcode, mingled on chips with other functions, or implemented in dedicated, but standard, microprocessors at a tiny fraction of the tens of dollars per chip that Clipper is predicted to cost. What will be the effect of giving one or a small number of companies a monopoly on tamper resistant parts? Will there come a time, as occurred with DES, when NSA wants the standard changed even though industry still finds it adequate for many applications? If that occurs will industry have any recourse but to do what it is told? And who will pay for the conversion? One of the little noticed aspects of this proposal is the arrival of tamper resistant chips in the commercial arena. Is this tamper resistant part merely the precursor to many? Will the open competition to improve semiconductor computing that has characterized the past twenty-years give way to an era of trade secrecy? Is it perhaps tamper resistance technology rather than cryptography that should be regulated? Recent years have seen a succession of technological developments that diminish the privacy available to the individual. Cameras watch us in the stores, x-ray machines search us at the airport, magnetometers look to see that we are not stealing from the merchants, and databases record our actions and transactions. Among the gems of this invasion is the British Rafter technology that enables observers to determine what station a radio or TV is receiving. Except for the continuing but ineffectual controversy surrounding databases, these technologies flourish without so much as talk of regulation. Cryptography is perhaps alone in its promise to give us more privacy rather than less, but here we are told that we should forgo this technical benefit and accept a solution in which the government will retain the power to intercept our ever more valuable and intimate communications and will allow that power to be limited only by policy. In discussion of the FBI's Digital Telephony Proposal --- which would have required communication providers, at great expense to themselves, to build eavesdropping into their switches --- it was continually emphasized that wiretaps were an exceptional investigative measure only authorized when other measures had failed. Absent was any sense that were the country to make the proposed quarter billion dollar inventment in intercept equipment, courts could hardly fail to accept the police argument that a wiretap would save the people thousands of dollars over other options. As Don Cotter, at one time director of Sandia National Laboratories, said in respect to military strategy: ``Hardware makes policy.'' Law, technology, and economics are three central elements of society that must all be kept in harmony if freedom is to be secure. An essential element of that freedom is the right to privacy, a right that cannot be expected to stand against unremitting technological attack. Where technology has the capacity to support individual rights, we must enlist that support rather than rejecting it on the grounds that rights can be abused by criminals. If we put the desires of the police ahead of the rights of the citizens often enough, we will shortly find that we are living in police state. We must instead assure that the rights recognized by law are supported rather than undermined by technology. At NSA they believe in something they call `security in depth.' Their most valuable secret may lie encrypted on a tamper resistant chip, inside a safe, within a locked office, in a guarded building, surrounded by barbed wire, on a military base. I submit to you that the most valuable secret in the world is the secret of democracy; that technology and policy should go hand in hand in guarding that secret; that it must be protected by security in depth. Recommendations There is a crying need for improved security in American communication and computing equipment and the Administration is largely correct when it blames the problem on a lack of standards. One essential standard that is missing is a more secure conventional algorithm to replace DES, an area of cryptography in which NSA's expertise is probably second to none. I urge the committee to take what is good in the Administration's proposal and reject what is bad. \begdis o The Skipjack algorithm and every other aspect of this proposal should be made public, not only to expose them to public scrutiny but to guarantee that once made available as standards they will not be prematurely withdrawn. Configuration control techniques pioneered by the public community can be used to verify that some pieces of equipment conform to government standards stricter than the commercial where that is appropriate. o I likewise urge the committee to recognize that the right to private conversation must not be sacrificed as we move into a telecommunicated world and reject the Law Enforcement Exploitation Function and the draconian regulation that would necessarily come with it. o I further urge the committee to press the Administration to accept the need for a sound international security technology appropriate to the increasingly international character of the world's economy. From mnemonic at eff.org Sun May 16 22:01:01 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 16 May 93 22:01:01 PDT Subject: Washington Post story Message-ID: <199305170501.AA01977@eff.org> Look for a major story in the Washington Post about Clipper, Digital Telephony, and related matters. It will be coming any day now and should get major play. The reporters are John Schwartz and John Mintz. -Mike From poier at sfu.ca Sun May 16 22:37:55 1993 From: poier at sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Sun, 16 May 93 22:37:55 PDT Subject: Double encryption Message-ID: <9305170537.AA17406@malibu.sfu.ca> Hi. Being the security freak that I am, even with military grade encryption (for whatever THATS worth) I feel a little insecure, as most routines are, as far as I can tell, still succeptable to at the least brute force attacks. I was wondering: how to cracking programs determine that they have successfully decrypted a file? Does it simply look for english text (or file headers etc)? If so, how about double-encrypting a file with two completely different and very complex programs? Then, even if it did get the first, it couldn't tell because the resulting data would still be largely gobbledegook. Probably a stupid question, but I was curious. Skye -- "Thppt bwach oop ack" - Bill the Cat | -----====> Skye Merlin Poier <====----- PGP Public Key available on request | Undergrad in CMPT/MATH (Virtual Reality) !!!!!!! FIGHT CLIPPER / LEEF !!!!!!! | email: poier at sfu.ca From yerazunis at aidev.enet.dec.com Mon May 17 06:51:23 1993 From: yerazunis at aidev.enet.dec.com (Not MY universe! 17-May-1993 0927) Date: Mon, 17 May 93 06:51:23 PDT Subject: Double encryption Message-ID: <9305171347.AA19553@enet-gw.pa.dec.com> Skye asks (upon brute-force attacks): >If so, how about double-encrypting a file with two completely different and >very complex programs? Then, even if it did get the first, it couldn't tell >because the resulting data would still be largely gobbledegook. Maybe. The question is the same as the mathematical question "does the encryption algorithm form a group?". "Groupness" refers to whether two applications of an encryption can be collapsed (by some arbitrary key) into a single application of the same encryption. [or, for two differing encryptions, a single application of some algorithm either less complex than the sum of the two original encryptions, or using a key shorter than the two original keys...] For example, consider Caesar rotations. Here, the key is just a number from 0 to 26 and rot13 (rotation by 13, a->n, being the USENET standard for encrypting dirty jokes). We can "collapse" any pair of Caesar rotations into a new single rotation; it's just rotate for the sum of the two keys. So, Caesar rotations form a group, and it does no good to encrypt twice, because brute force needs to solve only one problem, not two, as combinatorics would suggest. But what about something more... interesting? Say, a Caesar rotation followed by a N-skipped version of the alphabet (for N=1, this is the identity alphabet, for N=2, the alphabet is "a,c,e,g,i,k,m,o,q,s,u,w, y,b,d,f,h,j,l,n,p,r,t,v,x,z", for N=3, it's "a,d,g,...".) Now, there's no possibility of collapsing the two encryptions into one operation; no Caesar rotation can give any of the N-skip alphabets (except the trivial case of N=0), and most pairings of Caesar rotations followed by skipping alphabets cannot be faked by either a Caesar rotation or a skip-alphabet alone. Thus, we can say that Caesar followed by N-skip "does not form a group" and so is as hard to crack by brute force as combinatorics suggest. Back in the early days of DES, it was not known if DES encryption followed by another DES encryption formed a group. That's why triple DES encryption was designed to use an intermediate DEcryption (not encryption) stage, so that even if double-DES-encryption formed a group, encryption/decryption/encryption would not (since it's possible to DES-encrypt any possible message stream, therefore some set of cyphertext bits corresponds to some possible plaintext, and that plaintext can be reencoded) and so it would not be possible to collapse the first two operations into a single DES encode, collapse the and the third into yet another single encode and thereby save much time for the brute force attack. However, it's now been proven that DES encode followed by DES encode does NOT form a group, and so it doesn't really matter any more. >Probably a stupid question, but I was curious. No, it's an *excellent* question. -Bill From hughes at soda.berkeley.edu Mon May 17 09:07:36 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 17 May 93 09:07:36 PDT Subject: Double encryption In-Reply-To: <9305171347.AA19553@enet-gw.pa.dec.com> Message-ID: <9305171604.AA28888@soda.berkeley.edu> Re: group properties of ciphers, speaking of E1 D2 E3 DES mode: >Back in the early days of DES, it was not known if DES encryption >followed by another DES encryption formed a group. That's why triple >DES encryption was designed to use an intermediate DEcryption (not encryption) That's not at all the reason. One of the properties of groups is that inverses exist. If an inverse existed to DES encryption, then to every encryption key K, there would correspond some unique other encryption key L, such that that encryption by L was the same as decryption by K. Thus if DES formed a group, mixing inverses would have no effect. The reason for the inverses is for backward compatibility. By setting all the keys equal to each other, its the same as a single DES. If you encrypt EEE, you can't get backward compatibility since no DES key yields the identity function. Eric From estheise at well.sf.ca.us Mon May 17 13:21:27 1993 From: estheise at well.sf.ca.us (Eric S Theise) Date: Mon, 17 May 93 13:21:27 PDT Subject: May Modern Times event Message-ID: <199305172021.AA03202@well.sf.ca.us> Thought some of you might be interested in Wednesday's Jacking In/Cyberspace Literacy event ... Jacking In: A Series on Cyberspace Literacy presents ONLINE COMMUNITIES AROUND THE BAY: THE INNS AND THEIR KEEPERS Every computer-based conferencing system lets its subscribers access relevant community information and discuss topics ranging from Apple Computers to zymurgy. While these systems are all based on the same conceptual model, each one evolves its own personality and community standards based on underlying software, management policies, and, ultimately, the subscribers it attracts. This installment of Jacking In will feature a talk about building and nourishment of online community, followed by community-conscious demonstrations of several San Francisco-based conferencing systems. In cyberspace, community is not geography. John Coate, "Building Online Community" Wayne Gregori, SF Net Alex Liberman, 101 Online Gail Ann Williams, The WELL Wednesday, May 19, 7:30 p.m. $3-$5 sliding scale Modern Times Bookstore 888 Valencia (19th/20th) San Francisco, CA 94110 (415) 282-9246 From hughes at soda.berkeley.edu Mon May 17 14:39:40 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 17 May 93 14:39:40 PDT Subject: NIST answers to RSADSI questions Message-ID: <9305172136.AA23367@soda.berkeley.edu> Date: Mon, 17 May 93 14:04:46 PDT From: jim at RSA.COM (Jim Bidzos) Subject: [ROBACK at ECF.NCSL.NIST.GOV: Answers to Your Questions] FYI. NIST has responded to my questions. Feel free to distribute. -Jim Date: Mon, 17 May 1993 16:44:28 -0400 (EDT) From: ROBACK at ECF.NCSL.NIST.GOV Subject: Answers to Your Questions To: jim at RSA.COM X-Vmsmail-To: SMTP%"jim at rsa.com" To: Mr. Jim Bidzos, RSA Data Security, Inc. From: Ed Roback, NIST Mr. Ray Kammer asked me to forward to you our answers to the questions you raised in your e-mail of 4/27. We've inserted our answers in your original message. ------------------------------------------------------ From: SMTP%"jim at RSA.COM" 27-APR-1993 03:13:12.75 To: clipper at csrc.ncsl.nist.gov CC: Subj: Clipper questions From hughes at soda.berkeley.edu Mon May 17 15:53:59 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 17 May 93 15:53:59 PDT Subject: No Subject Message-ID: <9305172250.AA01413@soda.berkeley.edu> Date: Mon, 17 May 93 14:04:46 PDT From: jim at RSA.COM (Jim Bidzos) Subject: [ROBACK at ECF.NCSL.NIST.GOV: Answers to Your Questions] FYI. NIST has responded to my questions. Feel free to distribute. -Jim Date: Mon, 17 May 1993 16:44:28 -0400 (EDT) From: ROBACK at ECF.NCSL.NIST.GOV Subject: Answers to Your Questions To: jim at RSA.COM X-Vmsmail-To: SMTP%"jim at rsa.com" To: Mr. Jim Bidzos, RSA Data Security, Inc. From: Ed Roback, NIST Mr. Ray Kammer asked me to forward to you our answers to the questions you raised in your e-mail of 4/27. We've inserted our answers in your original message. ------------------------------------------------------ From: SMTP%"jim at RSA.COM" 27-APR-1993 03:13:12.75 To: clipper at csrc.ncsl.nist.gov CC: Subj: Clipper questions From hughes at soda.berkeley.edu Mon May 17 16:20:46 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 17 May 93 16:20:46 PDT Subject: Third time's the charm Message-ID: <9305172317.AA05426@soda.berkeley.edu> OK. This time this should work. The previous file had some periods on lines by themselves; this was causing my sendmail overhere to think the end of transmission had arrived. Damn in-band signalling. Eric ----------------------------------------------------------------------------- Date: Mon, 17 May 93 14:04:46 PDT From: jim at RSA.COM (Jim Bidzos) Subject: [ROBACK at ECF.NCSL.NIST.GOV: Answers to Your Questions] FYI. NIST has responded to my questions. Feel free to distribute. -Jim Date: Mon, 17 May 1993 16:44:28 -0400 (EDT) From: ROBACK at ECF.NCSL.NIST.GOV Subject: Answers to Your Questions To: jim at RSA.COM X-Vmsmail-To: SMTP%"jim at rsa.com" To: Mr. Jim Bidzos, RSA Data Security, Inc. From: Ed Roback, NIST Mr. Ray Kammer asked me to forward to you our answers to the questions you raised in your e-mail of 4/27. We've inserted our answers in your original message. ------------------------------------------------------ From: SMTP%"jim at RSA.COM" 27-APR-1993 03:13:12.75 To: clipper at csrc.ncsl.nist.gov CC: Subj: Clipper questions Date: Tue, 27 Apr 93 00:11:50 PDT From: jim at RSA.COM (Jim Bidzos) Here are some questions about the Clipper program I would like to submit. Much has been said about Clipper and Capstone (the term Clipper will be used to describe both) recently. Essentially, Clipper is a government-sponsored tamper-resistant chip that employs a classified algorithm and a key escrow facility that allows law enforcement, with the cooperation of two other parties, to decipher Clipper-encrypted traffic. The stated purpose of the program is to offer telecommunications privacy to individuals, businesses, and government, while protecting the ability of law enforcement to conduct court-authorized wiretapping. The announcement said, among other things, that there is currently no plan to attempt to legislate Clipper as the only legal means to protect telecommunications. Many have speculated that Clipper, since it is only effective in achieving its stated objectives if everyone uses it, will be followed by legislative attempts to make it the only legal telecommunications protection allowed. This remains to be seen. >>>> NIST: There are no current plans to legislate the use of Clipper. Clipper will be a government standard, which can be - and likely will be - used voluntarily by the private sector. The option for legislation may be examined during the policy review ordered by the President. The proposal, taken at face value, still raises a number of serious questions. What is the smallest number of people who are in a position to compromise the security of the system? This would include people employed at a number of places such as Mikotronyx, VSLI, NSA, FBI, and at the trustee facilities. Is there an available study on the cost and security risks of the escrow process? >>>> NIST: It will not be possible for anyone from Mykotronx, VLSI, NIST, NSA, FBI (or any other non-escrow holder) to compromise the system. Under current plans, it would be necessary for three persons, one from each of the escrow trustees and one who knows the serial number of the Clipper Chip which is the subject of the court authorized electronic intercept by the outside law enforcement agency, to conspire in order to compromise escrowed keys. To prevent this, it is envisioned that every time a law enforcement agency is provided access to the escrowed keys there will be a record of same referencing the specific lawful intercept authorization (court order). Audits will be performed to assure strict compliance. This duplicates the protection afforded nuclear release codes. If additional escrow agents are added, one additional person from each would be required to compromise the system. NSA's analysis on the security risks of the escrow system is not available for public dissemination. How were the vendors participating in the program chosen? Was the process open? >>>> NIST: The services of the current chip vendors were obtained in accordance with U.S. Government rules for sole source procurement, based on unique capabilities they presented. Criteria for selecting additional sources will be forthcoming over the next few months. AT&T worked with the government on a voluntary basis to use the "Clipper Chip" in their Telephone Security Device. Any vendors of equipment who would like to use the chips in their equipment may do so, provided they meet proper government security requirements. A significant percentage of US companies are or have been the subject of an investigation by the FBI, IRS, SEC, EPA, FTC, and other government agencies. Since records are routinely subpoenaed, shouldn't these companies now assume that all their communications are likely compromised if they find themselves the subject of an investigation by a government agency? If not, why not? >>>> NIST: No. First of all, there is strict and limited use of subpoenaed material under the Federal Rules of Criminal Procedure and sanctions for violation. There has been no evidence to date of Governmental abuse of subpoenaed material, be it encrypted or not. Beyond this, other Federal criminal and civil statutes protect and restrict the disclosure of proprietary business information, trade secrets, etc. Finally, of all the Federal agencies cited, only the FBI has statutory authority to conduct authorized electronic surveillance. Electronic surveillance is conducted by the FBI only after a Federal judge agrees that there is probable cause indicating that a specific individual or individuals are using communications in furtherance of serious criminal activity and issues a court order to the FBI authorizing the interception of the communications. What companies or individuals in industry were consulted (as stated in the announcement) on this program prior to its announcement? (This question seeks to identify those who may have been involved at the policy level; certainly ATT, Mikotronyx and VLSI are part of industry, and surely they were involved in some way.) >>>> NIST: To the best of our knowledge: AT&T, Mykotronx, VLSI, and Motorola. Other firms were briefed on the project, but not "consulted," per se. Is there a study available that estimates the cost to the US government of the Clipper program? >>>> NIST: No studies have been conducted on a government-wide basis to estimate the costs of telecommunications security technologies. The needs for such protection are changing all the time. There are a number of companies that employ non-escrowed cryptography in their products today. These products range from secure voice, data, and fax to secure email, electronic forms, and software distribution, to name but a few. With over a million such products in use today, what does the Clipper program envision for the future of these products and the many corporations and individuals that have invested in and use them? Will the investment made by the vendors in encryption-enhanced products be protected? If so, how? Is it envisioned that they will add escrow features to their products or be asked to employ Clipper? >>>> NIST: Again, the Clipper Chip is a government standard which can be used voluntarily by those in the private sector. We also point out that the President's directive on "Public Encryption Management" stated: "In making this decision, I do not intend to prevent the private sector from developing, or the government from approving, other microcircuits or algorithms that are equally effective in assuring both privacy and a secure key-escrow system." You will have to consult directly with private firms as to whether they will add escrow features to their products. Since Clipper, as currently defined, cannot be implemented in software, what options are available to those who can benefit from cryptography in software? Was a study of the impact on these vendors or of the potential cost to the software industry conducted? (Much of the use of cryptography by software companies, particularly those in the entertainment industry, is for the protection of their intellectual property.) >>>> NIST: You are correct that, currently, Clipper Chip functionality can only be implemented in hardware. We are not aware of a solution to allow lawfully authorized government access when the key escrow features and encryption algorithm are implemented in software. We would welcome the participation of the software industry in a cooperative effort to meet this technical challenge. Existing software encryption use can, of course, continue. Banking and finance (as well as general commerce) are truly global today. Most European financial institutions use technology described in standards such as ISO 9796. Many innovative new financial products and services will employ the reversible cryptography described in these standards. Clipper does not comply with these standards. Will US financial institutions be able to export Clipper? If so, will their overseas customers find Clipper acceptable? Was a study of the potential impact of Clipper on US competitiveness conducted? If so, is it available? If not, why not? >>>> NIST: Consistent with current export regulations applied to the export of the DES, we expect U.S. financial institutions will be able to export the Clipper Chip on a case by case basis for their use. It is probably too early to ascertain how desirable their overseas customers will find the Clipper Chip. No formal study of the impact of the Clipper Chip has been conducted since it was, until recently, a classified technology; however, we are well aware of the threats from economic espionage from foreign firms and governments and we are making the Clipper Chip available to provide excellent protection against these threats. As noted below, we would be interested in such input from potential users and others affected by the announcement. Use of other encryption techniques and standards, including ISO 9796 and the ISO 8730 series, by non-U.S. Government entities (such as European financial institutions) is expected to continue. I realize they are probably still trying to assess the impact of Clipper, but it would be interesting to hear from some major US financial institutions on this issue. >>>> NIST: We too would be interested in hearing any reaction from these institutions, particularly if such input can be received by the end of May, to be used in the Presidentially-directed review of government cryptographic policy. Did the administration ask these questions (and get acceptable answers) before supporting this program? If so, can they share the answers with us? If not, can we seek answers before the program is launched? >>>> NIST: These and many, many others were discussed during the development of the Clipper Chip key escrow technology and the decisions-making process. The decisions reflect those discussions and offer a balance among the various needs of corporations and citizens for improved security and privacy and of the law enforcement community for continued legal access to the communications of criminals. From poier at sfu.ca Mon May 17 18:24:11 1993 From: poier at sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Mon, 17 May 93 18:24:11 PDT Subject: The Clipper (clip on clip off ) Message-ID: <9305180123.AA12170@malibu.sfu.ca> One question regarding the proposed Clipper chip: What exactly is the key escrow facility? From what I can tell, it seems to be the bit that allows the LEEF... Skye -- "Thppt bwach oop ack" - Bill the Cat | -----====> Skye Merlin Poier <====----- PGP Public Key available on request | Undergrad in CMPT/MATH (Virtual Reality) From ld231782 at longs.lance.colostate.edu Mon May 17 21:09:09 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Mon, 17 May 93 21:09:09 PDT Subject: I'M GOING CRAZY! FWEE! Message-ID: <9305180408.AA15369@longs.lance.colostate.edu> RECIPE FOR INSANITY =================== I'm extremely FRUSTRATED and DEJECTED on the progress the `whistleblowing newsgroup' has undergone as a cypherpunk pet-project: pathetically negligible and STYMIED, from my point of view. It has been many weeks since a rowdy, visionary, and consistently irritating cypherpunk first proposed it and immediate ringing endorsements came from eminent and venerable members of the list, e.g. T.C. May. It has generated quite a bit of traffic and ideas on the list. In spirit and intent is probably as central to the cypherpunk cause, as, say, PGP. WHERE'S THE GROUP? ================== I swear I am going to go INSANE waiting for some patriotic cyberpunk with a smidgeon of skill, courage, impatience, knowledge, and access to send out a NEW GROUP command for alt.whistleblower! Did I miss it? Where the heck is it? Please, I IMPLORE SOMEONE to PUT ME OUT OF MY MISERY! FIRE NOW! Damn, we have the stench of alt.fan.dick-depew wafting as easily as most mortal people create directories! PLEASE, I swear whoever gets alt.whistleblower gets to be in my personal historical all-time CYPHERPUNK HALL OF FAME and have my everlasting gratitude! Never before in the history of Usenet has something so trivial thwarted so many for so long! Sheesh, I thought it would be SIMPLE for someone to effect SOMETHING to happen in this area. I thought I wouldn't have to slave away entirely personally in going through the RFD and voting process, if even that was necessary! For once I thought this would be a project that every cypherpunk could bite off a piece somewhere, and that some COLLECTIVE MOMENTUM could be established! I thought this could happen faster than the speed of electricity. Instead it is happening slower than the SPEED OF BUREACRACY. Am I starting to sound enough like a CRACKPOT YET? well I really hope so. I think I am going to break down and cry. Please, someone, have some humanity in you, and PULL THE TRIGGER. Are we waiting for a triplicate directive from Clinton, or the NSA, or what?! Do we have to make sure every vacillating cypherpunk likes the idea or every last senator is personally prepared with their Official WhistleBlower Kit and Decoder Ring? Who cares what anyone thinks! JUST DO IT! BOILING A TOAD? =============== Gad, it is such a g*dawful tragedy this simple take-out-the-trash chore has not been done yet. Look, I don't know about the authenticity of the recent Mycotronx postings, they make me SHUDDER! They are PERFECT AMMUNITION (whether true or not) for getting some MAJOR HEAT on the maintainers of this fragile mailing list! Does anyone have any idea how paranoid and POWERFUL the NSA is? Do you think that they just shrug their shoulders and say `oh well' when confidential information sneaks out? Do you know what kind of unpleasantness a wounded bureacrat can summon? Multiply that uncountably many times and you have a tiny facet of the decimating wrath of a betrayed horde of spies sanctioned by a vast government! Gad, this could all have been ENTIRELY AVOIDED if they were posted to a newsgroup! As I've pointed out, the critical *resilient* aspect there is that a newsgroup is *distributed* -- post from anywhere, spreads everywhere like a virus, how can a sinister federal agency clamp down on a cloud? It can't! On the other hand, if anyone decided to clamp down on toad.com, after a certain amount -- certainly a great deal but definitely a lot less than that required to shutdown Usenet -- it would CROAK! PARANOID DELUSIONS ================== Yes, I really am going insane. Clark Reynard posted a few weeks ago he was starting the RFD for soc.whistleblowers. In my silly naivete I thought enough cypherpunks would drop by to make it a landslide, and that I'd mosey on over after hearing about all the excitement. Review the debate, balance the points, post something fiery and visionary and inspiring, sit back and watch the fireworks. Finally, I thought, someone who knew what they were doing could get this silly thing HAPPENING. Someone could be a LEADER and take RESPONSIBILITY. Someone could give some DIRECTION to the pervasive cypherpunk malaise, stalemate, and bickering. Someone who was forging AHEAD irrespective of counterproductive and sabotaging griping. What the heck happened? Did anything happen? This is not only dead without a bang, it is dead without a whimper! Mr. Reynard posts on Tue May 4: >Based on the responses of a few cypherpunk members, >I have decided not to post a second RFD for soc.whistleblowers >unless I receive a significant amount of email requesting >that I do so. Nor will I post a CFV. My sanity is teetering precipitously. Who were these cypherpunk `members'? Mr. Reynard refuses to identify `them' to me in email. He says that someone has asked him NOT to personally start the whistleblower group! and that this person deserves his trust because of his reputed contributions to the cypherpunk cause! Gee, I asked, who could this be that would ask to HALT PROGRESS for some vague, nebulous, unspecified reason that even Mr. Reynard was not aware of? Look, I would have gladly saved all this bilge for private email, but I DON'T KNOW WHO TO TALK TO! Supposedly this person, for some unfathomable reason, specifically told Mr. Reynard NOT to reveal his identity! I will not quote email, but Mr. Reynard kindly sympathizes with my frenzy, but still refuses to tell me anything informative! So ever since May 4 and trading several barren and excruciatingly exasperating missives with Mr. Reynard, I am BOILING OVER! This mystery person is supposedly going to post something on the whistleblower project, acc. to Mr. Reynard, Real Soon Now to the list that will absolutely dazzle everyone with its magnificent splendor. Well, WHERE IS IT? (Note to the clueless: *this* is certainly not IT!) MUSHROOMS AND PUDDING ===================== I find it OUTRAGEOUS the weaselly and underhanded way this mystery individual, apparently wholly intentionally, has TOTALLY STYMIED and THWARTED the SOLE cypherpunk progress in this area. Cypherpunks, do you feel like trampled mushrooms yet? well I DO. Not only that, Mr. Reynard wrote cryptically: >While I find the imputation that I ought to be executed as >an Enemy of the People both offensive and absurd, it seems >that I could be acting retrogressively, though no sane reason >why I am doing so has been presented to me. who is it that levelled these atrocious, filthy accusations? Mr. Reynard took it upon himself to do a PUBLIC SERVICE. Who is it that suggested that it was anything but valiant heroism? Speak, I demand it! Reveal yourself! From whence comes this treasonous, traitorous slime? Where is the DOUBLE AGENT in our midst? >I will allow others to continue their efforts, >and would be pleased to help in whatever manner I can, but do >not wish to foment further splintering of what is already a >divided group. Please Mr. Reynard, isn't it clear that the cypherpunks will forever have more splinters than a shredded beam? Who CARES what anybody else thinks! Isn't there any SCRAP of INTRINSIC MERIT in this project? Is `cypherpunks' just the brand name for MUSHY GUTLESS SPINELESS PUDDING? Look, if somebody is doing a lot to get the whistleblower group going, I PRAISE AND COMMEND YOU. But so far I see ABSOLUTELY NO SIGNS anything is happening! After weeks of hypothetical hyperventilating, we have nothing but a DEAD CORPSE! In this fragile and critical period, I would rather make a fool of myself shouting than be silent as it LANGUISHES INTO OBLIVION. >If interest warrants, or opinion seems different than what >I understand it to be, I reserve the right to change my mind. INTEREST WARRANTS! CHANGE YOUR MIND! If not you, then SOMEBODY! If not now, then IMMEDIATELY! CAVEAT ====== Ok, so others on the list will find my rantings most unpalatable and tell me so in email and on the list, perhaps even humiliating me with epithets and personal attacks, despite that, while bordering precariously, this note is free of them. I DON'T CARE! I'm a desperate man! This thing is just too IMPORTANT for me to care about STEPPING ON SOME TOES or BLOODYING MY NOSE. It is the first feeble step toward a kingdom of Electronic Democracy, and we are just tripping and falling over each other like drunken legislators! Yes, some will say `what are you doing about it personally?' I am WAITING FOR THE GROUP TO BE CREATED so a tentative FAQ CAN BE POSTED THERE! (FAQs do not arise in vacuums, they are forged from posting and feedback! I speak from experience!) No, my worthless, prejudiced, personal FAQ for whistleblowers is NOT WRITTEN, because right now, for strange and mysterious reasons I will leave to the reader to prophesize, to do so currently would SCANDALOUS WASTE OF MY TIME! 'scuze me while I go get some water, i'm getting hoarse... From kelly at pleiku.netcom.com Mon May 17 21:30:26 1993 From: kelly at pleiku.netcom.com (kelly at pleiku.netcom.com) Date: Mon, 17 May 93 21:30:26 PDT Subject: No Subject Message-ID: <9305180430.AA29328@toad.com> >From kelly Mon May 03 06:15:02 0700 1993 remote from pleiku To: netcomsv.netcom.com!biocad.com!valerie cc: toad.com!cypherpunks, kelly Subject: Re: [comp.society.privacy fwd] Wiretaps without warrants In-reply-to: Your message of "Sun, 02 May 1993 18:15:00 PDT." <9305030115.AA24068 at valis.biocad.com> Priority: urgent Date: Mon, 03 May 1993 06:15:02 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Mon, 3 May 1993 06:15 PDT Content-Type: text Content-Length: 1107 Well I read it also and I couldnt believe my eyes... we have to get working rather than talking it seems... cheers kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly at netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From kelly at pleiku.netcom.com Mon May 17 21:30:44 1993 From: kelly at pleiku.netcom.com (kelly at pleiku.netcom.com) Date: Mon, 17 May 93 21:30:44 PDT Subject: No Subject Message-ID: <9305180430.AA29334@toad.com> >From kelly Mon May 03 06:24:09 0700 1993 remote from pleiku To: toad.com!cypherpunks Subject: Date: Mon, 03 May 1993 06:24:09 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Mon, 3 May 1993 06:24 PDT Content-Type: text Content-Length: 3949 I thought this my be interesting to those designing encrypted phones... cheers kelly ------- Forwarded Message Return-Path: Received: by netcom.netcom.com (5.65/SMI-4.1/Netcom) id AA21283; Sun, 2 May 93 10:25:08 -0700 Date: Sun, 2 May 93 10:25:08 -0700 From: kelly (Kelly Goen) Message-Id: <9305021725.AA21283 at netcom.netcom.com> To: junem, kelly, phil Subject: quaderno Speech capabilities Status: R Path: netcom.com!csus.edu!news.ucdavis.edu!agate!howland.reston.ans.net!usc!cs.utexas.edu!uunet!psgrain!ee.und.ac.za!csir.co.za!nuustak!duck From: duck at nuustak.csir.co.za (Paul Ducklin) Newsgroups: comp.sys.palmtops Subject: Re: Quaderno speech hardware Date: 22 Apr 1993 10:01:03 +0200 Organization: CSIR, South AFrica Lines: 54 Message-ID: References: <1993Apr20.213938.26184 at Princeton.EDU> NNTP-Posting-Host: nuustak.csir.co.za X-Disclaimer: None of the opions expressed herein are the official X-Disclaimer: opinions of the CSIR or any of its subsidiaries. X-Disclaimer: ** So don't freak out at _us_ about anything ** Thus spake mg at cs.princeton.edu (Michael Golan): [stuff about the Quaderno's sound digitising capability] >Can the mic/speaker be accessed from software to produce 8-12bit digital >sound? If so, and assuming a 9600bps modem is available (is it?), the >machine is an excellent candidate for a truly secure phone The speech DSP hardware is quite fancy -- you can download your own vocoder program, if you have the right DSP code development tools, to implement things like DTMF-recognition. Or you can select one of the built-in vocoders, which provide various levels of compression. The speech program which comes with the Quaderno is just a TSR which hooks to the speech hardware, and which writes digitised sound to a file. No reason why you couldn't write your own speech program which grabs digitsed blocks from the DSP [you can give the BIOS the address of a routine to be called when the DSP is ready to deliver] and stuffs them wheresoever you desire -- such as into the serial port. On the other end, you have a DSP "play" program -- once again, you can give the system the address of a routine to be called whenever the DSP is ready to analogise [?] the next block of bits. I can't remember, though, what bit-rates are available with the built-in vocoders. If people are interested, I'll look it up when I get home this evening [or Don Herrick -- are you there?]. Ah yes -- just remembered that one of the vocoders churns out 13Kbit/sec with *very* acceptable quality [for voice -- music sounds like a heap o' crap when pushed through this particular vocoder]. So this could be stuffed into a regular V.32bis modem and transmitted fast enough to give real-time speech. With its 16MHz V30 CPU, the Quaderno should be more than ready for the task of real-time encryption in software. If my memory serves me, there's also a built-in vocoder which compresses to 2400bits/sec [!] -- the speech program which ships with the Quaderno, however, doesn't offer this as an option, so I've yet to try it. Probably pretty damn bad, though. Another thought -- the Quaderno's DSP will record and play at the same time, and V.32bis is full-duplex. So full-duplex conversations on the above scheme are quite possible. Could be fun -- how to turn a good 3KHz analogue voice line into a fair 13Kbit digital voice line! And, as mentioned recently in alt.security, you can also use the speech digitiser for acquiring data with a high degree of randomness, which you then encrypt with a part of itself to produce data which is "truly" random. Paul /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ \ Paul Ducklin duck at nuustak.csir.co.za / / CSIR Computer Virus Lab + Box 395 + Pretoria + 0001 S Africa \ \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ ------- End of Forwarded Message From kelly at pleiku.netcom.com Mon May 17 21:31:02 1993 From: kelly at pleiku.netcom.com (kelly at pleiku.netcom.com) Date: Mon, 17 May 93 21:31:02 PDT Subject: No Subject Message-ID: <9305180430.AA29340@toad.com> >From kelly Mon May 17 21:31:11 0700 1993 remote from pleiku To: netcoms!longs.lance.colostate.edu!ld231782 cc: toad.com!cypherpunks Subject: Re: I'M GOING CRAZY! FWEE! In-reply-to: Your message of "Mon, 17 May 1993 22:07:22 MDT." <9305180408.AA15369 at longs.lance.colostate.edu> Priority: urgent Date: Mon, 17 May 1993 21:31:11 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Mon, 17 May 1993 21:31 PDT Content-Type: text Content-Length: 1375 OK So I am extremely irritating... :)(I sincerely hope I am the biggest BURR under the saddle the government has had in a long time) I too am disappointed... it had been my understanding that julf was going to newgroup alt.whistleblowers... no action on that front... I will be bringing up C-news this week and I will see about it after that... you shouldnt have to wait too long... cheers kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly at netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From trimm at netcom.com Mon May 17 22:07:27 1993 From: trimm at netcom.com (Trimm Industries) Date: Mon, 17 May 93 22:07:27 PDT Subject: mykotronx Message-ID: <9305180507.AA16085@netcom.netcom.com> Howdy. I was the "anonymous" poster of the Mykotronx information. It is genuine, for samples I can fax you parts of it, or snail mail or whatever. Or, simply call me: Gary Watson Engineer Trimm Industries (800) 423-2024 trimm at netcom.com I am in the process of piecing together the Selectric ribbon that the executive secretary of Mykotronx carelessly threw into the routine office trash. I'm cutting into 8" strips and taping it to white paper, but this is a tedious process, and it may be after my Atlanta Comdex trip before I post on it again. See ya, GW (thanks for the confidentiality) -- From ld231782 at longs.lance.colostate.edu Mon May 17 22:55:28 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Mon, 17 May 93 22:55:28 PDT Subject: a valuable spy... In-Reply-To: <9305180507.AA16085@netcom.netcom.com> Message-ID: <9305180555.AA16744@longs.lance.colostate.edu> [G. Watson] >I was the "anonymous" poster of the Mykotronx information. >I am in the process of piecing together the Selectric ribbon >that the executive secretary of Mykotronx carelessly threw into >the routine office trash. [PALE CRINGE] Mr. Watson, I commend you for your efforts but you make an atrocious spy! By revealing your source so carelessly and readily you have jeopardized the possibility of any future, even more significant discoveries from the same outlet! You could have still gotten the information without revealing it, and it was so littered, laced, and inundated with facts and data that it could have *easily* been verified by outside means. I think the damage has been done, but cypherpunks -- maybe some attempt should be made to prevent the spread of those postings, or at least preserve Mr. Watson's confidentiality. But I think it is a lost cause. It is very likely that NSA agents subscribe directly to this list. Oh, oh, oh, I'm going to cry. Q. How many cypherpunks does it take to change a light bulb? A. They can't. Haven't figured out how yet. From poier at sfu.ca Mon May 17 23:15:50 1993 From: poier at sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Mon, 17 May 93 23:15:50 PDT Subject: Request for requests Message-ID: <9305180615.AA20183@malibu.sfu.ca> Hi. Please email me (or post directly) as to any companies in the Vancouver/Seattle area doing encryption research for any governmental agency. I wish to keep tabs on such companies, and I'd be more than willing to share any findings. Feyd Eli -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca o-OO <--> OO-o THINK PGP Public Key available on request \== ==/ From karn at qualcomm.com Tue May 18 00:11:16 1993 From: karn at qualcomm.com (Phil Karn) Date: Tue, 18 May 93 00:11:16 PDT Subject: a valuable spy... Message-ID: <9305180711.AA03652@servo> The note from Watson could well be a decoy to draw the NSA off the track of the *real* spy... :-) Phil From miron at extropia.wimsey.com Tue May 18 00:49:17 1993 From: miron at extropia.wimsey.com (Miron Cuperman) Date: Tue, 18 May 93 00:49:17 PDT Subject: NIST answers to RSADSI questions In-Reply-To: <9305172317.AA05426@soda.berkeley.edu> Message-ID: <1993May18.072613.18907@extropia.wimsey.bc.ca> >From the wording of NIST's response, is seems to me that they intend to outlaw all non-escrow encryption schemes. -- Miron Cuperman | NeXTmail/Mime ok Unix/C++/DSP, consulting/contracting | Public key avail AMIX: MCuperman | Laissez faire, laissez passer. Le monde va de lui meme. From poier at sfu.ca Tue May 18 02:12:15 1993 From: poier at sfu.ca (na-Baron Feyd-Rautha Harkonnen) Date: Tue, 18 May 93 02:12:15 PDT Subject: Question Message-ID: <9305180912.AA23491@malibu.sfu.ca> Hi... What does GCHQ stand for, and what does it do? Is it similar to the NSA? Feyd Eli -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From ggoebel at sun1.ruf.uni-freiburg.de Tue May 18 03:53:48 1993 From: ggoebel at sun1.ruf.uni-freiburg.de (Garrett Goebel) Date: Tue, 18 May 93 03:53:48 PDT Subject: mykotronx Message-ID: <9305181053.AA23420@sun1.ruf.uni-freiburg.de> Hi, I was also the "anonymous" poster of the Mykotronx information :) ^^^^ It is genuine. Don't ask me how I did it. It's a secret. Besides, you probably wouldn't believe me anyways :( See ya, Garrett (thanks for the confidentiality) -- C. Garrett Goebel From elee9sf at Menudo.UH.EDU Tue May 18 05:44:39 1993 From: elee9sf at Menudo.UH.EDU (elee9sf at Menudo.UH.EDU) Date: Tue, 18 May 93 05:44:39 PDT Subject: Question In-Reply-To: <9305180912.AA23491@malibu.sfu.ca> Message-ID: <199305181244.AA04972@Menudo.UH.EDU> > > What does GCHQ stand for, and what does it do? Is it similar to the NSA? > > Feyd Eli Government Communications HQ or something like that. It is similar to the NSA. Rumor has it that each agency taps the other's domestic calls, so both may truthfully say that they don't engage in domestic survellience... I beleive the U.K. still denies the existence of the GCHQ, despite there being a large building with satellite dishes and antennas all over it in Cheltenham (?). I read that a government minister said in response to a statement made by a former GCHQ chief that he worked at the "GCHQ" that this didn't necessarily mean that GCHQ existed before his tenure, nor does it imply the GCHQ existed after he left... (This from the book _SpyCatcher_?) /-----------------------------------\ | Karl L. Barrus | | elee9sf at menudo.uh.edu | <- preferred address | barrus at tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From habs at Panix.Com Tue May 18 05:53:40 1993 From: habs at Panix.Com (Harry Shapiro) Date: Tue, 18 May 93 05:53:40 PDT Subject: This is "telling" Message-ID: <199305181253.AA10326@sun.Panix.Com> The answer to this question is "telling." Escrow or no encryption!!! /harry From: jim at RSA.COM (Jim Bidzos) FYI. NIST has responded to my questions. Feel free to distribute. There are a number of companies that employ non-escrowed cryptography in their products today. These products range from secure voice, data, and fax to secure email, electronic forms, and software distribution, to name but a few. With over a million such products in use today, what does the Clipper program envision for the future of these products and the many corporations and individuals that have invested in and use them? Will the investment made by the vendors in encryption-enhanced products be protected? If so, how? Is it envisioned that they will add escrow features to their products or be asked to employ Clipper? >>>> NIST: Again, the Clipper Chip is a government standard which can be used voluntarily by those in the private sector. We also point out that the President's directive on "Public Encryption Management" stated: "In making this decision, I do not intend to prevent the private sector from developing, or the government from approving, other microcircuits or algorithms that are equally effective in assuring both privacy and a secure key-escrow system." You will have to consult directly with private firms as to whether they will add escrow features to their products. Since Clipper, as currently defined, cannot be implemented in software, what options are available to those who can benefit from cryptography in software? Was a study of the impact on these vendors or of the potential cost to the software industry conducted? (Much of the use of cryptography by software companies, particularly those in the entertainment industry, is for the protection of their intellectual property.) >>>> NIST: You are correct that, currently, Clipper Chip functionality can only be implemented in hardware. We are not aware of a solution to allow lawfully authorized government access when the key escrow features and encryption algorithm are implemented in software. We would welcome the participation of the software industry in a cooperative effort to meet this technical challenge. Existing software encryption use can, of course, continue. Banking and finance (as well as general commerce) are truly global today. Most European financial institutions use technology described in standards such as ISO 9796. Many innovative new financial products and services will employ the reversible cryptography described in these standards. Clipper does not comply with these standards. Will US financial institutions be able to export Clipper? If so, will their overseas customers find Clipper acceptable? Was a study of the potential impact of Clipper on US competitiveness conducted? If so, is it available? If not, why not? >>>> NIST: Consistent with current export regulations applied to the export of the DES, we expect U.S. financial institutions will be able to export the Clipper Chip on a case by case basis for their use. It is probably too early to ascertain how desirable their overseas customers will find the Clipper Chip. No formal study of the impact of the Clipper Chip has been conducted since it was, until recently, a classified technology; however, we are well aware of the threats from economic espionage from foreign firms and governments and we are making the Clipper Chip available to provide excellent protection against these threats. As noted below, we would be interested in such input from potential users and others affected by the announcement. Use of other encryption techniques and standards, including ISO 9796 and the ISO 8730 series, by non-U.S. Government entities (such as European financial institutions) is expected to continue. I realize they are probably still trying to assess the impact of Clipper, but it would be interesting to hear from some major US financial institutions on this issue. >>>> NIST: We too would be interested in hearing any reaction from these institutions, particularly if such input can be received by the end of May, to be used in the Presidentially-directed review of government cryptographic policy. Did the administration ask these questions (and get acceptable answers) before supporting this program? If so, can they share the answers with us? If not, can we seek answers before the program is launched? >>>> NIST: These and many, many others were discussed during the development of the Clipper Chip key escrow technology and the decisions-making process. The decisions reflect those discussions and offer a balance among the various needs of corporations and citizens for improved security and privacy and of the law enforcement community for continued legal access to the communications of criminals. -- Harry Shapiro habs at panix.com List Administrator of the Extropy Institute Mailing List Private Communication for the Extropian Community since 1991 From fergp at sytex.com Tue May 18 06:45:15 1993 From: fergp at sytex.com (Paul Ferguson) Date: Tue, 18 May 93 06:45:15 PDT Subject: Mykotoxic anon post Message-ID: I was the on who posted the Mykotoxin anonymously to the group. It was genuine, bona fide, inspected and rejected. Don't ask me how I did it. It's a secret. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp at sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From AOLCHTNN at vax1.tcd.ie Tue May 18 06:51:32 1993 From: AOLCHTNN at vax1.tcd.ie (AOLCHTNN at vax1.tcd.ie) Date: Tue, 18 May 93 06:51:32 PDT Subject: GCHQ in the UK Message-ID: <01GYBP23B51G0026OX@vax1.tcd.ie> Can someone tell me whether what I've heard about GCHQ in the UK?? A lot of books and magazines of fairly serious political content have alleged that GCHQ taps _all_ Irish telephone calls and screens them electronically for "keywords", to find the interesting conversations. (The IRA is alleged to have something similar, although not quite so sophisticated) What I want to know is whether digital voice-recognition monitoring on such a scale is really possible? Thanx in advance Antoin O Lachtnain, Trinity College Dublin. PS Iis there anyone in the UK or Ireland who'd be willing to send me a copy of PGP 2.2, if I send them a couple o' blank disks? AOL From wixer!wixer.bga.com!pacoid at cactus.org Tue May 18 07:43:27 1993 From: wixer!wixer.bga.com!pacoid at cactus.org (Paco Xander Nathan) Date: Tue, 18 May 93 07:43:27 PDT Subject: Publications In-Reply-To: <9305121958.AA14189@usma8.usma.edu> Message-ID: <9305170042.AA15814@wixer> "Sent from the cyberdeck of: Gatlin Anthony CDT" > Greetings fellow crypto warriors, > I am attempting to locate several publications to see if they are still > in existence and where I might them or archives of previous issues. The > publications I am interested in are TAP, NIA, AOTD, NARC, etc. If anyone > knows where I might be able to obtain these or similar publications, please > let me know. Also, does anyone know where any "interesting" ftp sites which > carry files or other data related to these type publications? > > Thanks, > > Anthony J. Gatlin |-------------------------------------| > Cadet Private, Co. G-2 |PGP Public Key available on request. | > United States Military Academy |-------------------------------------| Geez, this is great.. I was a cadet in F-2 company, but I forget which company Leary was in - glad to see our subversion has taken hold in all the old bastions!! paco xander nathan From gnu at cygnus.com Tue May 18 08:30:12 1993 From: gnu at cygnus.com (gnu at cygnus.com) Date: Tue, 18 May 93 08:30:12 PDT Subject: Ethernet 20th birthday retrospective at Sun Message-ID: <9305181530.AA00245@cygnus.com> This is slightly off-topic, but seeing the history of an important networking technology may be interesting for Bay Area cypherpunks. Apologies to the rest of the list. John * please forward this announcement within the Bay area * * and post to any appropriate internal aliases * Bay Area Computer History Perspectives "Ethernet 20th Birthday---Early History of the Ethernet" A panel discussion with David Boggs, Ron Crane, Robert Metcalfe, and John Shoch 5:30 PM, Tuesday, May 25 Stanford Room Sun Microsystems Bldg. 6 2750 Coast Ave. Mt. View May 22, 1973, was the birthday of the Ethernet. On that date, Bob Metcalfe used the word Ethernet in a memo to describe a project previously known as the Alto Aloha net. And Ethernet has been a major part of Local Area Networks ever since. In this panel discussion, four of the most influential individuals in the history of Ethernet will come together again, to look back at the situation and events of 20 years ago. Among other possible topics: - What were the initial goals? How did they change over time? - What were Ethernet's main competitors in 1973? Why didn't they succeed? - Why was the intial data transfer rate fixed at exactly 2.94 Mbit/sec? How did it eventually get set at 10 Mbit/sec? - How did Intel and DEC get involved? - How did Ethernet become a standard? Where there any compromises? - And a glimpse at the future of Ethernet today Topics such as these can suggest some of the value of learning from history. The lessons can be useful right now, today, and also in the future. After you take a look back into the past of the computer industry, you may look at your own work differently the very next day. Bay Area Computer History Perspectives is a series of programs organised by Peter Nurkse and Jeanie Treichel, of Sun Microsystems, to explore and record our local Bay area computer history. Programs are videotaped for the archives of The Computer Museum in Boston, which maintains collections on the history of the international computer industry. This program is open to the public and free of charge. Copies of the new ACM History of Electronic Computing poster, a full color timeline 5.5 feet long, will be available at the cost price of two dollars (cash only). After a summer break, the next program in this series will be on the ERMA project at Bank of America, on Sept. 28 (ERMA may have been the first major Bay area contribution to the history of computing). Suggestions for further programs are welcome, and can be faxed to Jeanie Treichel at 415/691-0756, or e-mailed to nurkse at eng.sun.com. If you are willing to appear on a panel, or can contact someone whom you suggest be included, that additional information would be very helpful. Directions to Sun Building 6 in Mt. View: take San Antonio Road North exit from highway 101 in Mt. View. Go a block past the traffic lights at the intersection, and then - turn right on Casey Ave. - go one block on Casey Ave., then turn right again on Marine Way - go one block on Marine Way, then turn left on Coast Ave. - go down to the end of Coast Ave., and Building 6 is on your right From marc at GZA.COM Tue May 18 10:12:07 1993 From: marc at GZA.COM (Marc Horowitz) Date: Tue, 18 May 93 10:12:07 PDT Subject: a valuable spy... In-Reply-To: <9305180711.AA03652@servo> Message-ID: <9305181711.AA01156@dun-dun-noodles.aktis.com> >> The note from Watson could well be a decoy to draw the NSA off the track >> of the *real* spy... :-) Or, it could be from the NSA, trying to collect names and numbers of people who are interested in insider information on Mykotronx. :-( Marc P.S. We could probably escalate paranoia indefinitely here.... P.P.S. Because they are attractive targets, it is illegal to disclose the identities and home addresses of intelligence agents, which is what "Mr. Watson" did. It is not illegal to possess this information, however. (This is what I am told by an ex-NSA employee.) From julf at penet.FI Tue May 18 10:14:16 1993 From: julf at penet.FI (Johan Helsingius) Date: Tue, 18 May 93 10:14:16 PDT Subject: In-Reply-To: <9305180430.AA29340@toad.com> Message-ID: <9305182001.aa07917@penet.penet.FI> > it had been my understanding > that julf was going to newgroup alt.whistleblowers... Er... I definitely remember somebody else announcing he was going to create it... Anon.penet.fi (and especially MK II alias penet.anon.com) will definitely support it. Julf From 72114.1712 at CompuServe.COM Tue May 18 12:42:45 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Tue, 18 May 93 12:42:45 PDT Subject: CALLER ID? Message-ID: <930518193336_72114.1712_FHF64-1@CompuServe.COM> _________________________________________________________________ SANDY SANDFORT ssandfort at attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Punksters! I think some of you are seriously missing the point about the ANI capture of telephone numbers on calls made to 800 numbers. Yes, yes, yes, we are all smart cookies on this list. We can avoid having ANI capture our number if we want to. SO WHAT? The insidious thing about the use of ANI is that the *general public* has no idea it exists. And this is because of the of lack of candor on the part of telcos and 800 companies. As an example, the Bank of America includes a newsletter with their statement. In a recent issue there was an item about WeTip, an 800 hotline. Here is an excerpt of what it said: "If you want to report information about any criminal activity, call WeTip at 1-800-78-CRIME and remember, DON'T give the interviewer your name. You will be assigned a code name and number." Now, WE know all that "code name" BS is just a smoke screen to make the mark think he is anonymous. Unfortunately, most folks don't know what we know. (Did YOU know your 800 calls were compromised, before I posted the callback number?) The folks at 1-800-STOPPER and FULL DISCLOSURE tell me that while most cellular phone systems currently release only trunk numbers to ANI, this is changing. One by one, they are being programmed to release the number of the actual cellular phone. Presumably, this is being done in preparation for Caller ID (and maybe to assist *legitimate* law enforcement needs?). S a n d y (arbitration volunteer) >>>>>>>> Please address e-mail to: ssandfort at attmail.com <<<<<<<< _________________________________________________________________ From 76630.3577 at CompuServe.COM Tue May 18 13:30:57 1993 From: 76630.3577 at CompuServe.COM (Duncan Frissell) Date: Tue, 18 May 93 13:30:57 PDT Subject: GCHQ Question Message-ID: <930518202352_76630.3577_EHK24-1@CompuServe.COM> >>>What does GCHQ stand for, and what does it do? Is it similar to the NSA?<< (Feyd Eli) The Royal Signals Establishment at Cheltenham, Gloucestershire, England is known as General Communications Head Quarters (GCHQ). It is also called 'Cheltenham' after its location. It performs many of the same sigint jobs as the NSA. There was a controversy a few years ago when the US wanted Maggie to outlaw (socialist) union membership by the Civil Service employees at GCHQ because the Regan administration considered it a security risk. Duncan From anon03e2 at nyx.cs.du.edu Tue May 18 14:41:46 1993 From: anon03e2 at nyx.cs.du.edu (Fallen Angel) Date: Tue, 18 May 93 14:41:46 PDT Subject: Neural Nets to decrypt? Message-ID: <9305181912.AA05130@nyx.cs.du.edu> I am naive on a couple of fronts, so apologies if this is off-base. As computing evolves, would it be very possible to use a neural net or like system to design an ideal code-breaking engine? From my u understanding, code-breakers are only as good as their designer's knowledge of the algorithim. Such a hypothetical system would develop its own cracking alogorithim which could be more efficient by several factors. I think another variation would the use of GA's to create a more efficient code-breaker. I know that GAs have been used to achieve near-ideal results in least-step sorting algorithims. Would code-breaking be the same in principle? From peb at PROCASE.COM Tue May 18 15:37:54 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Tue, 18 May 93 15:37:54 PDT Subject: Neural Nets to decrypt? Message-ID: <9305182236.AA11199@banff> In my experience, neural nets are good at generalizing across sparse data for recognizing patterns not seen before. GAs are more useful for converging (at an exponential rate giving Holland's schema theorem) on a solution to a problem. A GA is easier to train if the score is a continuous real number while most neural network implementations expect actual examples of what is in the set of things to be recognized. For a GA cryptoanalysis tool, a vector representing an experiment would be used as a genotype and the result could be the output of a specialized message detector (==1 if the text looks like plain English, ==.0001 if only a few words are seen, etc. (and of course it would need to detect file formats like that of compress)). Given this, a GA could find a solution. However, in learning theory, there are problems considered to be unlearnable and the standard example is encrypted information! The solution space could be like a plane with a single "needle" in it that is the solution with no hills in the general direction of the needle. This kind of solution space requires exhaustive search, unfortunately. It is difficult to characterize a solution space, but it is the key part--the mapping of a gene vector to a fraction representing the completeness of the solution is critical--and if it is completely flat with a needle, then it is not worth it. Alternatively, if it is completely random, then it also is not worth it. The solution space must be somewhere in these two extremes to be useful for a GA. Based on my limited experience with cbw (crypt breakers workbench), it is possible to get partial results (e.g., ex*lo*e -> explore and other words are then filled in) and zoom in the full solution, so based on that, a GA would be helpful. cbw is for an Enigma type machine and newer algorithms are much more sophisticated, so I don't know if the same kind of partial knowledge applies for RSA, DES3, IDEA cracking. Paul E. Baclace peb at procase.com From rusty at Panix.Com Tue May 18 16:01:56 1993 From: rusty at Panix.Com (Rusty Hoover) Date: Tue, 18 May 93 16:01:56 PDT Subject: macpgp question Message-ID: <199305182301.AA28005@sun.Panix.Com> Hi. Can anyone answer a question about MacPGP? My MaccPGP 2.2 seems to have developed a curious problem. I'm using it on a Mac Classic with system software 6.07. Both yesterday and today, I received a message from a friend, encrypted with my public key. When I downloaded this message from my Unix account to my Mac, it appeared on my screen as an MS Word icon. (MS Word is the word processing program I use.) I launched MacPGP, and selected "Open/Decrypt" from the file menu, and up came the box with the list of files to choose from. I chose the just-downloaded message, and then, in the PGP message area, PGP gave me the following message: "File is encrypted. Secret key is required to read it. This message can only be read by: keyID: xxx You do not have the secret key needed to decrypt this file." But the key ID number listed **is** in fact MY valid, working key ID !! Would anyone have any suggestions about why this is happening? Thanks, enormously, in advance. =============================================================================== Rusty Hoover | PGP 2.2 public key | Too much time, so little to do ... rusty at panix.com | by finger & e-mail | no, reverse that ... =============================================================================== From TWEETYBIRD at U.WASHINGTON.EDU Tue May 18 17:44:57 1993 From: TWEETYBIRD at U.WASHINGTON.EDU (TWEETYBIRD at U.WASHINGTON.EDU) Date: Tue, 18 May 93 17:44:57 PDT Subject: It was I Message-ID: <34D32987CB3F8046E7@MAX.U.WASHINGTON.EDU> who was the source of the anonymous Mykotronix postings. Through certain leads I have been able to find more info and will let cypherpunks know as soon as is feasible. Please don't ask how I am doing it, I don't think I should reveal my sources. If anyone feels the need to verify my postings, please go ahead and post the results to this list. thank you, Tweetybird (Whistleblower From wixer!wixer.bga.com!meyer at cactus.org Tue May 18 19:46:55 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Tue, 18 May 93 19:46:55 PDT Subject: Mixing ciphertext and plaintext Message-ID: <9305182056.AA12121@wixer> >Return-Path: >Subject: mixed plaintext and crypted text. >Date: Sat, 15 May 93 1:26:55 MDT > >Hey again, all. I've RTFM'd, and I don't even know if it can be done, but >does anyone know how I can have pgp display the un-encrypted AND the >decrypted parts of a message? Lets say my message goes like this: > >This is a plaintext message to tell you stuff that needs not be private. >BTW, can you find the subliminal message? ;^)j >-------- begin pgp block ----- >asdfkasjd;fThEjsflajslfjaslfjadfajs;flasjdaslfjasldfjalsj >asjlgfiuituqoNsAj;slkjasdifuoejrqlwfiasuokjel;rqwiuasdsii >asdfasljdflasjfdSuXsldfjalsjljeqljerwljrlejqlwjerlqwjerlq >elqrkjlasjl >134as >-------- end pgp block ------- > >Thanx a lot > >Yours virtually, >+-----------------------+-----------------------------+---------+ >| J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | >| | But, I was mistaken. |available| If you wish to mix plaintext and ciphertext in an email message then you can use Dolphin Encrypt. Let's say your message is to consist of P1/C2/P3, plaintext/ciphertext/plaintext, where C2 is ciphertext derived from plaintext P2. What you do is put P2 into a file F.TXT, then run Dolphin Encrypt with a command such as: DE E F.TXT F.ENC /t After you give Dolphin Encrypt the encryption key F.ENC will be a file which consists of pseudo-uuencoded ciphertext (that's what the "/t" is for). Run your mailer program. Write your P1. ASCII-upload F.ENC, which is your C2. (No need to mark the beginning/end of the ciphertext block.) Finish off with your P3 and send your message. The recipient captures the entire message as, say, G.ENC, then runs: DE D G.ENC G.DEC /t (Of course, she has to know the encryption key.) Dolphin Encrypt skips over P1 to get at C2 and writes G.DEC containing P2. Voila! For further info send me a snailmail address. -- Peter Meyer From hughes at soda.berkeley.edu Tue May 18 20:39:40 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Tue, 18 May 93 20:39:40 PDT Subject: Mixing ciphertext and plaintext In-Reply-To: <9305182056.AA12121@wixer> Message-ID: <9305190336.AA04656@soda.berkeley.edu> >If you wish to mix plaintext and ciphertext in an email message then >you can use Dolphin Encrypt. What cryptosystem does Dolphin Encrypt use? Is the algorithm published somewhere? Eric From sjw at liberty.demon.co.uk Tue May 18 21:39:19 1993 From: sjw at liberty.demon.co.uk (Stephen J. Whitrow) Date: Tue, 18 May 93 21:39:19 PDT Subject: Question (GCHQ) Message-ID: <3223@sjw@liberty.demon.co.uk> I live not too far away from Cheltenham, and I can confirm that the UK Government would have rather a hard job ever denying the existence of GCHQ. As you leave the M5 motorway at junction 11, taking the dual carriageway into Cheltenham, the signposts for GCHQ can't be missed. (Left at the second roundabout.) The building is visible to anyone driving into Cheltenham. (If you carry on towards the town centre for another mile or so, the Police HQ building has a rather impressive aerial on its roof, albeit comparable to other Police HQs.) It seems reasonable to believe that the various secret service agencies have reciprocal arrangements to tap each other's citizens. E.g. the American agencies tap the Royals' phones, then repeatedly rebroadcast the tapes using powerful transmitters, so they're almost certain to be picked up by some radio ham, or retired bank manager with a scanner, within a day or two. Steve Whitrow sjw at liberty.demon.co.uk From anon03e2 at nyx.cs.du.edu Tue May 18 22:25:45 1993 From: anon03e2 at nyx.cs.du.edu (Fallen Angel) Date: Tue, 18 May 93 22:25:45 PDT Subject: PGP and offline-readers Message-ID: <9305190525.AA15440@nyx.cs.du.edu> I am getting involved in networking some local BBS' and message bases. One of the primary functions of this network will be to serve as a library for PGP keys and to use PGP in sending messages. Now, if people read their messages offline, is there any offline readers that exist that integrate PGP (all this is IBM based) or is there an easy way to do this. Ideally, I want to avoid having to decrypt each message individually and would like PGP interfaced so that it could recognize a message header, apply th eright key, and output in the reader. I am probablky asking for too much. Does anyone have any experience/advice w/ this tpye of large scale implementation of PGP? I know the need to encrypt most of the messages will be small, but I think it is important to get these people so familar w/ encryption, they won't be scared and will defend it when the need arises. From mdiehl at triton.unm.edu Tue May 18 23:03:06 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Tue, 18 May 93 23:03:06 PDT Subject: PGP and offline-readers In-Reply-To: <9305190525.AA15440@nyx.cs.du.edu> Message-ID: <9305190602.AA27639@triton.unm.edu> > I am getting involved in networking some local BBS' and message bases. > One of the primary functions of this network will be to serve as a > library for PGP keys and to use PGP in sending messages. > > Now, if people read their messages offline, is there any offline > readers that exist that integrate PGP (all this is IBM based) or I'm working on one myself. I'm testing it now; its still kinda alpha at the moment. > is there an easy way to do this. Ideally, I want to avoid having to > decrypt each message individually and would like PGP interfaced so > that it could recognize a message header, apply th eright key, and > output in the reader. I am probablky asking for too much. Not at all. My system is currently geared toward UNIX, but can be modified to work with anything. ;^) Right now, I have to select the mail by hand, but the software xfers it and indexes it automaticly. Then I can select read and I get a menu of my messages to be read....index, sender, and subject. I have delete working. Also, I have send working quite well. You select Create to create a message. You then have a choice of editor. After you create a file, you have the option of calling the encryption menu to encrypt/sign it. Then you select send. You give the program the name of the file, who it goes to, and a subject. I have a script which dials the system, and uploads the mail with- out me being there. The benefits are that the plaintext never spends time on the mainframe, and you control the keys. I have a few features to add. I want to add multiple-hosts capability, aliases, and automatic encryption. I'm writing this sytem in 4dos batch language and telix communication scripts. I'm doing it this way because it's a great developement language with lots of high-lever tools. I'm quite prowd of how it's working. I'm also thinking of porting it to C. > Does anyone have any experience/advice w/ this tpye of large scale > implementation of PGP? I know the need to encrypt most of the messages > will be small, but I think it is important to get these people so > familar w/ encryption, they won't be scared and will defend it when > the need arises. I agree totally! This is important. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl at triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl at fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From warlord at MIT.EDU Tue May 18 23:19:25 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Tue, 18 May 93 23:19:25 PDT Subject: PGP and offline-readers In-Reply-To: <9305190602.AA27639@triton.unm.edu> Message-ID: <9305190619.AA23157@toxicwaste.MEDIA.MIT.EDU> If at all possible, I recommend using the Key Servers for Key Distribution... It already solves the key distribution problem not only on your own network, but around the world... No reason to re-invent the wheel... Enjoy! -derek From walmsley at ccint1.rsre.mod.uk Wed May 19 02:05:05 1993 From: walmsley at ccint1.rsre.mod.uk (Clive) Date: Wed, 19 May 93 02:05:05 PDT Subject: REF ... GCHQ Message-ID: <9305190904.AA22545@toad.com> Ref the GCHQ question, I have posted to this group previously, ie yesterday, details on GCHQ, and I wish to take issue with >>>Duncan Frissell <76630.3577 at CompuServe.COM> To: Original Question >>>What does GCHQ stand for, and what does it do? Is it similar to the NSA? Duncan replied >> The Royal Signals Establishment at Cheltenham, Gloucestershire, >> England is known as General Communications Head Quarters (GCHQ). >> It is also called 'Cheltenham' after its location. >> It performs many of the same sigint jobs as NSA. THIS IS WRONG ..... GCHQ stands for the Government Communications HeadQuarters. They are part of the Foreign and Commonwealth Office. They have NOTHING to do with the Ministry of Defence. The Royal Signals Establishment, when it existed, it closed in about 1970 was located at Christchurch. It amalgamated with the Royal Radar Establishment at Malvern to form the Royal Signals & Radar Establishment (RSRE) with the prime site being at Malvern. They were once more reformed 2 years ago to become the Defence Research Agency, which includes the prime non-nuclear research establishments in the UK. FYI these are RSRE at Malvern, at Fort Halstead the Royal Armaments Research & Develeopment Establishment, at Farnborough the Royal Aircraft Establishment and at Portland, the Admiralty Research Establishment (They upset the monarchy about the turn of the century and as a result have never received the Royal Charter) Let me say again that GCHQ or it's groups have nothing at all to do with the MoD and that the Royal Signals Establishment (or even the Royal Signals & Radar Establishment) are not located at Cheltenham and are not associated with GCHQ!!!! Clive Walmsley Walmsley at ccint1.rsre.mod.uk From anton at hydra.unm.edu Wed May 19 04:15:09 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Wed, 19 May 93 04:15:09 PDT Subject: No FTP? You can still get PGP *UTILITIES*! Message-ID: <9305191115.AA09497@hydra.unm.edu> Due to legal threats from RSA, I cannot distribute PGP itself. I am not sure about the legalities of distributing source code for it. Anyone know? ANYWAY: if you need the latest PGP/RSA utils, likely useful for any number of encryption programs, and can't get them via FTP, try calling the BBS listed in the .sig below. Look in the CRYPTO file area. You may logon as Anonymous, password GUEST, if you wish. I have the latest versions of the utils distributed with PGP22, much improved over that release, and direct from the author. I also have Fido-tech mail utils, public key-rings, etc. Due to a corrupt user data file, the system will be down for a few days, but try calling AFTER May 20th, and get the goodies you need! Please keep in mind that after 11pm, and on weekends, tends to be the cheapest rate periods for most phone extortionists I mean companies. PS: there is no charge, other than standard phone extortion of course, for utilizing NitV BBS. Full access on first call. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From anton at hydra.unm.edu Wed May 19 05:03:08 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Wed, 19 May 93 05:03:08 PDT Subject: BBSs under fire! (or on fire, if BATF gets into the act!) Message-ID: <9305191203.AA09712@hydra.unm.edu> I'd like to invite discussion, either private or listwise, on: Why is the govt. targetting BBSs? I note Eric S. Raymond accuses the govt and its mouthpieces of using the largely manufactured horror of 'kiddie porn' as a "fait acompli", to yank the rug from under our feet when we take exception to the idea that the U.S. Govt. should have the authority to inspect our private lives and operations. Not to mention also using the treat of 'terrorism' and 'dangers to national security' et al. ad nauseum. I'd like to tell you a short anecdote: I frequently grep the entire disk system here for accessible .GIF files. I need them for my BBS, and even though this grepping about hogs CPU time, it is certainly less bandwidth costly than firing up a full FTP session to go hunting for such "warez". Inevitably, many of these graphics files are 'porno'. Also inevitably a few are 'illegal' porno, such as that featuring beastiality and or nude children. Most of these appear to originate from the orient and from Europe. I have no use for such materials, but apparently someone does. I did an experiment. Noting the filenames, I looked about in alt.binaries.pictures.erotica, and did an xarchie search, and many of these files are available from US educational institutions, via both FTP archives (usually in the uploads area -- I am confident that the maintainers of such sites ditch this stuff in a jiffy. There are exceptions, however) and the UseNet system. Now, maybe I missed something, but I have yet to see the secret service raid ftparchive.blah.edu, or UNM where I work, for 'pandering'. Yet BBSs get raided for SUSPICION of having such material, and get their equipment con- fiscated. I am pissed off enough that I am having a hard time even formulating my displeasure into a logical post, but here goes anyway: 1) who gave the govt the right to distribute this material, and deny others to do so (for whatever reason) - these universities ARE part of the govt. 2) why is the govt scapegoating BBSs? Are we THAT 'dangerous and subversive'? 3) why is it that people in general cannot see this BS for the BS it is? Is it REALLY so hard to see that "terrorism" and "kiddie porn" are not real threats, but that stomping all over our privacy rights IS? 4) why is nothing much really being done about these civil rights violations? The SJG case is a case in point. EFF did plenty to help out, but where was the ACLU? I see lots of NETTERS mad about clipper, but where is the media blitz? Where are the demonstrations on the White House lawn? Are the people in this country really so apathetic? Where is the outcry over the Waco massacre? For a govt to willy-nilly burn a bunch of children to death and lie like hell to the people the whole time, is enough to start a civil war in a lot of places, yet here it's just another "oh well". Well before I really get lost here, I will just finish up by saying that I became a BBS system operator with enthusiasm and happiness, and now find my self embroiled in the fringes of a bitter war, and one which the general populace seems 100% ignorant of. I don't care what Mike Godwin says, the media DO see BBSs as a threat. I just got word that the article that was supposed to be done by a local paper on BBSs in our area was nixed. I don't like conspiracy theories, but christ, it is almost impossible to get the media to do anything on the online world that is not negative; the only VR-oriented movie I have ever seen was a horror film designed to turn people OFF the idea (_Lawnmower_Man_), MTV wants to do stories about neo- nazis using BBS for their goals; the media worked hand in hand with the govt in the Waco mess, and now the media are generally silent, even supportive, about the clipper; I try to do my part in distributing crypto, and get legal threats from a govt. contractor... What gives? How far is this going to go? -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From anton at hydra.unm.edu Wed May 19 05:39:12 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Wed, 19 May 93 05:39:12 PDT Subject: Dolphin Encrypt Message-ID: <9305191239.AA09886@hydra.unm.edu> I too would like more info on this subject! Guess all us yokels at UNM are clueless or something. My question is, how does the recipient get the key, and how do they (she, whatever) know to use that long de command? What would happend if they didn't, just get gibberish? > > The recipient captures the entire message as, say, G.ENC, then runs: > > DE D G.ENC G.DEC /t > > (Of course, she has to know the encryption key.) Dolphin Encrypt > skips over P1 to get at C2 and writes G.DEC containing P2. Voila! > > For further info send me a snailmail address. See below for snail address... -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From fergp at sytex.com Wed May 19 06:45:12 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 19 May 93 06:45:12 PDT Subject: MCI, Sprint or bust ... Message-ID: I changed my telco service to MCI yesterday. "We want you back." AT&T won't get my business until they discontinue using Clipper. Somehow, I get the feeling that may be when hell freezes over. It leaves a bit to the imagination what the "i" in the "i" plan really stands for. Intelligence? Integrity-busters? Insecurity? I urge anyone who is seriously concerned over Clipper to put their money where their mouth is - boycott AT&T. Cheers. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp at sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From judic at sunnyside.com Wed May 19 07:03:42 1993 From: judic at sunnyside.com (Judi Clark) Date: Wed, 19 May 93 07:03:42 PDT Subject: BBSs under fire! (or on fire, if BATF gets into the act!) Message-ID: <199305191403.AA03433@snyside.sunnyside.com> >I'd like to invite discussion, either private or listwise, on: Why is the govt. >targetting BBSs? Welcome to the real, growing, dangerous world, Stanton, where all your fears are true. judi From anton at hydra.unm.edu Wed May 19 07:21:03 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Wed, 19 May 93 07:21:03 PDT Subject: MCI, Sprint or bust ... In-Reply-To: Message-ID: <9305191420.AA11446@hydra.unm.edu> > AT&T won't get my business until they discontinue using Clipper. > Somehow, I get the feeling that may be when hell freezes over. ... > I urge anyone who is seriously concerned over Clipper to put their > money where their mouth is - boycott AT&T. Already done so. Using MCI also, though their "Friends and Family " plan stinks of bigbro also. What better why to catch up with those who skip out on their phone bills than getting the names and phone numbers of all their "friends and family", eh? In case any corporate spies from AT&T are reading: Not only do you lose my phone service, but your AT&T-Paradyne branch just lost out on modem sales too. Which is just too bad. AT&T-P. had THE best sysop-discount deal on 14400bps modems. I was all ready to buy a couple of them. Tsk tsk. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From anton at hydra.unm.edu Wed May 19 07:37:20 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Wed, 19 May 93 07:37:20 PDT Subject: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <199305191403.AA03433@snyside.sunnyside.com> Message-ID: <9305191436.AA11807@hydra.unm.edu> > >I'd like to invite discussion, either private or listwise, on: Why is the govt. > >targetting BBSs? > > Welcome to the real, growing, dangerous world, Stanton, where all your fears > are true. Doesn't help much. >:) I just want to know what it is about BBSing that scares the out of the govt. Why are porno, crypto, and people saying what the want to, somehow more threating on BBSs than about 10x as many people doing the same thing on govt "controlled" educational systems? If the govt really really sees these things as dangerous, would it not be wiser to take care of the "cancer" in one's own body than worry about the health of others? Maybe the govt. is just totally irrational, or something. Not saying anyone should put a stop to alt.binaries.pictures.erotica, I could care less if people like spending inorinate amounts of time uudecoding spotty nudie pics. But the whole rationale behind attacking BBSs seems, like I said, ir- rational... -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From honey at citi.umich.edu Wed May 19 07:44:07 1993 From: honey at citi.umich.edu (peter honeyman) Date: Wed, 19 May 93 07:44:07 PDT Subject: MCI, Sprint or bust ... In-Reply-To: Message-ID: <9305191444.AA01544@toad.com> i think it's naive to boycott at&t over clipper. i'm sure mci and sprint are the same sort of villains as at&t. what makes more sense is to buy some at&t shares and force the issue at the next stockholders' meeting. in fact, this might be a great consciousness-raising vehicle: we could get a statement included in the proxy booklet and force a stockholder vote. as a stockholder (of about 20 shares, due to my previous life as a bell labs mts), i see cranks getting space in the booklet every year. how do they do that? peter From anon03e2 at nyx.cs.du.edu Wed May 19 08:31:18 1993 From: anon03e2 at nyx.cs.du.edu (Fallen Angel) Date: Wed, 19 May 93 08:31:18 PDT Subject: Random numbers Message-ID: <9305191531.AA15131@nyx.cs.du.edu> One of the main factors in crypto seems to be a source of random numbers which most computers don't really have. Wouldn't it be ppossible to apply the Mafia-numbers-game solution? i.e. For your numbers (or seed for a large volume of numbers) take a random pubically accessible number like the last 3 digits of the attendance of a sporting event. I have never seen any formalizations, but that type of number should be as close to totally random as possible. From marc at GZA.COM Wed May 19 08:45:41 1993 From: marc at GZA.COM (Marc Horowitz) Date: Wed, 19 May 93 08:45:41 PDT Subject: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <9305191203.AA09712@hydra.unm.edu> Message-ID: <9305191545.AA01568@dun-dun-noodles.aktis.com> >> Now, maybe I missed something, but I have yet to see the secret service raid >> ftparchive.blah.edu, or UNM where I work, for 'pandering'. You missed it. It has happened. MIT used to run an alt.sex.bondage stories server. Someone would read a.s.b., cull out the stories and make them available for anonymous ftp. Well, a while ago (2-3 years) a guy named Joe Abernathy from the Houston Chronicle wrote a story about the Internet, and mentioned the asb archive. This got up to the highest level of the NSF management, and MIT was threatened to take down the server, or have their connection cut. This was a big deal within MIT, since MIT is extrememly progressive about virtual data. They have a policy to take the ECPA seriously, and they really did regard this as censorship. But the NSF did not seem to be bluffing, so MIT told the organization running the server that it had to be taken down, and why. The organization agreed, since they didn't want to be cut off the net either. It takes an extremely strong idealist to stand up to this sort of pressure, and MIT just wasn't up to it. I really can't blame them. Today, maybe they could do it, since the net is much more in the public's eye, and there are organizations like EFF and CPSR to support them. So, don't feel singled out. The gov't isn't just targetting the little guys. >> 1) who gave the govt the right to distribute this material, and deny >> others to do so (for whatever reason) - these universities ARE part of >> the govt. Laziness, not intent. If someone made a big stink, unm would feel it, I promise. >> 2) why is the govt scapegoating BBSs? Are we THAT 'dangerous and >> subversive'? No, you're easy targets, and closing down kiddie porn distribution looks real good on the personnel evaluation. >> 3) why is it that people in general cannot see this BS for the BS it is? >> Is it REALLY so hard to see that "terrorism" and "kiddie porn" are not real >> threats, but that stomping all over our privacy rights IS? People in this country are soft. They don't see the government as a threat. They also smoke too much and rot their brains with TV. "Never attribute to malice that which can be adequately explained by stupidity." >> 4) why is nothing much really being done about these civil rights >> violations? The SJG case is a case in point. EFF did plenty to help >> out, but where was the ACLU? The EFF did a fine job. The ACLU wasn't needed here. If they were, I hope they would have done something. The fact is, you haven't experienced any civil rights violations, and the Clipper Chip, although enabling them, does not cause them. You can't take the government to court because you think they're evil. They have to screw up first, and they are, in general, careful about provably screwing up. >> I try to do my part in distributing crypto, and get legal threats from >> a govt. contractor... They have rights to that software. Plaster the universe with DES software; nobody will touch you. RSA does not want to cut off all crypto; they're just trying to make money off what they own. Would you be upset if Playboy's lawyers sent you a letter ordering you to get the digitized centerfolds off your BBS? It's exactly the same thing. >> What gives? Look at the newspaper. Open to a random page. Do you see a story about public service in your town, or about a police officer who got shot yesterday? Happy, peaceful, nice doesn't sell. The media focuses on death, violence, and stuff like that because it's what people want to watch. Nazis (Oops. It's a flame. The Nazis got mentioned :-) and pornography are just the equivalents in the networking world. People could care less about all the good things that happen. They want to be reminded about all the bad things in the world, so their own lives seem a little less miserable. >> How far is this going to go? Too far. It already has. I wish I could tell you when it would stop. Marc From jrk at information-systems.east-anglia.ac.uk Wed May 19 09:00:04 1993 From: jrk at information-systems.east-anglia.ac.uk (Richard Kennaway) Date: Wed, 19 May 93 09:00:04 PDT Subject: Random numbers Message-ID: <9279.9305191556@sys.uea.ac.uk> Fallen Angel writes: >Wouldn't it be ppossible to apply the Mafia-numbers-game solution? >i.e. For your numbers (or seed for a large volume of numbers) take >a random pubically accessible number like the last 3 digits of the >attendance of a sporting event. > >I have never seen any formalizations, but that type of number should be >as close to totally random as possible. How do you know that these numbers aren't already in use as a code system, under the control of someone who may not have your interests at heart? Mafia numbers indeed! -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From amcgee at netcom.com Wed May 19 09:03:42 1993 From: amcgee at netcom.com (Arthur R. McGee) Date: Wed, 19 May 93 09:03:42 PDT Subject: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <9305191436.AA11807@hydra.unm.edu> Message-ID: It's VERY simple Stanton. Look at the difference. BBSs are still relatively small standalone "islands", even when they are hooked up to Fido, RIME, etc. networks. They are a LOT easier to pick on. The "net" however is essentially many seperate systems and one HUGE system all at the same time. They realize that to tackle one particular site or even many sites, really doesn't do anything. The net is like a funhouse with too many "mirrors." The only way to have any effect would be to change the rules of the net itself, saying that, for example, "pornography" is not allowed. This, as we all know, along with all the other rules they would likely impose, would kill the net DEAD("yeah", I know, poor english, but you get my point). Also, the size of the net and the somewhat seemless connection between the numerous networks, would STILL allow people to pass the information around without law enforcement having a clue. In addition, the fact that so much of the net is in some way either owned by, sanctioned by, or located on government or university property(as you mentioned), pretty much precludes law enforcement from doing anything. They can't cut off their own arm. It would be the gov't vs. the gov't. Like a dog chasing it's own tail trying to bite it. Like Internal Affairs. Like "Independant" Internal Investigation. Right! They don't mean a d**n thing. Art On Wed, 19 May 1993, Stanton McCandlish wrote: > I just want to know what it is about BBSing that scares the matter here> out of the govt. Why are porno, crypto, and people saying > what the want to, somehow more threating on BBSs than about 10x as many people > doing the same thing on govt "controlled" educational systems? > If the govt really really sees these things as dangerous, would it not be wiser > to take care of the "cancer" in one's own body than worry about the health of > others? Maybe the govt. is just totally irrational, or something. Not saying > anyone should put a stop to alt.binaries.pictures.erotica, I could care less > if people like spending inorinate amounts of time uudecoding spotty nudie > pics. But the whole rationale behind attacking BBSs seems, like I said, ir- > rational... From 74076.1041 at CompuServe.COM Wed May 19 09:22:44 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Wed, 19 May 93 09:22:44 PDT Subject: BBSs under fire! Message-ID: <930519161458_74076.1041_FHD73-1@CompuServe.COM> -----BEGIN PGP SIGNED MESSAGE----- I agree with Stanton that BBS's have a rather unsavory image in the media and the public at large, compared with Usenet. A lot of people think of BBS's as meeting grounds for malicious hackers, whereas most people have never heard of Usenet. Here are some possible reasons for the difference: 1) BBS's are often used by kids. Parents see them using the computer to access BBS's. Usenet is available mostly to college campuses, research labs, and corporations. Lay people never see it operating. Usenet is largely based on Internet, which exists for research purposes. 2) People who use Internet tend to be college students and professional adults. They are more articulate and better able to defend their interests than most BBS users. 3) Usenet is decentralized but largely accountable. People who post objectionable material can be traced and recorded. On BBS's most posters are completely anonymous - only the operators are known. Perhaps the govern- ment feels more comfortable being able to monitor those who post material it doesn't want to see. And there are many cases where people have gotten into trouble for Usenet postings. A few months ago there was discussion on comp.org.eff.talk about a student at a large Northeastern university who got in legal trouble for posting possible child porn, including visits from the FBI. A few weeks ago in comp.admin.policy there was discussion about someone who posted what could be interpreted as a desire that Clinton die, and whose office was visited by the Secret Service shortly afterward. These things could not be done on a BBS, or only the operator could be investigated. Note also that our efforts for providing anonymity on Usenet threaten this capability. It's interesting to see how many of the vested interests on Usenet (system operators and such) opposed anonymity and have been working to shut it down. 4) All Usenet traffic could be monitored from a central location. To monitor all postings on all BBS's would be far more difficult. There could be all kinds of wild things being discussed on random BBS's here and there and the government would never know about it. This isn't true of Usenet. 5) Some BBS's have had illegal activities as their major purpose, including telephone fraud (exchanging stolen credit card numbers). Such activities would not be possible on Usenet. 6) BBS's often have cute or clever names that make them sound frivolous or childish. Usenet newsgroups and systems have functional names. Here is a list of local BBS systems I found: The Birdhouse BBS The Bowhead Whale BBS Buddha's Place BBS The Cat's Meow Network /dev/bbs Eco BBS The Enright House Enterprize BBS Fat Aggies The Haunted Castle of Alchemists The Haunted Manor Idiots Eternal Legal Plus Service BBS The Library Annex Manhattan Network XXIII Prevailing Winds Research BBS Reality Ltd. Santa Barbara Jaycees BBS SBCC BBS Swagland BBS The Seaside The Silican Embassy The Thunder Penguin The Wett BBS The Wimp There are some legitimate-sounding systems here, but a lot of them sound like they don't have a useful purpose. === In making these comparisons I don't mean to attack BBS operators or users, just to identify some differences in perception between BBS's and Usenet, which after all do have a lot of similarities in how they are used. I think that as more BBS systems connect to the net the line between BBS's and Usenet will blur. Also, if our efforts succeed to provide anonymity on the Internet the government will not be able to track objectionable postings to their source. Probably at that time Usenet itself will be attacked due to the threat it will present to those in power. Hal Finney 74076.1041 at compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK/oyD6gTA69YIUw3AQEY5QP/V3nsvcpJfJKq/91KB2iX9B3mmDriYZ1j XY2lr9+0p8/EutEd/AGvcn8p5LkUqERqvylzSSAhswrinqB9lw+bjf8T0PpjsoxX 01ftHNPHiZO/uPCWvsjmsaKATduNesnOmNgOFxMFN7Dp+KmcchjKwl3coBQbOY9J W9Ijlv2RV/I= =JERo -----END PGP SIGNATURE----- From jrk at information-systems.east-anglia.ac.uk Wed May 19 09:27:33 1993 From: jrk at information-systems.east-anglia.ac.uk (Richard Kennaway) Date: Wed, 19 May 93 09:27:33 PDT Subject: alt.whistleblowers Message-ID: <9667.9305191619@sys.uea.ac.uk> Julf writes: >> it had been my understanding >> that julf was going to newgroup alt.whistleblowers... > >Er... I definitely remember somebody else announcing he was going to >create it... Anon.penet.fi (and especially MK II alias penet.anon.com) >will definitely support it. It would seem in keeping with the spirit of alt.whistleblowers for the newgroup to be performed anonymously. Does anon.penet.fi support the control newsgroup? :-) More seriously, why doesn't everyone who knows how and wants the group created simply forge an anonymous creation message? -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From marc at GZA.COM Wed May 19 09:57:20 1993 From: marc at GZA.COM (Marc Horowitz) Date: Wed, 19 May 93 09:57:20 PDT Subject: alt.whistleblowers In-Reply-To: <9667.9305191619@sys.uea.ac.uk> Message-ID: <9305191657.AA01659@dun-dun-noodles.aktis.com> >> It would seem in keeping with the spirit of alt.whistleblowers for the >> newgroup to be performed anonymously. Does anon.penet.fi support the >> control newsgroup? :-) More seriously, why doesn't everyone who knows how >> and wants the group created simply forge an anonymous creation message? Because then all the news admins who don't like anonymity (most of them) will refuse to honor the newgroup, and the group will die. Marc From eaeu362 at orion.oac.uci.edu Wed May 19 10:03:36 1993 From: eaeu362 at orion.oac.uci.edu (stub23) Date: Wed, 19 May 93 10:03:36 PDT Subject: Boycotts Message-ID: <199305191703.AA19033@orion.oac.uci.edu> well i dont know about boycotting AT&T if you do, i would reccomend that you write a letter to them telling them EXACTLY why you dropped their service because boycotting someone without telling them that you are doing it is pointless i like AT&T more than Sprint or MCI as companies but then again i used to work for AT&T so im kinda biased... but i can guarentee that SPrint and MCI are more evil than AT&T and using ANI was something i did as part of my life its how i worked out billing, although it DOES provide a means for finding out your phone number whne you might not want it known its main use is billing and NO, most people dont know about it so what do WE do to educate them? From corwin at Cayman.COM Wed May 19 11:11:05 1993 From: corwin at Cayman.COM (Lord Among Panthers) Date: Wed, 19 May 93 11:11:05 PDT Subject: A good venue for distributing Clipper info perhaps Message-ID: <9305191810.AA17912@cuba.Cayman.COM> Topic> npr Station: Internet Multicasting Service Channel: Internet Town Hall Program: National Public Radio meets the Internet Release: May 21, 1993, 2-3PM EDT Content: Talk of the Nation/Science Friday On May 21, we will be joining the Internet to National Public Radio for a special edition of Talk of the Nation/Science Friday. Host Ira Flatow will field questions from users sitting in front of computers as well as users sitting next to telephones. Questions from the Internet will come from videoconferencing tools on the Multicast Backbone (MBONE) using a gateway provided by Ron Fredrick and Steve Deering of Xerox PARC. (If you don't have MBONE connectivity now, you probably won't have it by Friday. To learn more about the multicast backbone, ftp to isi.edu and get the file /mbone/faq.txt. If you do have MBONE connectivity, check SD for a listing for Internet Town Hall.) In addition to the audio link, we will have two other ways to participate. First, starting now, you can send mail to ira at radio.com with your comments and questions. Some of this mail may be read as part of the show. We encourage you to narrow your your comments to the subject of the Internet, how it is used, and the future of networking in the western world. Second, with the help of Rick Gates, we will be conducting an Internet Treasure Hunt and reading the results over the air. The purpose of the hunt is to illustrate the diversity of methods and data available on the network. The questions will be posted on the network 24 hours before the show and will be read by Ira Flatow at the beginning of the show. Even if you don't participate with a computer for this show, we hope you will listen to your local National Public Radio affiliate. Guests will include Carl Malamud, Brewster Kahle, and Tim O'Reilly. For those of you that have computers but no NPR affiliate, we will tape the show and send it out as an audio file approximately 48 hours after it airs. Participants in the Internet Town Hall include Cornell University, the National Press Club, the National Science Foundation, O'Reilly & Associates, Sun Microsystems, WAIS, Inc., Xerox PARC, and many others. Network connectivity for the Internet Town Hall is provided by UUNET Technologies. For information on Internet Talk Radio, write to info at radio.com. More information on Internet Town Hall will be available shortly. For a current, partial listing of sites, write to sites at radio.com. corwin From fergp at sytex.com Wed May 19 11:15:13 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 19 May 93 11:15:13 PDT Subject: RICO Message-ID: Can anyone suggest an available electronic transcript containing the verbage of the RICO Act? I'm sending an ARCHIE search, but I thought someone on the list may know where to find this info. Cheers. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp at sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From peb at PROCASE.COM Wed May 19 11:24:47 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Wed, 19 May 93 11:24:47 PDT Subject: MCI, Sprint or bust ... Message-ID: <9305191822.AA11429@banff> >though their "Friends and Family " plan stinks of bigbro also Hah! Sprint is even better at this. They have a new service where they `help you move'; you give them the addresses of all entities that need address changes (!) and they do it all for you. They pay for the postage, all you have to do is eliminate your privacy in exchange. Paul E. Baclace peb at procase.com From hughes at soda.berkeley.edu Wed May 19 11:55:18 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Wed, 19 May 93 11:55:18 PDT Subject: FTP: new materials on the archive Message-ID: <9305191851.AA19299@soda.berkeley.edu> I've done a bit of archive maintenance in the last week. A bunch of the Clipper info I had has been cleaned up and posted. I've put up the sci.crypt FAQ, which I would like everyone who has basic questions to read, as well as L. Detweiler's Anonymity on the Internet FAQ. Enjoy. Eric From smb at research.att.com Wed May 19 12:34:02 1993 From: smb at research.att.com (smb at research.att.com) Date: Wed, 19 May 93 12:34:02 PDT Subject: BBSs under fire! (or on fire, if BATF gets into the act!) Message-ID: <9305191933.AA09988@toad.com> >> Now, maybe I missed something, but I have yet to see the secret ser vice raid >> ftparchive.blah.edu, or UNM where I work, for 'pandering'. You missed it. It has happened. MIT used to run an alt.sex.bondage stories server. Someone would read a.s.b., cull out the stories and make them available for anonymous ftp. It's happening again, even as we speak. The UNC public access system is being criticized by the local Fox TV station for providing access to ``pornography'' to kids. From pmetzger at lehman.com Wed May 19 12:44:55 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 19 May 93 12:44:55 PDT Subject: BBSs under fire! (or on fire, if BATF gets into the act!) In-Reply-To: <9305191933.AA09988@toad.com> Message-ID: <9305191944.AA05533@snark.shearson.com> smb at research.att.com says: > >> Now, maybe I missed something, but I have yet to see the secret ser > vice raid > >> ftparchive.blah.edu, or UNM where I work, for 'pandering'. > > You missed it. It has happened. MIT used to run an alt.sex.bondage > stories server. Someone would read a.s.b., cull out the stories and > make them available for anonymous ftp. > > It's happening again, even as we speak. The UNC public access system > is being criticized by the local Fox TV station for providing access to > ``pornography'' to kids. Rupert Murdoch rides again -- hypocritical yellow journalism at its finest. I imagine the Fox folks would never dream of criticizing the Page 3 girls in all of Murdoch's UK papers -- which, after all, any kid can paruse at will. Perry From fergp at sytex.com Wed May 19 12:46:32 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 19 May 93 12:46:32 PDT Subject: MCI, Sprint or bust ... Message-ID: <978s4B1w165w@sytex.com> On Wed, 19 May 1993 10:43:53 -0400 peter honeyman wrote - > i think it's naive to boycott at&t over clipper. i'm sure mci > and sprint are the same sort of villains as at&t. Perhaps, but at least MCI or SPRINT has not publicly acknowledged the use of Government sponsored crypto. Insistance of naivete is subjective opinion. > what makes more sense is to buy some at&t shares and force the > issue at the next stockholders' meeting. Easier said than done. Cheers. Paul Ferguson | "... certain unalienable Rights, Network Integrator | that among these, are Life, Liberty, Centreville, Virginia USA | and the pursuit of Happiness." fergp at sytex.com | -- The Declaration of Independence Stop the Wiretap (Clipper/Capstone) Chip. From sneal at muskwa.ucs.ualberta.ca Wed May 19 13:49:36 1993 From: sneal at muskwa.ucs.ualberta.ca (Sneal) Date: Wed, 19 May 93 13:49:36 PDT Subject: BBSs under fire! Message-ID: <9305192048.AA14496@muskwa.ucs.ualberta.ca> Stanton McCandlish writes: >I'd like to invite discussion, either private or listwise, on: Why is >the govt. targetting BBSs? I suspect that a lot of law enforcement agencies are worried about their budgets right now, and in response, they've made a point of going after easy targets with high publicity value: i.e. people who lack resources to mount a strong defense, and who are looked upon with suspicion by the mainstream. BBSs, Branch Davidians, and now health food stores, fall nicely into this category. To be a successful bully, you've got to find victims who can't fight back. Further, if LawEnf can push a lot of hot buttons in their press releases about the raid ("kiddypornterroristdrugdealingmurphybrownpotatoe"), they can count on lots of media attention, which is always good when budget time comes... politicians are reluctant to put the axe to the heroes of the day. I also suspect that Big Brother is becoming peripherally aware that the uncontrolled, unmonitored, and extremely rapid flow of information via "new media" (a disreputable phrase, but there ya go) is a threat to the existing power structure. Alvin Toffler does a good number on this in "Powershift" (nice title, thanks a LOT, Alvin; why don't you just TELL the bad guys what's going on??!). The spooks and their bedfellows (ENCRYPTED OFFENSIVE STATEMENT FOLLOWS Bt Epspuiz Efoojoh mjlft up tbz, "Uif OTB dbo bmxbzt gjmm jo uif ipmft!" END OFFENSIVE STATEMENT) have always counted on being able to keep tabs on who's saying what, and to find and squelch troublemakers that get too far out of line. The proliferation of BBSs drastically increases the number of "pressure points" needed to control information flows in any meaningful way. Add strong crypto to geometrically expanding information paths, and you've got a spook's nightmare. Not only does the head of the NSA have to hire new guys to monitor all the BBSs, but now he's got to buy a bunch more Crays to keep up with the crypto traffic. The poor guy must be swimming in his shorts..."My GOD! What if somebody SAYS something BAD and I DON'T KNOW ABOUT IT??!". -- Steve From mdiehl at triton.unm.edu Wed May 19 14:22:23 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 19 May 93 14:22:23 PDT Subject: BBSs under fire! In-Reply-To: <9305192048.AA14496@muskwa.ucs.ualberta.ca> Message-ID: <9305192121.AA21257@triton.unm.edu> > I suspect that a lot of law enforcement agencies are worried > about their budgets right now, and in response, they've made a point > of going after easy targets with high publicity value: i.e. people > who lack resources to mount a strong defense, and who are looked upon > with suspicion by the mainstream. BBSs, Branch Davidians, and now > health food stores, fall nicely into this category. To be a > successful bully, you've got to find victims who can't fight back. Nope, that's not it. If you can accuse a BBS sysop of a feloney, YOU CAN SIEZE HIS DAMN COMPUER!!!!!! And guess who gets the money from the sale of the (expensive) computer equipment....the LEA who "made the bust." Oh ya, and you come out smelling like a rose in ink too. Not a bad proposition for some District Attorney who wants to make a name for himself, hypotheticly speaking. > Further, if LawEnf can push a lot of hot buttons in their press > releases about the raid > ("kiddypornterroristdrugdealingmurphybrownpotatoe"), they can count > on lots of media attention, which is always good when budget time > comes... politicians are reluctant to put the axe to the heroes of > the day. Most laymen don't even understand what email is. So, "obviously those computer users are doing something illegal," so the thinking goes. And when the "authorities" say [insert your favorite subversive action], the average person believes it. > I also suspect that Big Brother is becoming peripherally aware > that the uncontrolled, unmonitored, and extremely rapid flow of > information via "new media" (a disreputable phrase, but there ya go) > is a threat to the existing power structure. Alvin Toffler does a > good number on this in "Powershift" (nice title, thanks a LOT, Alvin; > why don't you just TELL the bad guys what's going on??!). The spooks > and their bedfellows (ENCRYPTED OFFENSIVE STATEMENT FOLLOWS Bt > Epspuiz Efoojoh mjlft up tbz, "Uif OTB dbo bmxbzt gjmm jo uif ipmft!" > END OFFENSIVE STATEMENT) have always counted on being able to keep > tabs on who's saying what, and to find and squelch troublemakers that > get too far out of line. The proliferation of BBSs drastically > increases the number of "pressure points" needed to control > information flows in any meaningful way. That scares the Hell out of em, I'm sure. BTW, am I going to have to compile Cryptographic Work Bench, or is this crypt trivial and I'm too tired to see it? > Add strong crypto to geometrically expanding information paths, > and you've got a spook's nightmare. Not only does the head of the NSA > have to hire new guys to monitor all the BBSs, but now he's got > to buy a bunch more Crays to keep up with the crypto traffic. The poor > guy must be swimming in his shorts..."My GOD! What if somebody SAYS > something BAD and I DON'T KNOW ABOUT IT??!". I'm not even going to touch this one.... +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | | But, I was mistaken. |available| | +-----------------------------+---------+ | mdiehl at triton.unm.edu | "I'm just looking for the opportunity | | mike.diehl at fido.org | to be Politically Incorrect! | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From mrrm at well.sf.ca.us Wed May 19 14:43:05 1993 From: mrrm at well.sf.ca.us (Marianne Mueller) Date: Wed, 19 May 93 14:43:05 PDT Subject: Consider "Working Assets" phone service instead of AT&T Message-ID: <199305192142.AA25642@well.sf.ca.us> Another option to AT&T long distance service is something called Working Assets. Quoting from their bill, "Every time you call long distance with Working Assets, a percentage of your charge goes to nonprofit action groups that are working for a better world. These donations are made by Working Assets at no extra cost to you. ... For a list of groups Working Assets has funded in the past, send a self-addressed stamped envelope to 701 Montgomery Street #400 San Francisco, CA 94111 ... You automatically get a discount of up to 15% on interstate calls, depending on your monthly calling volume. And you automatically get a 20% Friendship Discount (indicated by and "F" on the bill) when you call another member of the Working Assets Long Distance network. ... Working Assets is the only phone company to sign the Valdez Principles, committing ourselves to environmental responsibility." (The bills are on 100% postconsumer recycled paper, unbleached, and they plant 17 trees for every ton of paper they use.) You can contact Working Assets by calling 1-800-788-8588 (let's face it, a phone company is going to know your number) or write them at the above address. If you tell them I recommended you, I get $10 off my bill, but you don't have to do that. I'm recommending them because I think they are a great option to AT&T, not because I want $10 off my bill! I chose Amnesty International as the nonprofit that gets donations when I make long distance calls. I think Working Assets has dozens of nonprofits you can choose from. And hey, celebrity endorsement: Ralph Nader goes around urging everyone to sign up with Working Assets. Cheerios, Marianne From baumbach at atmel.com Wed May 19 14:51:49 1993 From: baumbach at atmel.com (Peter Baumbach) Date: Wed, 19 May 93 14:51:49 PDT Subject: false positives Message-ID: <9305192112.AA04939@carp.chp.atmel.com> I have an encryption question: Has anyone tried to create a strong encryption algorithm that cannot be broken by brute force? If the algorithm relied on a dictionary, for instance, then the wrong key could still return something that resembles english. It would be even better if for any arbitrary text, a KEY could be generated which maps the encrypted real message to the arbitrary text. With this system, even if your true key could be figured out (maybe you wrote it on a napkin!), you could easely deny the accuracy of the decryption. A decrypted message would only be useful for information, but never for evidence. This is more of an idea than a question. What do you think? In liberty, Peter Baumbach baumbach at atmel.com From jet at nas.nasa.gov Wed May 19 15:20:09 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Wed, 19 May 93 15:20:09 PDT Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305192142.AA25642@well.sf.ca.us> Message-ID: <9305192220.AA00742@boxer.nas.nasa.gov> The only downside to WA is that they won't issue a phonecard-only account (which is what I have with US Splice). From pmetzger at lehman.com Wed May 19 15:41:16 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 19 May 93 15:41:16 PDT Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305192142.AA25642@well.sf.ca.us> Message-ID: <9305192239.AA05954@snark.shearson.com> Marianne Mueller says: > Another option to AT&T long distance service is something called > Working Assets. > > Quoting from their bill, > > "Every time you call long distance with Working Assets, a percentage > of your charge goes to nonprofit action groups that are working for a > better world. These donations are made by Working Assets at no extra > cost to you. I don't want to get into an argument on politics, but I will point out for the large libertarian contingent that Working Assets puts their money into "Progressive", i.e. what libertarians would think of as socialist, causes. Myself, I'd rather not fund lobbying for more regulations, thank you very much. > I chose Amnesty International as the nonprofit that gets donations > when I make long distance calls. I think Working Assets has dozens of > nonprofits you can choose from. And hey, celebrity endorsement: Ralph > Nader goes around urging everyone to sign up with Working Assets. Reason enough for libertarians not to touch it with a ten foot pole... Perry From marc at GZA.COM Wed May 19 15:45:18 1993 From: marc at GZA.COM (Marc Horowitz) Date: Wed, 19 May 93 15:45:18 PDT Subject: false positives In-Reply-To: <9305192112.AA04939@carp.chp.atmel.com> Message-ID: <9305192245.AA02194@dun-dun-noodles.aktis.com> Yes. It's called a one-time pad. Marc From TO1SITTLER at APSICC.APS.EDU Wed May 19 15:52:59 1993 From: TO1SITTLER at APSICC.APS.EDU (TO1SITTLER at APSICC.APS.EDU) Date: Wed, 19 May 93 15:52:59 PDT Subject: No Subject Message-ID: <930519164946.84b@APSICC.APS.EDU> From: SMTP%"Postmaster" 14-MAY-1993 22:58:16.22 To: CC: Subj: Undeliverable Mail Date: Fri, 14 May 1993 22:58:09 -0600 (MDT) From: Postmaster at APSICC.APS.EDU Subject: Undeliverable Mail To: Bad address -- Error -- Nameserver error: Unknown host Start of returned message Date: Fri, 14 May 1993 22:58:07 -0600 (MDT) From: TO1SITTLER at APSICC.APS.EDU Message-Id: <930514225807.c83d at APSICC.APS.EDU> Subject: Tempest To: drzaphod at ncselxsi.uucp X-Vmsmail-To: SMTP%"drzaphod at ncselxsi.uucp" Where can I find more info about tempest? Is it a roomwide thing, is it implemented in the cables and housings, or what? I understand that the purpose of Tempest is to prevent people from spying on you via electronic emissions detection. Is this just a glorified Faraday cage? End of returned message From trimm at netcom.com Wed May 19 16:59:15 1993 From: trimm at netcom.com (Trimm Industries) Date: Wed, 19 May 93 16:59:15 PDT Subject: tempest Message-ID: <9305192359.AA16487@netcom4.netcom.com> Reply to TO1SITTLER re: tempest TEMPEST is NACSIM 5100A (there are some new numbers which I can't remember), a NSA specification for the emission of compromising EMI from computers and other digital data processing equipment. It is a Faraday cage, except that they divide the system into "black" noise circuits and "red" noise circuits. An example of black emissions would be the constant 50 KHz signal emitted by a switcher power supply, that contains no useful information. You can emit as much black as you want. You cannot emit ANY red information, that is, CRT guns, data busses, data transmission lines, etc. Red information can be reconstructed easily bu passive interception. Your PC, for example, has a monitor that emits enough information to allow unintended interception up to a mile away. If you need more details, write back. Gary trimm at netcom.com -- From poier at sfu.ca Wed May 19 17:58:23 1993 From: poier at sfu.ca (Skye Merlin Poier) Date: Wed, 19 May 93 17:58:23 PDT Subject: Where are the key servers? Message-ID: <9305200058.AA00956@malibu.sfu.ca> -----BEGIN PGP SIGNED MESSAGE----- Hi.. What are the address(es) of the worldwide key server(s)? I thought I had them around here somewhere.... thx skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK/rXky0bkpXW3omvAQHvNAQAjQ1yBeBEp2bjd+nx0eq33YO68wAN+V1c mSZIWPnFDXCsJoBB3Ol7T9pzENr0kCH7EtvetyrwFhbzQYrIUPFs34hPs7AgMcYj OXB82X8wQ38KaQJTcyL3eLkbegrnxdYzU8kLKgGVs6QCQqHGE8ZG0WlSntXZHcYy xbZqaIYndsg= =uT12 -----END PGP SIGNATURE----- From jordan at imsi.com Wed May 19 18:12:15 1993 From: jordan at imsi.com (Jordan Hayes) Date: Wed, 19 May 93 18:12:15 PDT Subject: MCI, Sprint or bust ... Message-ID: <9305192204.AA12542@IMSI.COM> >>> what makes more sense is to buy some at&t shares ... Looks like someone did that. AT&T is up about $8 in the past four days, up another 4.8% today ... /jordan From wcs at anchor.ho.att.com Wed May 19 18:12:27 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Wed, 19 May 93 18:12:27 PDT Subject: TEMPEST Message-ID: <9305200112.AA02467@anchor.ho.att.com> > Where can I find more info about tempest? Is it a roomwide thing, is it > implemented in the cables and housings, or what? I understand that the > purpose of Tempest is to prevent people from spying on you via electronic > emissions detection. Is this just a glorified Faraday cage? Both techniques are used. You can either buy TEMPEST-designed equipment, which is designed for low emissions, separation of signals between classified and unclassified components, shielded cables, etc., or you can build a shielded box or room and use special filtered power supplies, fiber optics, etc. The exact standards are classified, but they're a lot stricter than FCC Class A or B. The shielded-room vendors out there also sell to the electromagnetic-compatibility- testing market, who want to have nice quiet rooms to measure emissions from their equipment in. Last time I saw one of these rooms built, about 5 years ago, typical construction used plywood sheets with thick sheet metal on each side, fancy connectors between plywoods, copper-wool crammed in any cracks, and special waveguide meshes for air vents and fiber-optic communication cables, and gives about 100-120 dB shielding for frequencies up to about 1-10GHz. Twenty years ago, typical construction used copper screening and was good to ~60dB. About 3-4 years ago, the typical cost for a TEMPEST PC was ~$4000 more than the non-TEMPEST equivalent, and the equipment was maybe 1 year behind the commercial models due to integration and testing time. TEMPEST mini-computers, if they were small enough, generally took the approach of putting the standard versions of the machine in a box built like the TEMPEST rooms; TEMPEST PCs had a somewhat more integrated design, though they were starting to use commercial motherboards. Bill Stewart From nobody at soda.berkeley.edu Wed May 19 18:17:28 1993 From: nobody at soda.berkeley.edu (nobody at soda.berkeley.edu) Date: Wed, 19 May 93 18:17:28 PDT Subject: No Subject Message-ID: <9305200114.AA01985@soda.berkeley.edu> TEMPEST Information (Might be a bit old) ---------------------------------------- HETRA Computers Inc. George Brazel 45472 Holiday Dr. #1 Sterling, VA 22170 Vox: (703) 709-0800 Fax: (703)709-8181 [God I love this list] =8^( From nowhere at bsu-cs.bsu.edu Thu May 20 00:15:35 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Thu, 20 May 93 00:15:35 PDT Subject: No Subject Message-ID: <9305200718.AA28431@bsu-cs.bsu.edu> Personally, I think that this is required reading. Practically, I'd like to think that most of you folks will comment and edit this document to the point where each and every one of us will be proud to sign our _names_ to it. Please forgive me for adapting a consecrated public document for this venue, however I feel that this is the best adaptive vehicle for this statement. #include_statement THE DECLARATION OF INDEPENDENCE FROM GOVERNMENTALLY IMPOSED CRYPTOGRAPHY Proposed to Cypherpunks-at-large, May 20, 1993 When, in the Course of human events, it becomes necessary for one people to disregard and challenge the communicative and neo-political bands which have connected them with their Government, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the opposition. We hold these truths to be self-evident, that all Communications should be designed equally and, that they are endowed by their creators with certain unalienable technical aspects, that among these, are Privacy, Communications Liberalism, and the pursuit of Cryptographic Freedom. That, to secure these rights to publicly available crypto, the Government which was once instituted among Men, and derived their just powers from the consent of the governed, that, whenever any Form of Government once became destructive of these ends, it was once the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles, and organizing its powers in such form, as to them shall seem most likely to effect their Communications Safety and Happiness. Prudence, indeed, will dictate that Governments long established, should not be changed for light and transient causes; and, accordingly, all experience hath shown, that mankind is more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But, when a long train of abuses and usurpations, pursuing invariably the same Object, evidences a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government abuses and to provide new Guards for their future communications security.--- Such has been the patient sufferance of these Cryptographic soldiers; and such is now the necessity which constrains them to attempt to alter their former Systems of Government. The history of the present President of The United States of America is a brief history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny and imposition over individual rights to communicative privacy. To prove this, let Facts be submitted to a candid world. He has implemented a policy which may possibly usurp the citizens privacy in electronic communications, which at least, will indeed submit private communications to unjust scrutiny under his agencies surveillance. He has attempted to impose these standards without academic or public scrutiny. We have not been wanting in attentions to our cryptographic practices; this is true. It does not, however, indicate that we are guilty of crimes of any sort. We have alerted our governmental representatives, from time to time, of attempts made by their legislature to extend an unwarrantable jurisdiction over us. We have reminded them of the circumstances of our professional and private idealisms. We have appealed to their native justice and magnanimity, and we have conjured them by the ties of our common kindred to disavow these usurpations, which would inevitably interrupt our connections and correspondence. They too have been deaf to the voice of justice and of consanguinity. We must, therefore, acquiesce in the necessity, which denounces our united objection, and hold them, as we hold the rest of mankind, Enemies in War, in Peace Friends. We, therefore, the Representatives of the Cryptographic partners resident in the computing networks and establishments, in General Consensus, Assembled, appealing to the legislative bodies of the United States of America for the rectitude of our intentions, do, in the Names, and by Authority of the good People of the Networks, solemnly publish and declare, That the computer community is, and of Right ought to be, Free and Independent of governmentally imposed cryptographic restrictions; that they are Absolved from all Allegiance to the proposals implemented by the National Security Agency, The National Institute of Standards and Technology and the Clipper purveyors by-and-large, and that all political connection between them and the United States of America, and ought to be, totally dissolved: and that, as Free and Independent communicators, they have absolute rights to private electronic communications without Governmentally imposed sanctions which may unethically submit their communications to Governmental scrutiny. And, for the support of this Declaration, with a firm reliance on the protection of divine Providence, we mutually pledge to each other our sacred Honor. Quis Custodiet Ipsos Custodes? From catalyst at netcom.com Thu May 20 00:43:40 1993 From: catalyst at netcom.com (Scott Collins) Date: Thu, 20 May 93 00:43:40 PDT Subject: false positives Message-ID: <9305200743.AA02030@netcom.netcom.com> >Has anyone tried to create a strong encryption algorithm that cannot >be broken by brute force? ^^^^^^ Brute force = exhaustive search. Therefore, if there is a solution, and the search terminates, the answer will be found. Your point was, can an encryption system be designed such that an exhaustive search yields multiple equally good, different (preferably contradictory) decryptions, for any given encrypted message. In "Communications Theory of Secrecy Systems", Bell Systems Technical Journal, Vol 28, pp. 656-715, Shannon measures the efficacy of an encryption system by the average number of plaintext messages that map to an arbitrary cyphertext (via different keys). Later, Hellman (in "An Extension of the Shannon Theory Approach to Cryptography", IEEE Transactions on Information Theory, vol 23, No. 3, pp. 289-284) emphasized Shannon's point about using compression with encryption so that decryption will yield more false positives. Ross Williams discusses this in his book: "Adaptive Data Compression". Note the limited definition of meaningful in these papers as 'makes words'. Given sufficient context, a correct decryption would not be able to hide in a forest of 'meaningul' false positives. (e.g. "Hmmmm, do you think it's 'cats often enjoy', or 'be ready by tuesday'). Of course, a one time pad affords a very large space of meaningful (much more meaningful than just 'makes words') decryptions for each encryption, hence its information-theoretically perfect security. A system which provides arbitrary mappings at the message level and no derivable component context enjoys this property as well. (e.g. a code book: 1-->be ready by tuesday; 2-->expect a guest. What does the message '1' mean? It can mean any message in the world, exactly as (when using a one time pad) the 17th character might mean any character in the world.) So in answer to your question: yes, a one time pad is just such a system. -- Scott + Scott Collins + "Few people realize what + + catalyst at netcom.com | tremendous power there is in one | + of these things." -- Willy Wonka + From mdiehl at triton.unm.edu Thu May 20 01:24:51 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Thu, 20 May 93 01:24:51 PDT Subject: Constitution... Message-ID: <9305200824.AA07474@triton.unm.edu> < We hold these truths to be self-evident, that all Communications | | (505) 299-2282 | | +-----------------------+---------------------------------------+ From stig at netcom.com Thu May 20 03:46:25 1993 From: stig at netcom.com (Stig) Date: Thu, 20 May 93 03:46:25 PDT Subject: Encripted huffman-like compression Message-ID: <9305201046.AA10293@netcom.netcom.com> At the first bay c-punks meeting I attended, someone mentioned a variation on huffman encoding that used your key to initialize the compression tables. (This was a while ago, so I probably garbled that description...) Anyway, could the person who mentioned this scheme please mail or post a pointer to code or references? Thanks, Stig From pcw at access.digex.net Thu May 20 08:01:41 1993 From: pcw at access.digex.net (Peter Wayner) Date: Thu, 20 May 93 08:01:41 PDT Subject: Encripted huffman-like compression Message-ID: <199305201501.AA07930@access.digex.net> I wrote something on this in Cryptologia several years back. I believe it is the April Issue of 1988. It describes how to scramble the tree of the Huffman compression to achieve more cryptographically useful compression. Why is this necessary? Because people often assume that compression removes many of the redundancies of the language. Well, it only does this in a theoretical sense. The patterns are still there. If the Huffman encoding maps "T" to "01", "H" to "1001" and "E" to "11", then the pattern "01100111" is going to be very common in English text, but "10010111" is going to much less common. -Peter Wayner From fergp at sytex.com Thu May 20 08:17:28 1993 From: fergp at sytex.com (Paul Ferguson) Date: Thu, 20 May 93 08:17:28 PDT Subject: Forwarded messages from RISKS Message-ID: These messages were extracted from RISKS Digest (14.64) - 8<------- Snip, Snip ------------- Date: Wed, 19 May 1993 16:32:46 -0400 (EDT) From: esr at snark.thyrsus.com (Eric S. Raymond) Subject: Re: Clipper (Denning, RISKS-14.60; Rotenberg, RISKS-14.62) In Marc Rotenberg wrote: > Denning has to be kidding. The comments on the proposed DSS were > uniformly critical. Both Marty Hellman and Ron Rivest questioned > the desirability of the proposed standard. Mr. Rotenberg, as a public figure operating in the political arena, has to exercise a certain diplomatic restraint in responding to Ms. Denning's claims. I am, thankfully, under no such requirement. As a long-time RISKS reader and contributor, I observe that that this is not the first time that Ms. Denning has apparently operated as a mouthpiece for the NSA's anti-privacy party line on DES and related issues. I believe Ms. Denning's remarks must be understood as part of a continuing propaganda campaign to marginalize and demonize advocates of electronic privacy rights. Other facets of this campaign have attempted to link privacy advocates to terrorists and drug dealers by suggesting that only criminals need fear wiretapping. These are serious charges. I make them because, in the wake of the Clipper proposal, I do not believe civil libertarians can afford any longer to assume that their opponents are persons of good will with whom they can simply debate minor differences of institutional means in a collegial way. It's time for someone to say, in public and on this list, what I know many of us have been thinking. The future is *now*. Electronic privacy issues are no longer a parlor game for futurologists; they are the focus of a critical political struggle, *and the opponents of privacy are fighting their war with all the tools of force, deception, and propaganda they can command*. The histories of the DES, the FBI wiretap proposal, and now the Clipper proposal must be considered against a wider background of abuses including the Steve Jackson case, "Operation Longarm", and the routine tapping of U.S. domestic telecommunications by NSA interception stations located outside the geographic borders of the United States. These form a continuing pattern of attempts by agencies of the U.S. government to pre-empt efforts to extend First and Fourth Amendment privacy protections to the new electronic media. In each case, the attempt was made to present civil libertarians with a fait accompli, invoking "national security" (or the nastiness of "kiddie porn") to justify legislative, judicial and practical precedents prejudicial against electronic privacy rights. While I would not go so far as to claim that these efforts are masterminded by a unitary conspiracy, I believe that the interlocking groups of spies, bureaucrats and lawmen who have originated them recognize each other as cooperating fellow-travelers in much the same way as opposing groups like the EFF, CPSR and the Cypherpunks do. Their implicit agenda is to make the new electronic communications media transparent to government surveillance and (eventually) pliant to government control. One of the traits of this culture of control is the belief that manipulative lying and dissemblage can be justified for a `higher good'. I believe that Ms. Denning's disingenuous claim that the DSS "is now considered to be just as strong as RSA" is no mere technical misapprehension. I believe it is propaganda aimed at making objectors non-persons in the debate. I cannot know whether Ms. Denning actually believes this claim, but it reminds me all too strongly of the classic "Big Lie" technique. It is important for us to recognize that the propaganda lie is not an aberration, but a routine tool of the authoritarian mindset. And the authoritarian mindset is, ultimately, what we are confronting here --- the mindset that regards the fighting of elastically-defined `crime' as more important than privacy, that presumes guilt until innocence is proven, that demands for government a license to override any individual's natural rights at political whim. We cannot trust representatives of an institutional culture that was *constructed* to deal in information control, lies, secrecy, paranoia and deception to tell us the truth. We cannot accept the authoritarians' unverified assurances that the sealed interior of the Clipper chip contains no `trapdoor' enabling the NSA to eavesdrop at will. We cannot trust the authoritarians' assertions that they have no intention of outlawing cryptographic technologies potentially more secure than the Clipper chip. We cannot believe the authoritarians' claims that `independent' key registries will prevent abuse of decryption keys by government and/or corrupt individuals. We cannot --- we *must not* --- cede control of encryption technology to the authoritarians. To do so would betray our children and their descendants, who will work and *live* in cyberspace to an extent we can barely imagine. We cannot any longer afford the luxury of treating the authoritarians as honest dealers with whom compromise is morally advisable, or even possible. Whatever their own valuation of themselves, the thinly-veiled power grab represented by the Clipper proposal reveals a desire to institutionalize means which a free society, wishing to remain free, *cannot tolerate*. Big Brother must be stopped *here*. *Now.* While it is still possible. Eric S. Raymond - -- Date: Wed, 19 May 93 18:37:24 EDT From: denning at cs.cosc.georgetown.edu (Dorothy Denning) Subject: Re: Clipper (Raymond, RISKS-14.64) Eric Raymond has accused me of being part of a propaganda campaign and a "Big Lie." Among his wild speculations, he wrote: I believe that Ms. Denning's disingenuous claim that the DSS "is now considered to be just as strong as RSA" is no mere technical misapprehension. I believe it is propaganda aimed at making objectors non-persons in the debate. I cannot know whether Ms. Denning actually believes this claim, but it reminds me all too strongly of the classic "Big Lie" technique. Frankly, I don't know how to respond his allegations other than by saying that I am not and have never been on the payroll of NIST, NSA, or the FBI and that every word I have published has been completely on my own initiative. While I frequently speak with people in these agencies (mainly to ask them questions so that I can be informed) and have considerable respect for them, I am operating on my own initiative and making my own independent evaluations based on all the evidence I can find. I try to avoid pure speculation as much as possible. My objective in responding to Sobel in the first place was to point out that, in my best judgement, the DSS as revised is as secure as RSA. I did that so that readers would not be led to believe the contrary. Let me elaborate more. The security of the DSS is based on the difficulty of computing the discret log. (The Diffie-Hellman key exchange, invented in 1976, is likewise so based.) The security of the RSA is based on factoring. My understanding is that the computational difficulty of these two problems is about the same for comparable key lengths, and indeed, the fastest solutions with both come using the same basic technique, namely the number field sieve. If I'm wrong here, I am happy to be corrected by someone who knows more than I do about this. There are other factors, of course, that must be taken into account. With both schemes, you have to make sure you get good primes. In the case of the DSS, you want really random ones so that you don't get ones with "trapdoors." This is readily done and the chances of getting a trapdoor one are minuscule. For a reference, see Daniel Gordon's paper from Crypto '92. I still remember the day when George Davida called me up to say that he had cracked RSA. It turned out that he had found a way of exploiting the digital signatures to get access to plaintext (but not keys). I generalized his mathematics and published a paper in CACM (April 84). The solution is to hash messages before they are signed, which has other advantages anyway. I also remember various articles by people pointing other potential vulnerabilities with RSA if the primes weren't picked right. There are potential weaknesses in all of these public-key methods, but they can be resolved. As near as I can tell, NIST has resolved the potential problems with the DSS, and I am confident that if new ones are found, they will resolve them too. Dorothy Denning Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From kent_hastings at qmail2.aero.org Thu May 20 09:21:10 1993 From: kent_hastings at qmail2.aero.org (Kent Hastings) Date: Thu, 20 May 93 09:21:10 PDT Subject: Hargis T-raid Message-ID: <199305201620.AA04061@aerospace.aero.org> Hargis T-raid#000# The offices of Anthony L. Hargis were visited 5-18-93 by Treasury agents. Since 1976, Hargis operated a "bank that isn't a bank," using a Massachusetts Business Trust structure. The theory of operation was that a Trust recording gold Deposits and Transfer Orders was legally different than a Bank with Accounts and Checks. This bluff worked well for 15 years. Anthony's recent involvement with the State Citizens (a new tax protestor approach) may have triggered the raid. Or perhaps ALH was allowed to exist all these years to suck in more IRS victims. Account holders can assume the worst. Customers were not allowed in the door, and the computer records were not encrypted, despite my, and others, frequent suggestions. "Citizens don't need encryption" was the response in a nutshell. Citizens Do. Now, secure physical data links (perhaps using spread-spectrum modulation of radio and microwave) appear necessary for financial privacy. All the nice little tricks with mail drops and trusts may work in the short term, but only strong encryption and signal hiding will insure long term survival. Kent - kent_hastings at qmail2.aero.org. and From fergp at sytex.com Thu May 20 09:45:29 1993 From: fergp at sytex.com (Paul Ferguson) Date: Thu, 20 May 93 09:45:29 PDT Subject: TEMPEST and other "neat stuff" Message-ID: This is an interesting extract that I came across this morning. I thought that I'd post a portion of it (the entire paper is almost 900 lines) to the group since the topic of TEMPEST had surfaced - 8<------ Snip, Snip ------[ edited ]------ (c) 1990 Christopher J. Seline cjs at cwru.cwru.edu cjs at cwru.bitnet Eavesdropping On the Electromagnetic Emanations of Digital Equipment: The Laws of Canada, England and the United States This document is a rough draft. The Legal Sections are overviews. T h e y w i l l b e significantly expanded in the next version. We in this country, in this generation, are -- by destiny rather than choice -- the watchmen on the walls of world freedom.[1] -President John F. Kennedy _____________________ 1. Undelivered speech of President John F. Kennedy, Dallas Citizens Council (Nov. 22, 1963) 35-36. In the novel 1984, George Orwell foretold a future where individuals had no expectation of privacy because the state monopolized the technology of spying. The government watched the actions of its subjects from birth to death. No one could protect himself because surveillance and counter- surveillance technology was controlled by the government. This note explores the legal status of a surveillance technology ruefully known as TEMPEST[2]. Using TEMPEST technology the information in any digital device may be intercepted and reconstructed into useful intelligence without the operative ever having to come near his target. The technology is especially useful in the interception of information stored in digital computers or displayed on computer terminals. The use of TEMPEST is not illegal under the laws of the United States[3], or England. Canada has specific laws criminalizing TEMPEST eavesdropping but the laws do more to hinder surveillance countermeasures than to prevent TEMPEST surveillance. In the United States it is illegal for an individual to take effective counter-measures against TEMPEST surveillance. This leads to the conundrum that it is legal for individuals and the government to invade the privacy of others but illegal for individuals to take steps to protect their privacy. The author would like to suggest that the solution to this conundrum is straightforward. Information on _____________________ 2. TEMPEST is an acronym for Transient Electromagnetic Pulse Emanation Standard. This standard sets forth the official views of the United States on the amount of electromagnetic radiation that a device may emit without compromising the information it is processing. TEMPEST is a defensive standard; a device which conforms to this standard is referred to as TEMPEST Certified. The United States government has refused to declassify the acronym for devices used to intercept the electromagnetic information of non-TEMPEST Certified devices. For this note, these devices and the technology behind them will also be referred to as TEMPEST; in which case, TEMPEST stands for Transient Electromagnetic Pulse Surveillance Technology. The United States government refuses to release details regarding TEMPEST and continues an organized effort to censor the dissemination of information about it. For example the NSA succeeded in shutting down a Wang Laboratories presentation on TEMPEST Certified equipment by classifying the contents of the speech and threatening to prosecute the speaker with revealing classified information. [cite coming]. 3. This Note will not discuses how TEMPEST relates to the Warrant Requirement under the United States Constitution. Nor will it discuss the Constitutional exclusion of foreign nationals from the Warrant Requirement. protecting privacy under TEMPEST should be made freely available; TEMPEST Certified equipment should be legally available; and organizations possessing private information should be required by law to protect that information through good computer security practices and the use of TEMPEST Certified equipment. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From root at pleiku.netcom.com Thu May 20 11:01:56 1993 From: root at pleiku.netcom.com (root at pleiku.netcom.com) Date: Thu, 20 May 93 11:01:56 PDT Subject: No Subject Message-ID: <9305201801.AA19223@toad.com> >From root Thu May 20 11:02:46 0700 1993 remote from pleiku To: netcoms!sytex.com!fergp (Paul Ferguson) cc: toad.com!cypherpunks, root Subject: Re: TEMPEST and other "neat stuff" In-reply-to: Your message of "Thu, 20 May 1993 12:15:09 EDT." Priority: urgent Date: Thu, 20 May 1993 11:02:46 -0700 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Thu, 20 May 1993 11:02 PDT Content-Type: text Content-Length: 1220 I would like the complete text Paul... JFK really said all this... fascinating... puts a WHOLE new perspective on the assasination with taken in combination with "DEEP BLACK, Puzzle Palace and Deadly Deceits" REALLY makes me wonder.... kelly -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly at netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From mrnoise at econs.umass.edu Thu May 20 11:12:10 1993 From: mrnoise at econs.umass.edu (Mr. Noise) Date: Thu, 20 May 93 11:12:10 PDT Subject: The New Mykotronix phones... Message-ID: <9305201811.AA03465@titan.ucs.umass.edu> Please forgive me for replying to a message that's already a month old, but I was in the process of wading through the messages that have swamped my mailbox while I was doing end-of-the-semester stuff & didn't come across any replies...so just a brief note or two before I submerge again to study for my last Ph.D. comprehensive: > Okay, let's suppose that the NSA/NIST/Mykotronix Registered > Key system becomes standard and I'm able to buy such a system > from my local radio shack. Every phone comes with a built in > chip and the government has the key to every phone call. > I go and buy a phone and dutifully register the key. > > What's to prevent me from swapping phones with a friend or > buying a used phone at a garage sale? Whooa. The secret registered > keys just became unsynchronized. When the government comes > to listen in, they only receive gobbledly-gook because the > secret key registered under my name isn't the right one. This is a good, creative response to fascist technology, but I wonder if I'm the only one on this list who's noticed a parallel between the government's attitude toward small arms & its attitude approach to cryptography? (After all, cryptographic technology *is* dealt with as a 'munition' in the export laws, right?) While this means that many of the same defenses apply to crypto as to arms--as in "When codes are outlawed, only outlaws will have codes," a tagline I made up when I first started using PGP--it also means that we can expect the government (& other opponents) to use similar tactics in trying to deny us our right to privacy. So how might the government respond if we were to use the tactic described above? Well, just consider what they would do if you loaned someone your handgun & they committed a crime with it: they hold you responsible as well. If we allow a system of key registry to be instituted in any form, I think we can expect the same boneheaded legislation restricting our freedom to use cryptography as is currently inflicted on would-be gun owners. If nothing else, "key permits" would represent a new source of revenue for the tax-crazed Clinton administration & governors across the fruited plains! Consider that, in order to obtain local & state permits to carry a handgun in my home state of Connecticut it costs a total of $50 for the first year alone & $25 per year to renew the liscence (it may cost even more in other towns, I don't know)! & then there's the paperwork, & the wait, &.... From mrnoise at econs.umass.edu Thu May 20 11:23:12 1993 From: mrnoise at econs.umass.edu (Mr. Noise) Date: Thu, 20 May 93 11:23:12 PDT Subject: WER #79 Message-ID: <9305201822.AA04856@titan.ucs.umass.edu> Having received my copy of the latest Whole Earth Review yesterday, I expected to see a pile of messages about the article by Kevin Kelly on "Cypherpunks, E-Money, & Technologies of Disconnection"...but maybe, like me, you've all been too busy to read the article all the way through. Anyway, I thought those of you who don't subscribe would appreciate a mention of the article so you could run right out & buy the mag. There's also some good sci-fi stuff (they give it some kind of fancy name, you know WER...) by Kelly & Brian Eno. & the cover is by R. Crumb! Well, anyway, it seems Mr. Kelly has spent some time talking to list member (guru?) Tim May, Phil Zimmerman, & a bunch of other cypherpunk folk, so how about some reactions to the article from those he talked to? ...& is it me, or is the WER/WELL/cypherpunks/Wired/EFF/etc. crowd starting to get just a *little* inbred? (In a nice way, of course...) I feel as though Kelly, Sterling, Brand, Levy, et al. are my best buddies & I don't think we've ever exchanged e-mail (well, once or twice maybe), they just keep popping up everywhere I turn. Heck, I may even have to write R.U.Sirius into my will, he feels like such an old pal... From smb at research.att.com Thu May 20 12:07:01 1993 From: smb at research.att.com (smb at research.att.com) Date: Thu, 20 May 93 12:07:01 PDT Subject: TEMPEST and other "neat stuff" Message-ID: <9305201906.AA20919@toad.com> This is an interesting extract that I came across this morning. I thought that I'd post a portion of it (the entire paper is almost 900 lines) to the group since the topic of TEMPEST had surfaced - I'd like to see the whole thing, but I don't guarantee I'll read it. In fact, I don't believe it. The use of TEMPEST is not illegal under the laws of the United States[3], or England. Canada has specific laws criminalizing TEMPEST eavesdropping but the laws do more to hinder surveillance countermeasures than to prevent TEMPEST surveillance. In the United States it is illegal for an individual to take effective counter-measures against TEMPEST surveillance. I can't speak for England or Canada, but neither statement is true about the U.S. Note the text of footnote [3]: 3. This Note will not discuses how TEMPEST relates to the Warrant Requirement under the United States Constitution. Nor will it discuss the Constitutional exclusion of foreign nationals from the Warrant Requirement. The ``warrant'' requirement is precisely the point. Spying on individuals who have a reasonable expectation of privacy is prohibited. In the case of wiretaps, that was in a Supreme Court ruling in, as I recall, 1967. In fact, the original wiretap statute (18 USC 2510 et seq), later amended by the ECPA, was passed (as part of the Ombnibus Safe Streets and Crime Control Act of 1968) in direct response to that ruling, to set forth procedures, grounds, etc., for legal wiretaps and surveillance. I don't have the citation handy, but the concept was discussed clearly and at some length in Kemp v Block (1985) 607 F Supp 1262. A TEMPEST pickup would appear to run afoul of the wiretap laws. Consider the following language in 18 USC 2511(2)(f): procedures in this chapter and the Foreign Intelligence Surveillance Act of 1978 shall be the exclusive means by which electronic surveillance, as defined in section 101 of such Act, and the interception of domestic wire and oral communications may be conducted. I'll return to the FISA later; note, though, that it and 18 USC 2510 are the *only* means by which anything resembling TEMPEST surveillance can be performed. The only grounds on which such intercepts can be justified, given the language of this section, is from 18 USC 2511(3)(g): It shall not be unlawful under this chapter or chapter 121 of this title for any person -- (i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public; Is TEMPTEST ``readily accessible to the general public''? At least since the adoption of the FCC requirements on spurious RFI, I'd tend to doubt it. And as I noted earlier, eavesdropping of any sort is legal if and only if the targets have no reasonable expectation of privacy; given that 99+% of the American public has never heard of TEMPEST, I'd call it a fair bet that someone using a computer in a private room does, in fact, assume that he or she has such an expectation. The Foreign Intelligence Surveillance Act (50 USC 1801 et seq.) specifies the conditions under which foreign agents may be subject to surveillance. Unless there is ``no substantial likelihood'' that an American's conversations will be observed, an order from a special court is needed. Again -- for the most part, there is a requirement for due process. Now -- I'm certainly not going to claim that these niceties are always observed. But that they're ignored doesn't make them legal. Finally, the claim that taking counter-measures against TEMPEST is illegal strikes me as balloon juice, plain and simple. Last I heard, the FCC wanted you to do anything you could to reduce spurious emissions. True, they're not telling how sensitive their detectors are -- but that's a far cry from saying you're not allowed to try to defeat them. Please -- there are real enemies to personal freedom. Let's not waste energy chasing chimeras. --Steve Bellovin From wixer!wixer.bga.com!pacoid at cactus.org Thu May 20 12:11:48 1993 From: wixer!wixer.bga.com!pacoid at cactus.org (Paco Xander Nathan) Date: Thu, 20 May 93 12:11:48 PDT Subject: MCI, Sprint or bust ... In-Reply-To: <9305191444.AA01544@toad.com> Message-ID: <9305191949.AA28828@wixer> "Sent from the cyberdeck of: peter honeyman" > > what makes more sense is to buy some at&t shares and force the issue > at the next stockholders' meeting. in fact, this might be a great > consciousness-raising vehicle: we could get a statement included > in the proxy booklet and force a stockholder vote. as a stockholder > (of about 20 shares, due to my previous life as a bell labs mts), i > see cranks getting space in the booklet every year. > how do they do that? Hear, hear from another former Bell Labbie MTS.. (of course, we were in Network Support and used to have our _vendors_ call back collect if we knew they used Sprint, because the sound was so much better :-) AT&T *does* have a lot of twisted stockholder proposals. They also have more "ma & pa" individual investors than most large firms, as opposed to VC & institutional votes, so the mgt feels VERY sensitive toward shareholder votes. That's the price a firm must pay for cutting a regular dividend for N decades.. In fact, the mgt is so sensitive that they even have a near-mandatory payroll deduction program for employees to support their PAC. Really fucked! All it takes is just one share and you can propose an item for vote, but I think you need many more shareholders to join in before the vote will get anywhere near the proxy ballot. You can bet that AT&T mgt will do everything they can to discredit and/or block any vote they haven't initiated themselves. Even so, we researched this form of "protest" as a much more effective alternative to "boycotts" (which are frankly impossible in a post-industrial economy anyways) during the piss-test conflict at . Any brokers or VC's here, ie. field experts? Twas part of my "12-Step Program To Kill Corporate Drug Testing" published recently in Urine Nation News. The other corporate juggler vein to swat with a machete is to approach to a firm's first/second tier customers and find a neato way to give them the shivers about the firm's offensive programs.. Like Apple wasn't exactly pleased when started mumbling about insuring that all its biz partners enforced drug testing as well so that they could chalk up even more Malcum Balddick awards from the Republicans.. Mind you that AT&T earns its lunch money from corp & govt work combined with legislative tax breaks, not so much from Jane R. Consumer.. If there was anyway to make AT&T's corp/govt customers paranoid about the Wiretap chip (as they well should be!) then AT&T might reconsider - quickly!! It's happened before.. Let's see, who among AT&T's bevy of cash cows might have a lil' sumthin' to fear from having their secure comm tapped by the Feds.. Let's see, how about mainland China? Or possibly Mobile Oil? Let's apply the leverage where it will ouch the most.. pxn. From wixer!wixer.bga.com!meyer at cactus.org Thu May 20 12:12:42 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Thu, 20 May 93 12:12:42 PDT Subject: Reply to queries concerning DE Message-ID: <9305192114.AA01882@wixer> >From: Stanton McCandlish >Subject: Dolphin Encrypt >To: cypherpunks at toad.com >Date: Wed, 19 May 93 6:39:04 MDT > >> The recipient captures the entire message as, say, G.ENC, then runs: >> >> DE D G.ENC G.DEC /t >> >> (Of course, she has to know the encryption key.) Dolphin Encrypt >> skips over P1 to get at C2 and writes G.DEC containing P2. Voila! > >My question is, how does the recipient get the key, >and how do they (she, whatever) know to use that long de command? >What would happen if they didn't, just get gibberish? 1. I'm sure Stanton is aware (though perhaps there are some people who are not) that there were cryptosystems in existence before PGP, and before public key cryptography was invented. DES is an example. Such cryptosystems (in contrast to PGP) are called "symmetric key" systems since the key used to encrypt is the same as the key used to decrypt. This being so, there is the problem of how to get the key to the person decrypting the received ciphertext. (This is as true for DES as for any other symmetric key system.) There are ways, more or less secure. A secure way is to use PGP to transmit the encrypted key. If your only encryption need is transmitting encrypted email then PGP may be all you need. If you want to encrypt lots of 1MB database files, either to keep around or to transmit, then a faster encryption process is needed. 2. They know how to use "that long de command" (actually I think it's quite short) because they've RTFM or had it explained to them, just as for PGP. 3. If they didn't use it they'd just have a block of what looks like uuencoded stuff in the middle of the received message. If they put a wrapper around it and uudecoded they'd get *real* gibberish. >From: Eric Hughes >To: cypherpunks at toad.com >Subject: Mixing ciphertext and plaintext > >>If you wish to mix plaintext and ciphertext in an email message then >>you can use Dolphin Encrypt. > >What cryptosystem does Dolphin Encrypt use? Is the algorithm >published somewhere? > >Eric The encryption process was developed and refined, with no input from any government agency, during the last few years. A general description of it is given in the manual that comes with Dolphin Encrypt. I shall post this description in the following message. Comments are welcome. Although this description is quite detailed, it is not sufficient to work through the process with pencil and paper, since it is too complex. The complete details can only be understood from a study of the C source code, which is provided with the Dolphin Encryption Library, a C library usable by programmers to add encryption capabilities to application programs. More details available by snailmail; requests by email or to 512-479-9208. (We finally had our cute executive secretary record the message; sounds better now - and, no, she doesn't throw the Selectric typewriter ribbons in the trash. In fact, we feed *all* our cast-off confidential data to the hogs out back. Best security method we've ever used, though the dobermans are pretty good too.) -- Peter Meyer P.S. Info going out by snailmail to all who requested it. From wixer!wixer.bga.com!meyer at cactus.org Thu May 20 12:12:46 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Thu, 20 May 93 12:12:46 PDT Subject: DE encryption method Message-ID: <9305192120.AA02004@wixer> The Dolphin Encryption Process The encryption process is a symmetric block cipher, where the block is any size from 1 byte to about 16K. The encryption key consists of a string of from 10 to 60 ASCII characters. The key is converted into six seed numbers using the MD5 message digest algorithm. These numbers are used to seed several pseudo-random-number generators (PRNGs). The key is also used to randomize other elements of the system. During encryption a series of extended and encrypted derivatives of the key are used to scramble the plaintext. The resulting ciphertext is further combined with a portion of the adjacent plaintext (in a way that depends on the key). The enciphered block is then expanded by the random addition of random bytes. Finally the enciphered block is shuffled in a way depending on the key. The explanation of the encryption process has the following sections: (a)PRNGs used (b)Key input (c)General initialization (d)Block initialization (e)Block encryption (a) PRNGs used The process employs two kinds of PRNG: (i) Multiplicative congruential This kind of PRNG is described in D. Knuth, The Art of Computer Programming, Volume 2, pp. 9-20, and in S. Park and K. Miller, "Random Number Generators: Good Ones are Hard to Find", Communications of the ACM, Vol. 31 No. 10 (October 1988), pp. 1192-1201. Three multiplicative PRNGs are used in the encryption process. (ii) Additive This kind of PRNG is described in D. Knuth, The Art of Computer Programming, Volume 2, pp. 27-31, and in S. Kirkpatrick and E. Stoll, "A Very Fast Shift-Register Sequence Random Number Generator", Journal of Computational Physics, 40 (1981), pp. 517-526. Five additive PRNGs are used in the encryption process. (b) Key input The process makes use of a user-input key and six seed numbers which are derived from that key. The user may enter any string of typeable characters. All lower case characters are converted to upper case, and all characters except the following 68 are eliminated: ABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789`~!@#$%^&*()_+|-=\[]{};':",./<>? The resulting string is called the input key. The input key must consist of at least ten characters and at most sixty, and it must contain at least six different characters. If not then it is rejected. (c) General initialization Once an acceptable input key has been entered, there are two operations that are performed using this key before any actual data encryption occurs. (i) Six seed numbers in the range 4,000,000 through 1,431,655,765 are generated from the input key using the MD5 message digest algorithm. (ii) The three multiplicative PRNGs are used in different ways in the encryption process. Based on the key the particular ways in which they are to be used are determined at this stage. (d) Block initialization The block size must be specified. For each block the encipherment process occurs as follows: (i) The block is assigned a number in the range 0 - 65,535. (ii) The three multiplicative PRNGs are initialized using three of the seed numbers and the block number. (iii) A set of five additive PRNGs is randomly chosen from a set of thirty. They are initialized using five of the seed numbers, the block number and numbers generated by the multiplicative PRNGs. (iv) A sub-block length is randomly selected using one of the multiplicative PRNGs. Its value depends on the key, but lies in the range 30 through 180. (e) Block encryption Block encryption consists of three processes: scrambling, interpolation and shuffling. (i) Scrambling Scrambling involves two parallel encipherment processes: (1) A series of character strings are generated from the input key. The length of each string is at least 250 and at most 500 bytes and is chosen so as not to be divisible by the previously mentioned sub-block length; otherwise the length of the string is random. Each byte in this string is derived from a combination of a byte randomly selected from the input key and a value returned by one of the additive PRNGs. As each string is generated its MD5 message digest is also generated. The block is divided into a set of non-overlapping variable-length sub-blocks corresponding to the lengths of the strings thus generated. Each byte in each sub-block is modified by combination with a byte in the string, a byte in the MD5 message digest of the current string and a value obtained by using one of the PRNGs. (2) In the second, concurrent, process the block is divided into fixed-length non-overlapping sub-blocks which have the previously mentioned sub-block length. The bytes in each ciphertext sub-block are combined with some or all of the bytes in the corresponding plaintext sub-block in a manner involving the use of one of the PRNGs. (ii) Interpolation Meaningless bytes are now interpolated among the bytes of the ciphertext. This is done in a random way using one of the PRNGs and so that these interpolated random bytes can be eliminated during decipherment. This step generally increases the size of the block by 2% to 10%. (iii) Shuffling The bytes are then permuted (or in other words, shuffled) randomly by a process that again uses one of the PRNGs and the input key, and which is reversible if and only if the key is known. The completes the encipherment of the data block. This process may be performed on each block of data making up any larger block, such as a disk file. From fnerd at smds.com Thu May 20 12:59:13 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Thu, 20 May 93 12:59:13 PDT Subject: Huffman and Crypto Message-ID: <9305201955.AA05279@smds.com> Sorry if these questions have been answered in posts I recently deleted, but... 1) Instead of modifying Huffman coding, isn't it more sensible to just use arithmetic coding, which is more efficient anyway, and doesn't use fixed bit patterns? 2) I would assume there's a branch of cryptography devoted to studying the protections or lack thereof, afforded by compression schemes, both by themselves and in addition to other types of cryptography. I would guess that Huffman and LZ-family codes have been studied a lot...right?? But also more general studies of the weakness of (even secret) compression algorithms as crypto methods? I mean, compression methods would tend to use methods (like table lookup) that simpler cyphers have used for a long time, only without having been designed with crypto expertise...right?? 3) Does anyone know of an easy-to-get-sources, easy-to-use arithmetic coding compression program? quote me -fnerd From baumbach at atmel.com Thu May 20 14:47:02 1993 From: baumbach at atmel.com (Peter Baumbach) Date: Thu, 20 May 93 14:47:02 PDT Subject: strong encryption as virus protection Message-ID: <9305202108.AA05477@carp.chp.atmel.com> Hello all, It seems that an easely available (legal) software verification system needs to be made. If one were widely used, virus worries of people could be channeled into a demand for strong encryption. Tell people that the Crippler Chip might prevent this from ever happening. Peter Baumbach baumbach at atmel.com From still at kailua.colorado.edu Thu May 20 15:01:22 1993 From: still at kailua.colorado.edu (James Still) Date: Thu, 20 May 93 15:01:22 PDT Subject: Large Scale Implementation of PGP Message-ID: <2BFC0DBF@kailua.colorado.edu> > Does anyone have any experience/advice w/ this tpye of large scale > implementation of PGP? I know the need to encrypt most of the messages > will be small, but I think it is important to get these people so > familar w/ encryption, they won't be scared and will defend it when > the need arises. Bravo! Widespread use of PGP now is analogous to Ben Franklin's pre- revolutionary attempts at setting up and popularizing a post office. People are interested, but aren't ready to take the initiative and accept "new" ideas. If I might put in a selfish plug, get ahold of PGPSHEL2.ZIP at the soda.berkeley.edu site and give it to co-workers and "Windows types" (you all know who those newcomers are :-) ) who are vaguely interested in secure communications. I've discovered that non-DOS folks will let PGP sit on their hard drives for months without exploring it, but once they use PGPShell, begin taking an active interest in what PGP is and does. With all the discussion about what the difference is between Usenet and BBS's, this is probably an important difference as well. BBS users are still enamored with the *concept* of public key encryption, while the more experienced Usenet users take it for granted. They know there's something going on "up there" but aren't too sure what all this PGP talk is all about. The BBS users are an excellent place to "spread the word" about encryption and shouldn't be ignored. With their help encryption will be as normal and every day as the post office is today. From wcs at anchor.ho.att.com Thu May 20 16:30:18 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Thu, 20 May 93 16:30:18 PDT Subject: TEMPEST and other "neat stuff" Message-ID: <9305202233.AA23544@anchor.ho.att.com> Paul Ferguson, fergp at sytex.com, posts excerpts from an article on TEMPEST. With all due respect :-), the article is largely nonsense. > 8<------ Snip, Snip ------[ edited ]------ > (c) 1990 Christopher J. Selin cjs at cwru.cwru.edu cjs at cwru.bitnet > Eavesdropping On the Electromagnetic Emanations of Digital Equipment: > The Laws of Canada England and the United States > This document is a rough draft. The Legal Sections are overviews. > ..... > In the United States it is illegal for an > individual to take effective counter-measures against > TEMPEST surveillance. This leads to the conundrum that it > is legal for individuals and the government to invade the > privacy of others but illegal for individuals to take steps > to protect their privacy. This is distinctly not the case. You can take any countermeasures you want. The precise standards are classified (some SECRET, some CONFIDENTIAL COMSEC), so you can't find out how good the government's abilities to eavesdrop are, or precisely what level of protection the government thinks is necessary to protect classified information, or how good the NSA thinks the Russians are, but as long as you're not using classified information as your sources, you can do anything you want. (If you're not protecting yourself *enough*, the FCC will get on your case, but over-protection is fine.) > 2. TEMPEST is an acronym for Transient Electromagnetic Pulse > Emanation Standard. TEMPEST isn't particularly about transients or electromagnetic pulses, it's about overall electromagnetic emissions. Electromagnetic Pulses are the big fast spikes you get from nuclear explosions (or similar slower spikes from lightning, etc.) and the techniques you use for protection against EMP don't solve your TEMPEST problems, and vice versa, though both kinds of protection are some help for the other. In my previous incarnation as a Tool of the Military-Industrial Complex, I never saw TEMPEST expanded as an acronym in any of the documents I read. > TEMPEST is a defensive standard; a device which > conforms to this standard is referred to as TEMPEST Certified. More specifically, a device that's been tested by an NSA-approved testing lab and has all the paperwork blessed by the NSA is TEMPEST-certified. The NSA puts out an "Evaluated Products List" (the name changes every couple of years) which has approved TEMPEST hardware, NCSC-Orange-Book rated operating systems, etc. > The United States government refuses to release details > regarding TEMPEST and continues an organized effort to censor the > dissemination of information about it. For example the NSA > succeeded in shutting down a Wang Laboratories presentation on > TEMPEST Certified equipment by classifying the contents of the > speech and threatening to prosecute the speaker with revealing > classified information. [cite coming]. The Wang Labs people probably had access to the classified documents - if you have them, you're responsible for not giving out classified information, and material derived from classified information might deserve classification. But that's not the same as saying it's "born classified", which is how nuclear weapons design information is treated (no comments on the legality of that approach...) Now, it may be that the NSA are overzealous in presuming the classified nature of the material in the presentation before hearing it; I don't know the details of the case, but access to classified material legitimately affects your ability to discuss its contents in public. > 3. This Note will not discuses how TEMPEST relates to the > Warrant Requirement under the United States Constitution. > Nor will it discuss the Constitutional exclusion of foreign nationals > from the Warrant Requirement. (*My* copy of the Constitution doesn't say that foreign nationals are excluded from "the people" who have specific rights to due process, and the 14th Amendment clearly requires at least the States not to deprive *any* person of life, liberty, or property without due process, and not to deny equal protection to anyone within its jurisdiction, as well as not abridging privileges or immunities of U.S. citizens. Somehow the recent governments haven't felt that applies to them or something...) In the case of the Crippler Chip, however, you knew it had a built-in wiretap when you bought it, which changes some of the reasonable expectations about privacy a bit. Bill Stewart From poier at sfu.ca Thu May 20 17:44:20 1993 From: poier at sfu.ca (Skye Merlin Poier) Date: Thu, 20 May 93 17:44:20 PDT Subject: Crypto constitution Message-ID: <9305210044.AA04138@malibu.sfu.ca> -----BEGIN PGP SIGNED MESSAGE----- One suggestions for improving the constitution: change all occurances of "Men" or "man" to "the people" and make all pronouns gender-neutral. If this is going to be a constitution for the new age, lets have the wording reflect the ideals we hold. Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK/wlyi0bkpXW3omvAQE6pQP8CApOVKoEn1mHFz/n7BkcKbwsi7E5a7Vh Cmc9HefbtR01PvPa1qNeQv5g1vwiatINfVCX3UkZHw30HNIa5grXNXGnPvoG4adX DZ6pLfWNZGzaQDE6pctA6V6qiyae3B3Rxoq50/91Qaex5gK0SZPg+bMKdxCxBmn2 71WNckM7usY= =rm+w -----END PGP SIGNATURE----- From esr at snark.thyrsus.com Thu May 20 18:04:28 1993 From: esr at snark.thyrsus.com (Eric S. Raymond) Date: Thu, 20 May 93 18:04:28 PDT Subject: hello, all Message-ID: I've just joined the list. I did so because I'm mad as hell about the Clipper proposal (some of you may have seen my incendiary post to RISKS on the topic). Some of you know me. Others have probably seen my work, which includes (among much else) major packages in Emacs 19, a moderately popular netnews suite, the /dev/speaker driver for PC-clones, and editing the Jargon File. I want to know what I can do to help block the Feds from `surveilling' everybody and to spread crypto-anarchy. I'm not up to speed on technical cryptography yet (though I know a lot about the pre-computer kind, Vigenere ciphers and such) but I'm chasing references and hope to be soon. There may be other ways I can contribute. Besides being a skilled hacker, I'm also good with English. I have a lot of experience at maintaining successful FAQs (I'm handling six now, including the monthly three-part buyer's guide for ISA UNIX software and hardware). If the cypherpunks FAQ is still in preparation, I can probably be of substantial help with it. -- Eric S. Raymond From mdiehl at triton.unm.edu Thu May 20 22:18:07 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Thu, 20 May 93 22:18:07 PDT Subject: Crypto constitution In-Reply-To: <9305210044.AA04138@malibu.sfu.ca> Message-ID: <9305210517.AA08527@triton.unm.edu> > One suggestions for improving the constitution: change all occurances of > "Men" or "man" to "the people" and make all pronouns gender-neutral. I would suggest that we don't use "people," but instead use "Mankind." Or, better yet, lets use "Earthlings," since this will cover people who haven't yet declared their gender. And as far as gender-neutral pronouns, this is also a problem. To many, "chairperson" immediately implies "female-chair-man." This obviously won't work. Well, I guess we could use "he/she." But that won't work either since it gives precedence to (gasp!) "HE." Clearly, we need to come up with a new word in order to satisfy everybody. (I use the word "everybody" to mean "the people," and not just because it has the word "body" in it, which would be the stereotypically-male thing to think about) So, I propose that we, Cypherpunks, adopt my favorite Politically Correct term for "person:" "Generic-Colorless-raceless-carbon-based-bipedial-inhabitant-of-the-third- spherical-object-from-the-bright-mass-in-the-center-of-the-solar-system" As far as I've been able to tell, this term doesn't discriminate against anyone, so I feel this is a good substitue for "man," "men," and "the people." :Satire Mode Off. :Reality Mode On. > If this is going to be a constitution for the new age, lets have the wording > reflect the ideals we hold. I've always thought that fighting over this kind of trivia was kinda childish. It used to be that when someone said, "...and one giant step for mankind...," that we understood this to include EVERYBODY! Lets pick our fights better than this, shall we? Sorry, just couldn't resist..... ;^) +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl at triton.unm.edu | But, I was mistaken. |available| | mike.diehl at fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From poier at sfu.ca Thu May 20 23:20:59 1993 From: poier at sfu.ca (Skye Merlin Poier) Date: Thu, 20 May 93 23:20:59 PDT Subject: Crypto constitution In-Reply-To: <9305210517.AA08527@triton.unm.edu> Message-ID: <9305210620.AA22924@malibu.sfu.ca> [reality check on] > :Satire Mode Off. > :Reality Mode On. > >> If this is going to be a constitution for the new age, lets have the wording >> reflect the ideals we hold. > >I've always thought that fighting over this kind of trivia was kinda childish. > It used to be that when someone said, "...and one giant step for mankind...," > that we understood this to include EVERYBODY! Lets pick our fights better > than this, shall we? Excuse me, but it seems that you are being very defensive. I was not picking a fight. It is evident that you cling to "It used to be that" ideals. Just because something "used to be" is not justification for its perpetuation. Is it such a drastic step to replace a couple words that you feel necessary to ridicule something that I consider important? As far as I am concerned, Mr.Diehl it is YOU who are being childish. Wake up, will you? And please refrain from using the word "we". I do not enjoy being patronized. > Sorry, just couldn't resist..... ;^) Obviously. You are indeed a man of tremendous wit and satire. > +------"I'm just looking for the opportunity to be -------------+ > | Politically Incorrect!" | Also plainly obvious. Skye Poier -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From tcmay at netcom.com Fri May 21 00:03:17 1993 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 21 May 93 00:03:17 PDT Subject: Why So Many Articles on Cypherpunks? In-Reply-To: <9305201822.AA04856@titan.ucs.umass.edu> Message-ID: <9305210703.AA13490@netcom3.netcom.com> Mr. Noise writes: > Having received my copy of the latest Whole Earth Review yesterday, I > expected to see a pile of messages about the article by Kevin Kelly on > "Cypherpunks, E-Money, & Technologies of Disconnection"...but maybe, > like me, you've all been too busy to read the article all the way through. .... > Well, anyway, it seems Mr. Kelly has spent some time talking to list > member (guru?) Tim May, Phil Zimmerman, & a bunch of other cypherpunk > folk, so how about some reactions to the article from those he talked to? I haven't seen the newstand issue yet and haven't thought too much about it. Kevin Kelly first contacted me last fall because of some posts I'd made on sci.crypt (Round 1 of the "key registration" battle, before we knew the government planned this key escrow thing, happened when I wrote an article for Extropians, Cypherpunks (very young then), and sci.crypt entitled "A Trial Balloon to Ban Encryption?"). Kelly talked to me, Eric Hughes, John Gilmore, circa December, and attended two Cypherpunks physical meetings. (We had a debate around then about whether journalists should be allowed, invited, or ignored...the eventual outcome was that help should be provided to journalists interested in these issues.) Kevin Kelly visited my house near Santa Cruz and we talked for several hours. He was also commissioning an article for "Wired" by Steven Levy, who also talked to several of us. Hence the double articles, which were both written at about the same time. (There's also a Julian Dibell piece for "The Village Voice" in the works...maybe the stuff he's aleady written is *it* , maybe there's going to be more.) > ...& is it me, or is the WER/WELL/cypherpunks/Wired/EFF/etc. crowd starting > to get just a *little* inbred? (In a nice way, of course...) I feel as > though Kelly, Sterling, Brand, Levy, et al. are my best buddies & I don't > think we've ever exchanged e-mail (well, once or twice maybe), they just > keep popping up everywhere I turn. Heck, I may even have to write R.U.Sirius > into my will, he feels like such an old pal... I agree with Mr. Noise about this and am trying to "lay low" as much as possible. However, if journalists are interested in our kinds of topics, they'll write stories. The Cypherpunks list doesn't "assign" members to be interviewed....the journalists sniff the air for interesting hooks and angles to center a piece on. The work of Zimmermann is very obvious (though he's not on the list...he did attend one meeting), as are the obvious battles with the NSA being fought by John Gilmore. I can think of several others who have stuff going on that would make interesting stories. For now, the "cyberspace" community is largely defined by the magazines mentioned, and a few others ("Boing Boing," 'Extropy,"....). Hence the incestuous nature. (Also, the editors and writers know each other and have longstanding credentials in the hacker community.) I hope this little summary gives some perspective on why so many articles are now appearing. The timing is perfect, even if 98% of Americans have never heard of Clipper. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From tribble at memex.com Fri May 21 00:35:39 1993 From: tribble at memex.com (E. Dean Tribble) Date: Fri, 21 May 93 00:35:39 PDT Subject: [esr@snark.thyrsus.com: CLIPPER: Published version of my rant] Message-ID: <9305202001.AA29900@memexis.memex.com> This is the version of my post that went to RISKS 14.64. It was edited by me to remove assertions which might expose the RISKS digest to libel action. Permission to redistribute this version as you see fit is explicitly granted. Please do *not* redistribute the old version. ------------------------------- CUT HERE ------------------------------------- From: esr at snark.thyrsus.com (Eric S. Raymond) To: risks at csl.sri.com Subject: Re: Clipper (Rotenberg, RISKS-14.62) In Marc Rotenberg wrote: > Denning has to be kidding. The comments on the proposed DSS were uniformly > critical. Both Marty Hellman and Ron Rivest questioned the desirability of > the proposed standard. Mr. Rotenberg, as a public figure operating in the political arena, has to exercise a certain diplomatic restraint in responding to Ms. Denning's claims. I am, thankfully, under no such requirement. As a long-time RISKS reader and contributor, I observe that that this is not the first time that Ms. Denning has apparently operated as a mouthpiece for the NSA's anti-privacy party line on DES and related issues. I believe Ms. Denning's remarks must be understood as part of a continuing propaganda campaign to marginalize and demonize advocates of electronic privacy rights. Other facets of this campaign have attempted to link privacy advocates to terrorists and drug dealers by suggesting that only criminals need fear wiretapping. These are serious charges. I make them because, in the wake of the Clipper proposal, I do not believe civil libertarians can afford any longer to assume that their opponents are persons of good will with whom they can simply debate minor differences of institutional means in a collegial way. It's time for someone to say, in public and on this list, what I know many of us have been thinking. The future is *now*. Electronic privacy issues are no longer a parlor game for futurologists; they are the focus of a critical political struggle, *and the opponents of privacy are fighting their war with all the tools of force, deception, and propaganda they can command*. The histories of the DES, the FBI wiretap proposal, and now the Clipper proposal must be considered against a wider background of abuses including the Steve Jackson case, "Operation Longarm", and the routine tapping of U.S. domestic telecommunications by NSA interception stations located outside the geographic borders of the United States. These form a continuing pattern of attempts by agencies of the U.S. government to pre-empt efforts to extend First and Fourth Amendment privacy protections to the new electronic media. In each case, the attempt was made to present civil libertarians with a fait accompli, invoking "national security" (or the nastiness of "kiddie porn") to justify legislative, judicial and practical precedents prejudicial against electronic privacy rights. While I would not go so far as to claim that these efforts are masterminded by a unitary conspiracy, I believe that the interlocking groups of spies, bureaucrats and lawmen who have originated them recognize each other as cooperating fellow-travellers in much the same way as opposing groups like the EFF, CPSR and the Cypherpunks do. Their implicit agenda is to make the new electronic communications media transparent to government surveillance and (eventually) pliant to government control. One of the traits of this culture of control is the belief that manipulative lying and dissemblage can be justified for a `higher good'. I believe that Ms. Denning's disingenuous claim that the DSS "is now considered to be just as strong as RSA" is no mere technical misapprehension. I believe it is propaganda aimed at making objectors non-persons in the debate. I cannot know whether Ms. Denning actually believes this claim, but it reminds me all too strongly of the classic "Big Lie" technique. It is important for us to recognize that the propaganda lie is not an aberration, but a routine tool of the authoritarian mindset. And the authoritarian mindset is, ultimately, what we are confronting here --- the mindset that regards the fighting of elastically-defined `crime' as more important than privacy, that presumes guilt until innocence is proven, that demands for government a license to override any individual's natural rights at political whim. We cannot trust representatives of an institutional culture that was *constructed* to deal in information control, lies, secrecy, paranoia and deception to tell us the truth. We cannot accept the authoritarians' unverified assurances that the sealed interior of the Clipper chip contains no `trapdoor' enabling the NSA to eavesdrop at will. We cannot trust the authoritarians' assertions that they have no intention of outlawing cryptographic technologies potentially more secure than the Clipper chip. We cannot believe the authoritarians' claims that `independent' key registries will prevent abuse of decryption keys by government and/or corrupt individuals. We cannot --- we *must not* --- cede control of encryption technology to the authoritarians. To do so would betray our children and their descendants, who will work and *live* in cyberspace to an extent we can barely imagine. We cannot any longer afford the luxury of treating the authoritarians as honest dealers with whom compromise is morally advisable, or even possible. Whatever their own valuation of themselves, the thinly-veiled power grab represented by the Clipper proposal reveals a desire to institutionalize means which a free society, wishing to remain free, *cannot tolerate*. Big Brother must be stopped *here*. *Now.* While it is still possible. -- Eric S. Raymond ------------------------------- CUT HERE ------------------------------------- From gg at well.sf.ca.us Fri May 21 02:35:39 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Fri, 21 May 93 02:35:39 PDT Subject: Consider "Working Assets" phone service instead of AT&T Message-ID: <199305210935.AA00447@well.sf.ca.us> Phonecard-only account: minor inconvenience to support a major principle. As far as I'm concerned, "convenience" is the biggest hook that Big Bro has to use on us these days, but it only works if we're lazy enough to go for it. So sign with Working Assets and write them a note telling them you want to see a phonecard-only option soon, and chances are they'll be responsive if they get enough of those. Especially if they're getting them from people who used to have accounts with teh Big Three. -gg From zippy at berry.cs.brandeis.edu Fri May 21 07:16:11 1993 From: zippy at berry.cs.brandeis.edu (Patrick Tufts) Date: Fri, 21 May 93 07:16:11 PDT Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305210935.AA00447@well.sf.ca.us> Message-ID: <9305211418.AA10692@berry.cs.brandeis.edu> Date: Fri, 21 May 1993 02:35:20 -0700 From: George A. Gleason [....] it. So sign with Working Assets and write them a note telling them you want to see a phonecard-only option soon, and chances are they'll be responsive if they get enough of those. Especially if they're getting them from people who used to have accounts with teh Big Three. ^^^ ^^^^^ Isn't Working Assets just a reseller of AT+T (or is it Sprint) LD? As such, you're still giving business to one of "the Big Three". From elee9sf at Menudo.UH.EDU Fri May 21 07:39:13 1993 From: elee9sf at Menudo.UH.EDU (elee9sf at Menudo.UH.EDU) Date: Fri, 21 May 93 07:39:13 PDT Subject: Huffman and Crypto In-Reply-To: <9305201955.AA05279@smds.com> Message-ID: <199305211439.AA00169@Menudo.UH.EDU> > 3) Does anyone know of an easy-to-get-sources, easy-to-use arithmetic > coding compression program? > I have a book titled "Data Compression" or something like that, which explains Huffman and Huffman-type coding, arithmetic coding, dictionary compressers (sliding window LZ* types), and JPEG compression. The book comes with source code, so if anybody else has it and has a scanner... As I recall, arithmetic compression works well, but is really cpu intensive, even with a math-coprocessor. Plus, you need to have a rough idea of the statistical breakdown of the plaintext for arithmetic compression to work as well as it can. The Zimpel-Lev type sliding window compressors are popular because they work well on most inputs, with little or no pre-computation or statistics. Isn't Phil Karn on this list? I'm sure he can tell you everything you want to know about compression :-) /-----------------------------------\ | Karl L. Barrus | | elee9sf at menudo.uh.edu | <- preferred address | barrus at tree.egr.uh.edu (NeXTMail) | \-----------------------------------/ From jordan at imsi.com Fri May 21 08:01:17 1993 From: jordan at imsi.com (Jordan Hayes) Date: Fri, 21 May 93 08:01:17 PDT Subject: Crypto constitution Message-ID: <9305211451.AA06984@IMSI.COM> I think I was able to cryptoanalyze the last few messages (steganography is *so* cool!), but it looks like some of the line noise from my modem messed up the codebook. Can someone tell me if that was "gender-inspecific pronoun" or "gather prolific dingdong" in the second exchange? /jordan From walmsley at ccint1.rsre.mod.uk Fri May 21 08:51:48 1993 From: walmsley at ccint1.rsre.mod.uk (Clive) Date: Fri, 21 May 93 08:51:48 PDT Subject: Ref Strong Encryption Message-ID: <9305211551.AA22478@toad.com> Hi, am I missing something .... From: baumbach at atmel.com (Peter Baumbach) >> It seems that an easely available (legal) software verification system >> needs to be made. If one were widely used, virus worries of people >> could be channeled into a demand for strong encryption. Tell people >> that the Crippler Chip might prevent this from ever happening. How can the case be made for strong encryption, based upon the worries of people over viruses??? I fail to see how the worries over viruses can be countered, channelled into the need for strong encryption. ??? Clive Walmsley Walmsley at ccint1.rsre.mod.uk From esr at snark.thyrsus.com Fri May 21 10:24:02 1993 From: esr at snark.thyrsus.com (Eric S. Raymond) Date: Fri, 21 May 93 10:24:02 PDT Subject: Proposed Cypherpunks FAQ outline Message-ID: After exchanging email with Eric Hughes and other listmembers, I find that the previous attempt at putting together a cypherpunks FAQ seems to be moribund. I have a lot of experience building FAQs, and maintain several popular ones on USENET, including: * The PC-UNIX Hardware and Software Buyer's Guides * The list of Publicly Known Bugs in USL UNIX * So You Want To Be A UNIX Wizard? (The Loginataka) * Telebit Trailblazer how-to FAQ Accordingly, I'm able and willing to take on this job. The hardest thing about writing a FAQ is to define its scope and level of detail. Accordingly, SOP if you know what you're doing is to start by generating a list of questions to be answered, and/or an outline. I've done this below. 1. Why cypherpunks? a. Privacy is essential to freedom. b. The government cannot be relied on to protect your privacy rights. c. Technology can give individuals leverage against would-be oppressors, but only if we're sufficiently smart and dedicated to build the levers. d. Cypherpunks exists to build and propagate privacy software. 2. What are the essentials of privacy software? a. Public-key cryptosystems for secure communication. b. Unforgeable electronic signatures for message authentication. c. DC-net or similar protocols to thwart spoofing. 3. What are the potential applications of good privacy software? a. Secure communications. b. Digital cash. c. Electronic voting. d. Electronic contracts. e. 4. What are the key algorithms, tools, and implementations for privacy software? a. RSA b. DES c. Clipper/Capstone/DSS d. PGP e. Possible non-RSA trapdoor functions. 5. What are the social and political implications of good privacy software? a. Drastically lower transaction costs for trade. b. Expansion of the counter-economy. c. Disempowerment of government. 6. What are the legal, political, and technical obstacles? a. The Clipper/Capstone/DSS power grab. b. The RSA patent and the PGP/RSA fight. c. RSA's base problem may not be NP-complete. 7. What can I do to help? a. Work on cryptographic software. b. Agitate against the Clipper/Capstone/DES standard. Each subsection should be written by a list expert and include pointers to published sources and other FAQs. You can help in one of three ways: 1) Volunteer to write one of the sections or subsections above. 2) Suggest more questions. 3) Identify yourself to me as a technical expert on a particular area in the outline, even if you're not willing to commit to writing it. That way I'll know whose brains to pick. I think an edited version of Tim May's glossary should go at the end. Tim, are you willing? -- Eric S. Raymond From mdiehl at triton.unm.edu Fri May 21 10:49:10 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Fri, 21 May 93 10:49:10 PDT Subject: Constitution. Message-ID: <9305211749.AA28087@triton.unm.edu> Sorry all, but I had to reply to this letter, and since it was net-wide distribution, I felt I should reply in kind. >[reality check on] :Fantacy Mode Off. >>> If this is going to be a constitution for the new age, lets have the wording >>> reflect the ideals we hold. >> >>I've always thought that fighting over this kind of trivia was kinda childish. >> It used to be that when someone said, "...and one giant step for mankind...," >> that we understood this to include EVERYBODY! Lets pick our fights better >> than this, shall we? >Excuse me, but it seems that you are being very defensive. I was not picking >a fight. It is evident that you cling to "It used to be that" ideals. Just >because something "used to be" is not justification for its perpetuation. Is >it such a drastic step to replace a couple words that you feel necessary to >ridicule something that I consider important? As far as I am concerned, Mr.Diehl >it is YOU who are being childish. Wake up, will you? And please refrain from >using the word "we". I do not enjoy being patronized. Defensive? I don't think so. I am simply pointing out how silly this though- control business really is. I wasn't personally injured by it; it's just too silly to worry so much about. Perhapse "fight" wasn't the correct word. I'm sorry. Tell me, what is wrong with "'It used to be that' ideals?" I hope you don't believe that "mankind" only refers to "malekind." This is furthest from the truth. To answere you'r question, no, it is not such a drastic step, but it bothers me that people feel it necessary to traditional and natural language into something that is artificial and restrictive. You go on to state that this is something that you feel strongly about; fine, but you don't hold a monopoly on opinion. Then you go on to say that I am childish and that I should wake up. I'll just say that I consider this to be a mere personal attack and remind you that I made no such attack to you; and I'll leave it at that. Then you reqest that I refrain from using the word "we." Let me requote something you wrote: >>> If this is going to be a constitution for the new age, lets have the wording >>> reflect the ideals we hold. -----------------------^ Since when is it ok for you, but in bad taste for me? Especially since you are attributing "ideals we hold" to people without asserting what these ideals are. And your asserting that we need special, approved language to express these ideals. I can't decide if the ideal at hand is gender-equallity, or language- neutrality. Remember that this little discussion is NET-WIDE, so "we" refers to Cypherpunks, not YOU in particular. Perhapse you are being a bit defensive? >> Sorry, just couldn't resist..... ;^) >Obviously. You are indeed a man of tremendous wit and satire. Thank you! Even if you are being sarcastic. I'm too gullible to know the difference. ;^) Actually, I hope it was at least amusing even if you didn't agree. > +------"I'm just looking for the opportunity to be -------------+ > | Politically Incorrect!" | >Also plainly obvious. If I lived under a dictatorship, this would read, "I'm just.....to be democratic." This is my protest against an "ideal" that I find smacking of censorship, 1984, and class-hatred. Under PC, other people have the right to tell me what I can and can not say, as you did above. PC would restrict my sometimes limited use of language even further by mandating that I use only approved words and phrases. Eventually, I'll not even be able to talk about such things as gender-differences because this (amoung many others) will have been deemed "unfit for correct conversation." "And now, back to our regularly scheduled program...." +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl at triton.unm.edu | But, I was mistaken. |available| | mike.diehl at fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From mimir at u.washington.edu Fri May 21 11:10:46 1993 From: mimir at u.washington.edu (Al Billings) Date: Fri, 21 May 93 11:10:46 PDT Subject: Crypto constitution In-Reply-To: <9305210517.AA08527@triton.unm.edu> Message-ID: On Thu, 20 May 1993, J. Michael Diehl wrote: > I've always thought that fighting over this kind of trivia was kinda childish. > It used to be that when someone said, "...and one giant step for mankind...," > that we understood this to include EVERYBODY! Lets pick our fights better > than this, shall we? Unfortunatly for you (in a small way), people teaching English do not agree. I have done more than my share of term papers and articles and in the cases where I have used "man" for "humanity," it HAS been noticed. There is no reason NOT to use gender neutral terms. It isn't going to hurt you to do so and some people out there will appreciate it and will notice if gendered terms are used. Why not then? Wassail, Al Billings From jet at nas.nasa.gov Fri May 21 11:21:27 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Fri, 21 May 93 11:21:27 PDT Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <199305210935.AA00447@well.sf.ca.us> Message-ID: <9305211821.AA19054@boxer.nas.nasa.gov> George A. Gleason writes: > Phonecard-only account: minor inconvenience to support a major principle. You miss my point -- I *can't* get an account with them because I don't have a phone line to tie it to. There is a phone where I stay, but it's not mine. So, I'm stuck with US Splint. From dmandl at lehman.com Fri May 21 11:29:14 1993 From: dmandl at lehman.com (David Mandl) Date: Fri, 21 May 93 11:29:14 PDT Subject: Proposed Cypherpunks FAQ outline Message-ID: <9305211828.AA16694@disvnm2.shearson.com> > From: esr at snark.thyrsus.com (Eric S. Raymond) An obvious addition... > 7. What can I do to help? > a. Work on cryptographic software. > > b. Agitate against the Clipper/Capstone/DES standard. c. Promote the use of encrypted communication, help spread PGP and other appropriate tools far and wide (both to help get a better foothold to thwart the Clipper monopoly and its ilk, and to work towards making crypto as commonplace as envelopes). I guess this is a superset of b. --Dave. From dmandl at lehman.com Fri May 21 11:38:32 1993 From: dmandl at lehman.com (David Mandl) Date: Fri, 21 May 93 11:38:32 PDT Subject: Proposed Cypherpunks FAQ outline Message-ID: <9305211838.AA16816@disvnm2.shearson.com> > From: esr at snark.thyrsus.com (Eric S. Raymond) ...also, there should of course be information on anonymous remailers. This could fit in both > 3. What are the potential applications of good privacy software? > a. Secure communications. > b. Digital cash. > c. Electronic voting. > d. Electronic contracts. e. Secure anonymous remailers. and > 5. What are the social and political implications of good privacy software? > a. Drastically lower transaction costs for trade. > b. Expansion of the counter-economy. > c. Disempowerment of government. d. Anonymity for whistleblowers and others desiring or requiring anonymity on the net. --Dave. From fergp at sytex.com Fri May 21 11:42:21 1993 From: fergp at sytex.com (Paul Ferguson) Date: Fri, 21 May 93 11:42:21 PDT Subject: FOIA info Message-ID: A quick addendum to my post on alt.privacy yesterday. After making a few phone calls, I found that these are the correct addresses to send requests for information under the Freedom of Information Act (FOIA): Central Intelligence Agency: Mr. John H. Wright Information and Privacy Coordinator Central Intelligence Agency Washington, DC 20505 Federal Bureau of Investigation: Federal Bureau of INVESTIGATION J. Edgar Hoover Building 9th and Pennsylvania Avenue, N.W., Washington, DC 20535 ATTN: FOIA/PA Section National Security Agency: Director, NSA/CSS 9800 Savage Road Fort George G. Meade, Maryland 20755-6000 ATTN: FOIA/N5 For those who live in The Commonwealth of Virginia, this is the address of the Richmond field office: Federal Bureau of Investigation 111 Greencourt Road Richmond, Virginia 23228 ATTN: FOIA/PA Section Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From fergp at sytex.com Fri May 21 11:42:25 1993 From: fergp at sytex.com (Paul Ferguson) Date: Fri, 21 May 93 11:42:25 PDT Subject: SIGINT and TEMPEST follies Message-ID: On Thu, 20 May 93 18:33:52 EDT, Bill_Stewart wrote - > This is distinctly not the case. You can take any countermeasures > you want. The precise standards are classified (some SECRET, some > CONFIDENTIAL COMSEC), so you can't find out how good the > government's abilities to eavesdrop are, or precisely what level of > protection the government thinks is necessary to protect classified > information, or how good the NSA thinks the Russians are, but as long > as you're not using classified information as your sources, you can > do anything you want. (If you're not protecting yourself *enough*, > the FCC will get on your case, but over-protection is fine.) I beg your pardon, but this is _not_ the case. TEMPEST requirements are _not_ classified and are available for public scrutiny. (You obviously do not know where to look.) I _know_ this to be true: I working in the COMSEC arena within the US military for the better part of five years. In fact, I helped design and construct the first tactically-based, X.25 packet switched, PC based, uHF interfaced network in Europe back in the early '80's using Zenith Z-248's and KG-84's. We did everything from designing the cabling pin-out's on up. > TEMPEST isn't particularly about transients or electromagnetic pulses, > it's about overall electromagnetic emissions. You're trying to separate issues that are one and the same. With the proper equipment, I can put you and an IBM Selectric (tm) typewriter on a wooden raft in the middle of Lake Superior, monitor and realize every keystroke that you make and you'd not be the wiser. This type of monitoring is easily defeated by low yield TEMPEST requirements. I've worked in this area, Bill, and have tested these _facts_. I don't care how you care to word it, it _is_ transient electromagnetic emissions. > Electromagnetic Pulses are the big fast spikes you get from nuclear > explosions (or similar slower spikes from lightning, etc.) and the > techniques you use for protection against EMP don't solve your > TEMPEST problems, and vice versa, though both kinds of protection > are some help for the other. > In my previous incarnation as a Tool of the Military-Industrial > Complex, I never saw TEMPEST expanded as an acronym in any of the > documents I read. As I stated above (and I place myself in jeopardy of being accosted by Big Brother by admitting it), I was a COMSEC flunky during my junket with the US Army. Originally, I was a 31S(ierra) and later a 29S(ierra) when two MOS's (Military Occupational Specialties, in Army jargon) were later merged. I was also a COMSEC Custodian (alternate, actually) and I can admit that I have a deep understanding of cryptographic key systems, cryptographic theory, cryptographic hardware design and integration and "BLACK" and "RED" separation principles. This type of technology does not require a rocket scientist (trust me, I've worked with them too at NASA)(oh yeah, I forgot -- I've also done contract work for Bell Labs and AT&T Secure Systems). > In the case of the Crippler Chip, however, you knew it had a built-in > wiretap when you bought it, which changes some of the reasonable > expectations about privacy a bit. This issue is one where I must disagree with you emphatically. The majority of the American public don't even know about Clipper. Hell, most of them think those AT&T commercials (Aretha singing "Freedom") are cute. Personally, I think its pretty sick, considering how they worked in collusion with Big Brother (No Such Agency) and announce that they would be immediately using this "technology" on the same day that the NIST made its announcement that Clipper would be the "weapon of choice" in their war on drugs, would-be criminals and the American public (April 16, 1993). I know the technical specifics of TEMPEST (it is an acronym, BTW) and the reason it was developed as a SIGINT (SIGnal INTelligence) standard. Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From tedwards at wam.umd.edu Fri May 21 12:55:02 1993 From: tedwards at wam.umd.edu (technopagan priest) Date: Fri, 21 May 93 12:55:02 PDT Subject: Cryptography show for ITR? Message-ID: <199305211954.AA28275@rac2.wam.umd.edu> This week's NPR "Talk of the Nation/Science Friday" was on the internet. Both telephone callers, and internet "callers" were accepted. The show included the founder of Internet Talk Radio. There was a question along the lines of "how can internet mail privacy be assured?" Unfortunately, the experts only breifly mentioned public-key cryptosystems. I was wondering if they would go into a longer discussion about electronic privacy and crypto issues. I wonder if we could get a "cypherpunk" onto Internet Talk Radio to discuss cryptography and it's privacy concerns. Any ideas? -Thomas From sommerfeld at apollo.hp.com Fri May 21 13:16:34 1993 From: sommerfeld at apollo.hp.com (sommerfeld at apollo.hp.com) Date: Fri, 21 May 93 13:16:34 PDT Subject: looking for distributed systems/crypto textbook. Message-ID: <9305212016.AA25837@toad.com> At work, we're thinking of organizing an internal self-study seminar on areas related to distributed systems security. I know of Denning's textbook in the area, but would prefer not to use it for what should be obvious reasons. I also know of and have read the "Contemporary Cryptography" book by Simmons, but it seems to be a little too heavily oriented towards crypto/math as opposed to applications. Undoubtedly many of you would have opinions in this area; let me know what they are and I'll summarize to the list. - Bill From MCMAHON at Eisner.DECUS.Org Fri May 21 13:18:37 1993 From: MCMAHON at Eisner.DECUS.Org (John (FuzzFace/Fast-Eddie) McMahon) Date: Fri, 21 May 93 13:18:37 PDT Subject: Cryptography show for ITR? Message-ID: <01GYFYUSBADK002QNU@Eisner.DECUS.Org> I just forwarded your suggestion to the guys who run ITR. Hopefully, it will go somewhere :-) Cheers! Fuzz From anton at hydra.unm.edu Fri May 21 13:48:17 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Fri, 21 May 93 13:48:17 PDT Subject: Dec. of Ind. < Govt. Imposted Crypto Restrictions Message-ID: <9305212048.AA17631@hydra.unm.edu> I'd sure lend a .signature to ratify that! -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From anton at hydra.unm.edu Fri May 21 14:00:19 1993 From: anton at hydra.unm.edu (Stanton McCandlish) Date: Fri, 21 May 93 14:00:19 PDT Subject: cypto + compression In-Reply-To: <9305200743.AA02030@netcom.netcom.com> Message-ID: <9305212100.AA18233@hydra.unm.edu> Just thought of something (I hope it gives someone a business idea, I have plenty to spare at the moment.) OK: compression, simplified, works (in several of its manifestations at least) by replacing redunant parts with a single part that represents 1) what the replaced parts are, and 2) how many there are. Thus "feed" could be compressed as "f!d" where ! = "2 e's". I know, I know this is a terrible oversimplifica- tion, but that's the juice of the fruit, no? OK well if you encrypt a compressed file, there are bound to be lots more new redundencies created in the encryption process (unless it is something like ROT-13). Why not compress this AGAIN, squeezing more space out of the data? Sure you can do this manually but things like DES are slow. What I am thinking is: have something like zip or compress that compresses, encrypts, then recompresses, and repeats this process until it can compress no more. Compression/extraction time will slow down, but for those that NEED heavy- duty compression, big deal. It shouldn't really be TOO bad, since this almost 1/2-assed encryption need not be secure in any way, it could have a very short key. Any ideas? What is wrong with this idea? (something must be, or it would've been done by now, I am guessing.) I don't know the math, so I suspect I must've erred gravely somewhere. -- Testes saxi solidi! ********************** Podex opacus gravedinosus est! Stanton McCandlish, SysOp: Noise in the Void Data Center BBS IndraNet: 369:1/1 FidoNet: 1:301/2 Internet: anton at hydra.unm.edu Snail: 8020 Central SE #405, Albuquerque, New Mexico 87108 USA Data phone: +1-505-246-8515 (24hr, 1200-14400 v32bis, N-8-1) Vox phone: +1-505-247-3402 (bps rate varies, depends on if you woke me up...:) From smb at research.att.com Fri May 21 14:26:25 1993 From: smb at research.att.com (smb at research.att.com) Date: Fri, 21 May 93 14:26:25 PDT Subject: cypto + compression Message-ID: <9305212126.AA27376@toad.com> OK well if you encrypt a compressed file, there are bound to be lots more new redundencies created in the encryption process (unless it is something like ROT-13). Why not compress this AGAIN, squeezing more space out o Actually, you've got it backwards. A decent encryption algorithm, including DES, generates something with very little redundancy, and hence which cannot be compress further. $ compress vmunix.Z $ des -e -k foo vmunix.Z.des des: WARNING: using software DES algorithm $ compress vmunix.Z.des.Z -rwxr-xr-x 1 root 1875490 Jan 7 16:59 /vmunix $ des -e -k foo vmunix.des.Z des: WARNING: using software DES algorithm $ ls -l /vmunix vmunix* -rwxr-xr-x 1 root 1875490 Jan 7 16:59 /vmunix -rw-rw-r-- 1 smb 794374 May 21 17:17 vmunix.Z -rw-rw-r-- 1 smb 794376 May 21 17:18 vmunix.Z.des -rw-rw-r-- 1 smb 1066555 May 21 17:18 vmunix.Z.des.Z -rw-rw-r-- 1 smb 2538235 May 21 17:21 vmunix.des.Z As you can see, compressing after encrypting *increases* the size of the file. From peb at PROCASE.COM Fri May 21 14:40:43 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Fri, 21 May 93 14:40:43 PDT Subject: cypto + compression Message-ID: <9305212138.AA12666@banff.procase.com> >Why not compress this AGAIN If your compression algorithm is any good, it should *not* be able to compress the output a second time. Compressing before encryption is vital--it makes brute force and plaintext attacks much more difficult. On compression forever: I read a science fiction short story once where (not sure of title or author, but it is a classic) a bunch of geniuses are ostensibly sent to another planet to "explore", but the people sending them had a different motive: get them away from Earth and give them time to dream up cool stuff. Okay, so they dream up way cool stuff, but have this problem with transmission bandwidth back to Earth. Then they figure out that any message can be encoded in prime numbers like: 2^a * 3^b * 5^c * 7^d... where a b c d are the character values (ascii or letter A==0, B==1, etc.). After a message is encoded, the result is a *big number*. This number is not more compact than the original message, but the clever geniuses flying to Tau Ceti (or wherever) figured out how to factor the number down to things like M^N + P^Q, where the number of bits needed to write down the factorization was very small, say, 100 bits or so. THEN, they ship this factorization back to Earth and save bandwidth and it encodes the whole Encyclopedia Gallactica. This scheme doesn't work because factoring is much harder than using other compression techniques. Paul E. Baclace peb at procase.com From edgar at spectrx.Saigon.COM Fri May 21 14:48:56 1993 From: edgar at spectrx.Saigon.COM (Edgar W. Swank) Date: Fri, 21 May 93 14:48:56 PDT Subject: LISTBIZ: Unsub during my abscence/USA-Legal PGP Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Distribution: Cypherpunks Request Cypherpunks Please stop sending the Cypherpunks mailing list to edgar at spectrx.saigon.com (Edgar W. Swank) until further notice. I anticipate rejoining the list soon after my wife and I return from travel abroad around the end of June. (Since I'm retired I guess I can't say "vacation" or "holiday", can I?) For the general list: I would greatly appreciate it if someONE would save to E-mail me after my return any postings here or to alt.security.pgp about the progress of the USA-Legal PGP project or availability, or any response by Jim Bidzos or RSA to Phil Z's letter of early this month, asking permission to use non-standard RSAREF entry points. -----BEGIN PGP SIGNATURE----- Version: 2.2.1/EWS iQCVAgUBK/yZrt4nNf3ah8DHAQEQVwP8Cx6lG7kR4GnlRyka1B+l1BJisvcxfBGt i/YioZA0WF/4nlFOnj45vMMuPwWLfAFc/BtzjLmk3Iammiw2ZlUfs29rcF9peq+w YWjjVCePIbKE08pYiCUzaSlHT5l1II5Fl0Ex9NoMgjNfYCY2RxzGzrhlObeNZCra J+WXauK0l18= =Ipsd -----END PGP SIGNATURE----- -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From marc at GZA.COM Fri May 21 14:56:50 1993 From: marc at GZA.COM (Marc Horowitz) Date: Fri, 21 May 93 14:56:50 PDT Subject: cypto + compression In-Reply-To: <9305212100.AA18233@hydra.unm.edu> Message-ID: <9305212156.AA03491@dun-dun-noodles.aktis.com> >> Any ideas? What is wrong with this idea? (something must be, or it >> would've been done by now, I am guessing.) I don't know the math, so >> I suspect I must've erred gravely somewhere. You have indeed erred gravely :-) One of the information theoretical concepts we are dealing with here is that of information density. The whole reason compression works is that in most files, the information density is not "perfect"; that is, there is repeated information in the file. This reflects what we see when we compress a file: the more which is repeated, the better compression is. Graphics compress much better than executeables. Well, one of the reasons encryption works is because I can't tell from the encrypted text what kind of patterns exist. Consider a letter-substitution cipher. If I were to apply one to this message, you could probably decrypt it, because much of the structure is still there: common english words, letter frequencies, etc. This makes letter-substitution a pretty poor cipher. What about DES? Well, this is interesting. Without the key, the information density of an encrypted file looks the same as the density of a compressed file, or of noise. This is why you could claim something was just noise, not encrypted data. It's also why a common "good" PRNG is formed by feeding the numbers through some crypto algorithm, because it makes the numbers appear random. It is because encrypted data appears to have a very high information density that it will not compress much, if at all. Compressing encrypted data, from some standpoints, is tatamount to actually decrypting it. Examples: A is a file with 1000 lines of 79 "A"'s followed by a newline. A.Z is the file, compressed. A.x is the file, encrypted (unix crypt, lame, I know) A.x.Z is the encrypted file, compressed wiht the -f option. -rw-rw-r-- 1 marc 80000 May 21 17:26 A -rw-rw-r-- 1 marc 1466 May 21 17:26 A.Z -rw-rw-r-- 1 marc 80000 May 21 17:47 A.x -rw-rw-r-- 1 marc 106577 May 21 17:47 A.x.Z Note that A.x doesn't compress at all. In fact, it grows! Marc From kent_hastings at qmail2.aero.org Fri May 21 15:33:31 1993 From: kent_hastings at qmail2.aero.org (Kent Hastings) Date: Fri, 21 May 93 15:33:31 PDT Subject: PI Compression Message-ID: <199305212233.AA07890@aerospace.aero.org> PI Compression It may have been discussed here months ago, but my favorite bogus compression scheme is "pi compression". Any number like pi or SQRT(2) can be represented as an infinite sequence of non-repeating bits (there are repetitive patterns, but eventually the sequence breaks out). A finite bit string can be represented simply as the starting location and length in pi. Since all possible finite bit strings are, by definition, contained in the unending cavalcade of bits in pi, all literary works, radio programs, TV, 3D holos, feelies, etc for all sentient species from the remotest past to the distant future, in every possible alternate universe is in little old pi. PI has been in the public domain from antiquity, therefore all parts of pi are public domain, just like every chapter, paragraph, sentence, word and bit are parts of a book. Who would dare argue against these reasonable assertions? Kent - kent_hastings at qmail2.aero.org. From hughes at soda.berkeley.edu Fri May 21 15:59:03 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Fri, 21 May 93 15:59:03 PDT Subject: PI Compression In-Reply-To: <199305212233.AA07890@aerospace.aero.org> Message-ID: <9305212255.AA02687@soda.berkeley.edu> >Since all possible finite bit strings are, by definition, contained >in the unending cavalcade of bits in pi, Definition? I have seen not this asserted even by theorem. Not surprising, since the statement is patently false. There are 2^{\aleph_0} finite bit strings, and only \aleph_0 of those are subsequences of pi. For those of you without a math background, this means "They all just don't fit." Eric From arkuat at joes.garage.com Fri May 21 15:59:10 1993 From: arkuat at joes.garage.com (Eric Watt Forste) Date: Fri, 21 May 93 15:59:10 PDT Subject: cypto + compression In-Reply-To: <9305212100.AA18233@hydra.unm.edu> Message-ID: <199305212303.AA21876@joes.GARAGE.COM> Stanton McCandlish wrote: OK well if you encrypt a compressed file, there are bound to be lots more new redundencies created in the encryption process In fact there are not. You can test this out; use PGP to encrypt any file you please, and then use any compression software you like to compress it. You will get no significant compression. Eric Watt Forste arkuat at joes.garage.com 1800 Market St #243 San Francisco CA 94102 "Expectation foils perception." -- Pamela C. Dean From pmetzger at lehman.com Fri May 21 16:41:07 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Fri, 21 May 93 16:41:07 PDT Subject: PI Compression In-Reply-To: <199305212233.AA07890@aerospace.aero.org> Message-ID: <9305212339.AA18403@snark.shearson.com> "Kent Hastings" says: > PI Compression > It may have been discussed here months ago, but my favorite bogus > compression scheme is "pi compression". Any number like pi or > SQRT(2) can be represented as an infinite sequence of non-repeating > bits (there are repetitive patterns, but eventually the sequence > breaks out). A finite bit string can be represented simply as the > starting location and length in pi. > > Since all possible finite bit strings are, by definition, contained > in the unending cavalcade of bits in pi, all literary works, radio > programs, TV, 3D holos, feelies, etc for all sentient species from > the remotest past to the distant future, in every possible alternate > universe is in little old pi. Bull. You cannot prove that all strings are contained as substrings of PI. The mere fact that a bit string is infinite and non-repeating does not mean that it is wholely random. For instance, I can very readily construct infinite sequences that do not contain arbitrary bit strings. See, as an example, this non-repeating bit string 101001000100001000001.... > Who would dare argue against these reasonable assertions? Me. Perry From ian at bvsd.Co.EDU Fri May 21 17:47:07 1993 From: ian at bvsd.Co.EDU (Ian S. Nelson) Date: Fri, 21 May 93 17:47:07 PDT Subject: cypto + compression In-Reply-To: <199305212303.AA21876@joes.GARAGE.COM> Message-ID: <199305220046.AA02144@bvsd.Co.EDU> > OK well if you encrypt a compressed file, there are bound to be lots more > new redundencies created in the encryption process > In fact there are not. You can test this out; use PGP to encrypt any > file you please, and then use any compression software you like to > compress it. You will get no significant compression. Isn't encrypted data supposed to be random, and thus not compressable? You might be able to creat some redundencies by decrypting it though. -- Ian S. Nelson I speak for only myself. Finger for my PGP key. If you are a beautiful woman, it is mandatory that you reply to this message. From rclark at nyx.cs.du.edu Fri May 21 17:56:12 1993 From: rclark at nyx.cs.du.edu (Robert W. F. Clark) Date: Fri, 21 May 93 17:56:12 PDT Subject: Inside Dope on Mykotronx Message-ID: <9305220056.AA10233@nyx.cs.du.edu> Received from an undisclosed source, for release to all appropriate electronic media, concerning Mykotronx, Inc. The following material was publicly available, but I still am not at liberty to disclose my source: Information: Mykotronx Inc. 357 Van Ness Way (1 blk so. of Del Amo) Suite 200 Torrance CA 90501 (310) 533-8100 fax (310) 533-0527 STU III (310) 533-0738 Founded 1979 Resale # SR-AB 12-711252 Dunn & Bradstreet # 00-611-5281 Banking: Shearson Lehman Brothers Attn: Steve Scerra Acct # 509 24261 12011 21250 Hawthorne Bl Torrance, CA 90509 (310) 540-9511 Employee Names: Bob Gottfried, CEO Leonard J. Baker, President Ralph O' Connell, aka "The Father of COMSEC", NSA Lobbyist Mike Furusawa, Space COMSEC Manager Patti Linahan, Executive Secretary Kikuo Ogawa, Buyer R. Todd, W. Greenfield, KG-44B (Outrunner) Project John C. Droge, Personnel Bob Todd, Manufacturing Manager Landy Riley, Engineering Federal Express Acct # 1122-7492-8 NSA Contact Home Address: Ralph O' Connell 1401 Woodbridge Road Baltimore, MD 21228 (301) 747-6276 Principle NSA Technical Contact: National Security Agency Maryland Procurement Office Attn: N244 (CEB) (MDA904-92-G-0354/J.O. 5001) 9800 Savage Road Fort George G. Meade, MD 20755-6000 (301) 688-8086 NSA Accounting Contact: National Security Agency Maryland Procurement Office Finance and Accounting Office 9800 Savage Road Fort George G. Meade, MD 20755-6000 (301) 859-6715 KG-46 Tactical Decryptor Unit and KG-48B Outrunner Provisioning Conference participants: Robert Todd, Mykotronx Bill Greenfield, Mykotronx G. Burgio, NSA J. Gochnour, NSA J. Wimpy, Air Force Computer Systems Command S. Solis, Air Force Computer Systems Command To Be Discussed at meeting May 18 & 19, 1993 Outrunner Project Milestone Payments: 1. Preliminary Studies $268,074 2/14/92 2. Place Subcontract w/ VLSI $47,917 2/22/92 3. Complete PDR KG-44B $61,431 4/13/92 4. Complete PDR VLSI $71,090 5/19/92 5. Complete SFA Review VLSI $78,470 7/12/92 6. Complete CDR VLSI $106,638 7/17/92 7. Complete first KG-44B $166,641 8/12/92 8. Complete CDR $132,454 6/18/92 9. Complete tests 1st KG-48B $151,957 12/16/92 10. Complete fab VLSI $203,941 11/17/92 11a.Deliver 2 KG-44B to NSA $81,080 9/8/92 11b.Deliver 2 KG-44B to NSA $81,081 10/7/92 12. Complete Cryto Verif VLSI $152,223 12/16/92 13. Deliver 4 KG-44B to NSA $171,571 3/2/93 14a.Deliver 2 KG-44B to NSA $30,432 3/30/93 14b.Deliver 2 KG-44B to NSA $30,432 4/20/93 15. Deliver 4 KG-44B to NSA $60,864 4/24/93 16a.Deliver 1 KG-44B to NSA $15,216 4/28/93 16b.Deliver 3 KG-44B to NSA $45,648 5/12/93 17. Deliver 4 KG-44B to NSA $42,840 5/13/93 Total: $2,000,000 KG-44 VLSI Procurement: United Technologies Microelectronics Center 1575 Garden of the Gods Road Colorodo Springs, CO 80907 (719) 594-8000 fax (719) 594-8032 PO#5703-44ACN1 Feb 19, 1992 Invoice Date Feb 5, 1993 "Customer to pick up parts. Secret item handling. Secret Design KG-44LSI. Mykotronx P/N M20/00301XXX" Government contract # MDA904-92-C-A027 Group C Testing: $4,400 5 Parts @ $675ea $3,375 Job #BE-7281 Group C Samples PIC Number: HP67AG84WTDLC "Note: Group B samples also included with this shipment (ref Packlist #10128" "The export of this product is controlled by the US Government. The export of this product or the disclosure of related technical data to foreign nationals without the appropriate export license is prohibited by law." Test Plan for MYK-80: Statement of Work for Exatron Inc. 5/13/93 Develop test interface board for MYK-80 (176 pin TQFP) and I.M.S. tester. Interface to utilize "particle interconnect" system. Data on MYK-80 I.O. and IMS tester to be supplied by Mykotronx. Interface board to be installed in a work station which utilizes Exatron "PET" handler, tooled for the MYK-80; a vacuum pick-up device (manual, pencil type); work surfaces for JEDEC tray storage and operator support. The IMS tester will mount directly under the "PET" handler. Two "PET" handlers are to be quoted with two sets of specific nesting tools for the MYK-80. Installation in place at Mykotronx and initial operator and maintenance training to be included. Design review of the interface board layout, prior to release of the board to fabrication is to be held at Mykotronx. Manuals and Training Manuals subcontracted to: ELITE Technical Corporation Warren A. Griswold, President 1903 B Marshallfield Lane Redondo Beach, CA 90278 (310) 372-5616 CAPSTONE Financial Commitments by Mykotronx Basic VII Cap VLSI 10 $212,000 Sun 1 Yr maint hw&sw $2,700 Compass $159,400 IKOS Systems & sw $57,500 ELITE Technical Corp $8,000 IMS/Sun $119,000 Versatec Plotter $36,500 SJ (1) $71,200 SJ (2) $76,200 Exatron Test System $78,000 ROM Cell $60,000 AT&T $100,000 Surf Mgt (real estate) $13,900 Universal Shielding (Tempest) $20,600 Plotter maint $5,000 Litronics $225,000 Spyrus (1) $45,600 Spyrus (2) $44,800 Compass (2) $110,000 VLSI Tech $30,000 VLSI Tech (2) $163,000 VLSI Tech CAPSTONE TQFP $10,000 New Media NRE Design $18,700 South Coast Designers $14,600 South Coast $6,000 VLSI Tech Exponeniator Tamper Sys $163,000 Conres logic analyzer $3,200 VLSI Myk-78 tester $33,800 Here are exerpts of the general ledger of Mykotronx, the Torrance Based Big-Brother outfit that is going to make the Clinton Clipper wiretap chip: Period: 01/01/93 to 04/30/93 (first 4 months of 1993) Acct Descr Beg Bal Debits Credits ==1000 series== Shearson Lehman 286,511 2,620,096 2,670,822 Paine Webber 95,602 868 0 Dean Whitter 55,391 484 0 Petty Cash 3,000 0 0 Union bank payroll act 13,408 900,000 816,443 Accts rcvbl -customer 1,185,829 1,981,356 2,562,064 Accts rcvbl - eployees 7,125 48,450 55,575 Franchise tx rcvbl 2,165 0 0 Unbilled costs&fees 567,792 533,347 0 Raw inventory 172,252 0 76,064 Prepaid taxes 1,116 0 0 Prepaid sales tax 688 0 688 Equp/mach/furn 383,038 20,695 0 Accum depreciation 234,425 0 23,000 Deposits 9,272 0 0 ==2000 series== Accts Payable 482,895CR 1,869,477 1,684,555 Sales tax payable 147CR 176 0 Sales tax paid 0 0 0 FIT withheld 0 10,854 135,741 FICA withheld 0 0 56,622 CA state IT withh 0 0 36,163 CA state disability 0 0 8,730 SUI pybl employer 0 0 5,788 FUTA payable 0 0 2,007 FICA employer 0 0 56,621 Pd Payroll txs withh 0 290,820 0 401K withheld 0 0 42,712 Accrued payroll 25,637CR 343,682 318,045 Dental withheld 0 0 674 Dental plan pd 0 674 0 Withh 401K pd 0 42,712 0 Accrued bonuses 214,040 341,240 127,200 [Those are some nice bonuses, aren't they?] Accrued Vacation 44,252 0 0 Excess billings 139,216 154,706 55,036 Gross payroll 0 751,859 0 Gross payroll distrd 0 2,552 754,412 Lease obligations 4,911CR 0 0 ==3000 series== Common Stock 169,320 0 61,435 Capital disbursement 916,675 222,230 0 Retd Earnings, begng 2,385,020CR 0 0 ==4000 series== Sales, returns&allowc 0 6,014 2,577,323 Interest income 0 0 1,353 Int income tax free 0 0 2,490 ==5000 series== Consultants 0 47,395 47,395 Subcontracts 0 932,210 110,419 Other direct costs 0 62,265 5,454 Printing/repro costs 0 542 0 Equipment rental/leasg 0 1,537 1,537 Maint, repairs 0 1,761 0 Delivery 0 3,217 0 Postage 0 960 0 Materials/parts 0 186,252 22,423 Telephone 0 93 0 Travel 0 10,437 0 Inv Cost of Mfg Prod 0 76,064 0 Direct labor-Engnrg 0 240,341 54,172 Direct labor-Technician 0 129,839 37,459 Direct labor-Adminst 0 47,542 10,081 ==6000 series== Indirect labor 0 60,319 0 Holidays 0 32,867 27,331 Sick leave 0 3,276 0 Vacation 0 38,096 25,976 Retroactive pay 0 4,400 0 Job advertisments 0 655 0 Grp Med Ins non sharhl 0 25,522 1,818 Mykotronx pd payrl txs 0 64,417 0 Workers comp 0 9,554 1,418 Interest pd 0 0 0 Consultants 0 2,013 0 ADP Acctg 0 1,493 0 Real World Acct Suppt 0 1,485 0 Bank charges 0 155 0 Blueprints/repro 0 390 0 Proposals 0 2,817 0 Copier expense 0 514 0 Depreciation - elec eq 0 23,000 0 Dues & memberships 0 749 0 Education & Training 0 2,850 0 Employee relations 0 4,531 0 Business expense 0 7,431 0 Equip rental/lsng 0 4,458 0 Computer software 0 2,114 0 Insurance 0 9,061 1,380 Janitorial 0 20 0 Licenses & Permits 0 175 0 Maint, repairs 0 2,096 0 Delivery 0 995 13 Postage 0 942 0 Amort organiz expense 0 0 0 Taxes - franchise 0 2,763 0 Real & Pers prop tax 0 0 0 Rent 0 54,080 0 Subscriptions/books 0 325 0 Office/lab supplies 0 14,183 446 Telephone 0 7,961 36 Travel 0 10,296 1,303 Utilities 0 5,833 0 LTD Ins, non sharehld 0 2,877 594 401K Mykotronx contrib 0 17,411 0 ==7000 series== Special Bonus 0 132,200 123,200 [Special bonus? $132,000.00; I wonder which Federal Agency this money went to.] G&A Labor 0 103,4520 0 Legal Services 0 5,895 0 Board of Dir Expnse 0 1,078 0 Financial Svc 0 7,505 0 Totals 0 12,555,101 12,555,101 Other little items: Locks at Mykotronx installed and maintained by Torrance Lock and Key, 2421 Torrance Bl. Torrance, CA 90501 (310) 320-8840 For some reason, Mykotronx is over 90 days late paying a lousy $50 invoice. Mykotronx has a Mossler safe. It cost $1,693 when they bought it 11/27/90. They have never changed the combination. Outstanding VLSI purchase orders: VLSI Tech (Capstone) $212,000 AT&T (Myk-78) $71,200 Motorola (Myk-77) $76,200 AT&T (Misc) $100,000 Compass (Software) $159,400 VLSI Tech (Myk-78) $66,200 Litronics (PCMCIA Crypto) $225,000 VLSI Tech (Expoteniator) $163,000 VLSI Tech (Capstone TFQP) $10,000 VLSI Tech (Myk-78 fix) $68,500 VLSI Tech (Myk-78A proto) $11,000 VLSI Tech (Myk-78A prod.) $220,000 VLSI Tech (Myk-80 #1) $48,000 VLSI Tech (Myk-80 #2) $33,750 VLSI Tech (Myk-82) $80,000 VLSI Tech (Myk-79) $79,500 Their LAN was installed by Strategies, Inc for about $14,000. More information is forthcoming. Please forward to all appropriate electronic media, and reproduce as desired. Will someone post this to alt.privacy.clipper and sci.crypt, or is this a bad idea? ---- Robert W. Clark rclark at nyx.cs.du.edu PGP signature available by mail or finger From hughes at soda.berkeley.edu Fri May 21 18:00:57 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Fri, 21 May 93 18:00:57 PDT Subject: Oops. Message-ID: <9305220057.AA09270@soda.berkeley.edu> There are not 2^{\aleph_0} finite sequences, there are \aleph_0. Excuse me. My brain was out to lunch. Eric From pigeon at idr.org Fri May 21 18:18:40 1993 From: pigeon at idr.org (Larissa Carlson) Date: Fri, 21 May 93 18:18:40 PDT Subject: Consider "Working Assets" phone service instead of AT&T In-Reply-To: <9305211418.AA10692@berry.cs.brandeis.edu> Message-ID: <9305220118.AA17621@wombat.gnu.ai.mit.edu> I used to sell Working Assets. In answer to the question about reselling of the lines, it works like this: 1. All the phone companies lease some lines from other companies in order to access all regions in order to provide equal access and competitivesness. This opened the door for small start up companies to lease lines instead of setting up whole new systems. There are quite afew companies who do this. Working Assets leases from Sprint. They, unlike AT&T don't provide all the communication system contracts for the govt. and military. 2. In response to the person who said that WA's plan of calling on specific issues wreaks of the same type of Big Brotherism as the others: Everyone has a choice as to what they say to the people targetted. Plus the phone call IS free. Third if the privacy opponents and right wingers and conservatives are wielding havoc on our system why shouldn't we have access to the same methods to affect govt. policy as they do. WA has actually published # that while public are not listed in any directories. This is a useful tool. Lets not waste the resources we have. From strong+ at cmu.edu Fri May 21 18:20:18 1993 From: strong+ at cmu.edu (Thomas W. Strong, Jr.) Date: Fri, 21 May 93 18:20:18 PDT Subject: cypto + compression In-Reply-To: <9305212138.AA12666@banff.procase.com> Message-ID: peb at PROCASE.COM writes: > Compressing before encryption is vital--it makes brute force and plaintext > attacks much more difficult. Be careful doing that. It's fine if you are using a compression algorithm that is designed for use with encryption, but if you're just using compress and you make that known, then an opponent just has to look for the magic numbers and headers that compress puts in the front of every file. Instead of believing that strings like "the" will appear somewhere, the opponent now knows exactly what the encrypted document starts with. ----------------------------------------------------------------- Tom Strong N3NBB ts49+ at andrew.cmu.edu From zimm at alumni.cco.caltech.edu Fri May 21 18:26:06 1993 From: zimm at alumni.cco.caltech.edu (Mark Edward Zimmerman) Date: Fri, 21 May 93 18:26:06 PDT Subject: Godelization, sf, etc. (was: Re: cypto + compression) Message-ID: <9305220125.AA26590@alumni.cco.caltech.edu> the sf story that you're alluding to is, I believe, Fred Pohl's "Gold at the Starbow's End" --- a cover story in ANALOG magazine ca. 1968 --- which I remember fondly precisely because of the idea used which you mention, namely, encoding a big message compactly as the sum of various powers of small numbers ... though the author got it pretty badly wrong, as I pointed out in a letter published some months later in the same magazine --- the sum of powers that he gave in the story was *much* too small to hold a significant amount of information, and (worse) he thought that one couldn't get any of the answer without writing the entire number --- obviously wrong, as a little modular arithmetic can get out the powers quite easily.... but it's a nice idea and the story was quite good otherwise.... :-) ^z From clark at metal.psu.edu Fri May 21 18:50:27 1993 From: clark at metal.psu.edu (Clark Reynard) Date: Fri, 21 May 93 18:50:27 PDT Subject: Whoops; and a question on information theory and encryption Message-ID: <9305220230.AA00987@metal.psu.edu> Just noticed that my last note had been posted already; sorry. In addition, I'm wondering whether a plaintext/cyphertext pair is considered to have a one-to-one isomorphism; in particular, in the case where you have a plaintext/cyphertext pair but no knowledge of the method of encryption, is there a one-to-one isomorphism? In the case of a one-time pad, is there isomorphism, and if so, of what sort? Thank you. ---- Robert W. Clark Just Say No! to the rclark at nyx.cs.du.edu Big Brother Chip From mbriceno at aol.com Fri May 21 23:54:04 1993 From: mbriceno at aol.com (mbriceno at aol.com) Date: Fri, 21 May 93 23:54:04 PDT Subject: Forwarded messages from RISKS Message-ID: <9305220255.tn18218@aol.com> > We cannot trust the authoritarians' assertions that they have no > intention of outlawing cryptographic technologies potentially more > secure than the Clipper chip. Some mightsay that outlawing all unsupervised communication and activities by its citizens is-and always will be-a goal of all governments. Protection from authoritarian eyes is one of the main causes for the ever increasing use of crypto. Government issued crypto can never satisfy the peoples desire to find a means that guarantees secure communications. If the government wants its Clipper scheme to succeed, the government will have to dramatically limit the availability of good crypto. One of the more obious methods to accomplish this is to outlaw non-government approved crypto. -- Marc From mbriceno at aol.com Fri May 21 23:54:04 1993 From: mbriceno at aol.com (mbriceno at aol.com) Date: Fri, 21 May 93 23:54:04 PDT Subject: The New Mykotronix phones... Message-ID: <9305220255.tn18219@aol.com> > This is a good, creative response to fascist technology, but I wonder > if I'm the only one on this list who's noticed a parallel between the > government's attitude toward small arms & its attitude approach to > cryptography? I am glad that someone is finally mentioning this. The parallels are quite clear. Both small arms and crypto can give the people protection from criminals, while at the same time decreasing the citizens need for government. If everybody would be armend, we would no longer look at the government as the sole provider of protectios from violent crimes, rape, or muggings. If everyone used crypto, we would no longer have to rely on ineffecive laws that prohibit the reading of someone elses mail or listening to someone elses phone conversations. The laws against both eavesdropping and violent crimes do not seem to deter the perpetrators. Consequently, the helpless citizen demands a steped up surveilance of potential "criminals," while offering less privacy in return. Similarily, an individual facing armed criminals on the street often asks for stronger gun contoll. The government is all too willing to grant this wish, since it knows that the unarmed citizen believes that he is unable to exist without the protection (read: controll) of the government. -- Marc From mdiehl at triton.unm.edu Sat May 22 00:49:32 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sat, 22 May 93 00:49:32 PDT Subject: pgp menu Message-ID: <9305220749.AA16667@triton.unm.edu> I have included, below, a copy of my pgp menu system. It is a 4dos batch file. With this program, you can encrypt, sign and decrypt a message, and generate, delete, extract keys, wipe files. I've been trying to iron out some of the bugs for about a month now. (BTW where did all my alpha testers go?) I think it's pretty stable now, so I'm posting it. To be able to use the program, you MUST BE USING 4DOS as your command interpreter on your PC. But, I've found that this little requirement is well worth the utility that (I hope) my program From mdiehl at triton.unm.edu Sat May 22 01:03:06 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sat, 22 May 93 01:03:06 PDT Subject: Lets see that again... Message-ID: <9305220802.AA17065@triton.unm.edu> Well, what can I say about that last message. That is a rather bothersome but in my automatic mail system that I've not been able to track down. In fact, I can't even duplicate it. For the record, my system send 2 other messages before this one, and they were fine. Oh well. Anyway, here is the full message. I have included, below, a copy of my pgp menu system. It is a 4dos batch file. With this program, you can encrypt, sign and decrypt a message, and generate, delete, extract keys, wipe files. I've been trying to iron out some of the bugs for about a month now. (BTW where did all my alpha testers go?) I think it's pretty stable now, so I'm posting it. To be able to use the program, you MUST BE USING 4DOS as your command interpreter on your PC. But, I've found that this little requirement is well worth the utility that (I hope) my program provides. 4dos is a command.com replacement that features disk swapping, aliases, file- name completion, and an extended batch language. You can get it via anon ftp at wuarchive.wustl.edu in the /mirrors/msdos/4dos directory. It's very much worth the effort to investigate. For those of you who do make this effort, I hope you enjoy using my menu syste. I hope to hear from you soon. Thanx. Well, here it is: rem @echo off setlocal break on :main cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black MAIN MENU scrput 5 32 red on black Encrypt a file. scrput 7 32 red on black Decrypt a file. scrput 09 32 red on black siGn a file. scrput 11 32 red on black Wipe file. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to encrypt a file, you would press the E key. inkey /K"EeDdGgWwNnQq" %%in goto menu1-%in :menu1-q screen 17 26 pause cls endlocal quit :menu1-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black encrypted. Then you will be asked for the names of scrput 20 5 white on black the people who should be able to read the file. scrput 21 5 white on black Enter them all on the line separated by a space. scrput 7 5 red on black Enter the name of the file to encrypt. screen 7 52 input %%file if exist %file goto menu1-e-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto menu1-e :menu1-e-good drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name(s) of the recipients. screen 11 52 input %%in cls rem I never claimed that this would be elegent.... drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black scrput 18 5 white on black Here you are asked if you want to mark this message "For Your Eyes Only," scrput 19 5 white on black and if you want to sign the message. If you reply 'y' to the first scrput 20 5 white on black question, the recipient will only be ablt to display the message. He scrput 21 5 white on black won't be to save it. If you reply 'y' to the second question, the scrput 22 5 white on black recipient will know for certain that the message is from you. drawbox 6 3 8 74 2 red on black scrput 7 5 red on black Would you like to mark this "For Your Eyes Only?" inkey /K"ynN" %%f drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Would you like to sign this message? inkey /K"ynN" %%s if "%f" == "y" goto f if "%s" == "y" goto s cls pgp -e %file %in goto encrypted :f if "%s" == "y" goto sf cls pgp -me %file %in goto encrypted :sf cls pgp -mes %file %in goto encrypted :s cls pgp -es %file %in :encrypted echo %@name[%file].asc is the name of the encrypted file. pause goto main :menu1-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black read. Then you will be asked if you want to save the scrput 20 5 white on black plaintext file. If you do, you will be asked for a scrput 21 5 white on black new filename. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu1-d-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-d-good cls pgp -m %file goto main :menu1-g cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black signed. If you sign a message, it can be proved that scrput 20 5 white on black it came from you. There is no "Plausible Deniability." scrput 7 5 red on black Enter the name of the file to signed. screen 7 52 input %%file if exist %file goto menu1-g-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-g-good cls pgp -s %file echo %@name[%file].asc is the name of the signed file. pause goto main :menu1-w cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black wiped. Remember, after a file is wiped... scrput 20 5 blink white on black There is no way to retrieve the file! scrput 7 5 red on black Enter the name of the file to wiped. screen 7 52 input %%file if exist %file goto menu1-w-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-w-good cls pgp -w %file goto main :menu1-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black SECOND MENU scrput 5 32 red on black Add a key. scrput 7 32 red on black Extract a key. scrput 09 32 red on black View a key. scrput 11 32 red on black Fingerprint. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to add a key to your ring, you would press the A key. inkey /K"AaEeVvFfNnQq" %%in goto menu2-%in :menu2-q goto menu1-q :menu2-a cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file that scrput 19 5 white on black contains the keys to be added to your public key ring. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu2-a-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu2-a-good cls pgp -ka %file pause goto main :menu2-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the key ID to be extracted. scrput 19 5 white on black Then you will be asked for the names of the file to scrput 20 5 white on black put the key in. scrput 7 5 red on black Enter the key ID to extract. screen 7 52 input %%in drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name of the file that is to hold the key. screen 11 59 input %%file if not exist %file goto menu2-e-good scrput 10 10 red on black That file already exists in the current directory! screen 16 10 pause goto main :menu2-e-good cls pgp -kx %in %file echo %@name[%file].asc contains the key for %in. pause goto main :menu2-v cls pgp -kv pause goto main :menu2-f cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the person who's key fingerprint you scrput 19 5 white on black want to examine. scrput 7 5 red on black Enter the name of the person. screen 7 52 input %%in cls pgp -kvc %in echo Remember to write this information down! pause goto main :menu2-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black THIRD MENU scrput 5 32 red on black Generate a key. scrput 7 32 red on black Remove a key. scrput 09 32 red on black Disable a key. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to generate a new key, you would press the G key. inkey /K"GgRrDdNnQq" %%in goto menu3-%in :menu3-g cls pgp -kg pause goto main :menu3-r cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black removed. scrput 7 5 red on black Enter the name of the key to remove. screen 7 52 input %%in cls pgp -kr %in pause goto main :menu3-q goto menu1-q :menu3-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black either disabled or re-enabled. scrput 7 5 red on black Enter the name of the key. screen 7 52 input %%in cls pgp -kd %in pause goto main :menu3-n goto main From gg at well.sf.ca.us Sat May 22 02:35:30 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Sat, 22 May 93 02:35:30 PDT Subject: Consider "Working Assets" phone service instead of AT&T Message-ID: <199305220934.AA21970@well.sf.ca.us> Yes, Working Assets buys SPRINT in bulk and re-sells it. The thing is though, they're getting it wholesale and selling it to the public at regular prices, so this slices a chunk of Sprint's profits and gives it to WA. Certainly better than giving the whole chunk to Sprint. See the thing is, someone has to run all that fiber all over the continent, and tie into something else which runs out to the rest of the world. In the 70s all of this was being developed, but by now it's pretty much in place and there probably is no economic basis to develop any new routes. So you end up with telephone pyramid scenes where each company is selling someone else's trunks. Now I want to get into local competition, and there is probably room for WA to expand that way. I may go as far as talking to them about setting up some exchanges as a joint venture. Could be interesting. -gg From hughes at soda.berkeley.edu Sat May 22 09:29:25 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sat, 22 May 93 09:29:25 PDT Subject: WB: alt.whistleblower Message-ID: <9305221625.AA28081@soda.berkeley.edu> This is an open letter to L. Detweiler. You've been hot to trot, eager to go, and ready for action. What you have interpreted as silence from others has in some case been work. As you may recall, we were getting ready to go online two months ago, with Julf's machine as the server. Right after that, the penet controversy started and things were put on the back burner for a time. Let me review some of the arguments about the mechanisms of the alt.whistleblower newsgroup: 1. We want all postings to be anonymous. 2. That every posting be anonymous requires software intervention. 3. The software has to sit on some machine or machines, because it cannot easily be put into every posting client. 4. Someone will own these machines. 5. Whoever owns them must agree with the political goals of the service and be willing to take some heat for it. 6. This excludes most machines. 7. Whatever mechanism the servers use to connect with the net must also be reasonably proof against pressure. 8. The link between the newsgroup posting and the anonymity server was to be the group moderator's address, which in this case maps to a piece of software ratherthan a person. 9. A further desideratum is that multiple machines be able to perform the service, given the constraints of the deployed base of news software, which require (to my knowledge) a single address. 10. In order to have multiple machines be able to map to a single address, you need to involve DNS, Domain Name Service. 11. In order to use DNS, you need a primary server and some secondaries and someone with access to the primary DNS server to do maintenance. Now, I'll tell you what I've been doing. I've put a machine on the Internet in the last two months. Never having been a Unix system-level weenie before, I can say that I've learned a lot the details of batty software. This machine, because of the details of its connectivity, is not suitable as a worldwide server, but it would be suitable as a server for alt.whistleblower.ba, a Bay Area distribution version of the same. I've also gotten up to speed on DNS, and in fact, am running name service on said machine. (For all of you who want to know what this machine is, I'm not telling. There are still too many half configured things, like sendmail. I hate sendmail.) I would recommend that if you are interested in newsgroup creation that you read RFC 1036, which is the format for Usenet news messages. (RFC's are available from nic.ddn.mil via anon-ftp.) That plus knowing that anybody can create an alt group, and you'll be set. I hope you have your server system set up correctly before you proceed. The internet world has been without a whistleblower's newsgroup for many years; a delay of a few months will not matter much. Eric From 72114.1712 at CompuServe.COM Sat May 22 10:42:43 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sat, 22 May 93 10:42:43 PDT Subject: PHONECARDS Message-ID: <930522173652_72114.1712_FHF73-2@CompuServe.COM> _________________________________________________________________ SANDY SANDFORT ssandfort at attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Eric wrote about phonecards: ". . . I *can't* get an account with them because I don't have a phone line to tie it to. There is a phone where I stay, but it's not mine. So, I'm stuck with US Splint." Au contraire, several companies offer anonymous phonecards. See my upcoming "Norman French" article in MONDO 2000, issue #10. S a n d y (arbitration volunteer) >>>>>>>> Please address e-mail to: ssandfort at attmail.com <<<<<<<< _________________________________________________________________ From julf at penet.FI Sat May 22 10:59:56 1993 From: julf at penet.FI (Johan Helsingius) Date: Sat, 22 May 93 10:59:56 PDT Subject: WB: alt.whistleblower In-Reply-To: <9305221625.AA28081@soda.berkeley.edu> Message-ID: <9305222044.aa04112@penet.penet.FI> > 1. We want all postings to be anonymous. > 2. That every posting be anonymous requires software intervention. > 3. The software has to sit on some machine or machines, because it > cannot easily be put into every posting client. > 4. Someone will own these machines. > 5. Whoever owns them must agree with the political goals of the service > and be willing to take some heat for it. > 6. This excludes most machines. > 7. Whatever mechanism the servers use to connect with the net must > also be reasonably proof against pressure. > 8. The link between the newsgroup posting and the anonymity server > was to be the group moderator's address, which in this case maps > to a piece of software ratherthan a person. Well, Telecom Finland has now informed me that the final final final final delivery date for my international connection is May 26... Let's keep our fingers (and toes) crossed... Julf From uni at acs.bu.edu Sat May 22 11:03:22 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Sat, 22 May 93 11:03:22 PDT Subject: a valuable spy... Message-ID: <9305221802.AA17648@acs2.bu.edu> Ego + Espionage = Death From zippy at berry.cs.brandeis.edu Sat May 22 11:56:36 1993 From: zippy at berry.cs.brandeis.edu (Patrick Tufts) Date: Sat, 22 May 93 11:56:36 PDT Subject: a valuable spy... Message-ID: <9305221858.AA17048@berry.cs.brandeis.edu> >From the cypherpunks mailing list, I got the following short message: From: uni at acs.bu.edu (Shaen Bernhardt) Date: Sat, 22 May 93 14:02:51 -0400 Ego + Espionage = Death Taking other well-known identities: Silence = Death Energy = Mass x Speed-o-Light^2 and the assumption that the energy of one's ego cannot exceed one's maximum potential energy (which has great explanatory powers re. the Limbaugh Effect). I get: Silence = Ego + Espionage <= MC^2 + Espionage solving for Espionage, Espionage >= Silence - MC^2 which raises some interesting points: 1. Espionage can be measured in existing SI units, thus 2. Espionage is a creation of the French Item 2 is supported by the following etymology espionage (es pi o nage; es p n azh , - nij, es p n azh ) n. 1 n. the practice of spying on others. 2 n. the systematic use of spies by a government to discover the military and political secrets of other nations. Etymology: F espionnage, MF espionage, equiv. to espionn(^B er)(to) spy(deriv. of espion spy It spione Gmc; akin to G sp ahen to look out) - age - AGE Further anecdotal support - the French use an unbreakable code in most of their communications. A clear affront in the face of the government's Clipper Chip proposal that all encrypted messages must be based on a key escrow system. Of course, the French could go far to mollifying U.S. intelligence interests by supplying either their Platinum-Irridium Espionage standard, or adopting a U.S. approved cipher system. For the latter, I think the US would be happy to approve "rot13" for export. --Pat "McElwaine, without the caps" From ld231782 at longs.lance.colostate.edu Sat May 22 21:59:58 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Sat, 22 May 93 21:59:58 PDT Subject: fwee! are we having fun yet? In-Reply-To: <9305221625.AA28081@soda.berkeley.edu> Message-ID: <9305230459.AA25350@longs.lance.colostate.edu> This is an open letter to E. Hughes. Let me review my arguments for starting the group immediately. 1. Anonymous postings are highly controversial and will remain so for a long time. Complete respectability is probably unattainable. We should start the group and let users judge for themselves the safety of posting their material. 2. No new software is required under this scheme. 3. No new machines are required. 4. No sponsors for machines need to be sought out. In fact, under this scheme we tap into an existing vast network supplying both software and machines called `Usenet'. I think there're some RFC's on it somewhere. 5. No one other than the poster takes heat. The poster should not post if they are concerned about the risk. 6. This scheme doesn't exclude posting currently, whereas absence of anonymous servers does. 7. People already have a method of connecting to the net and posting. Reinventing the wheel is great but it will take a painful amount of time. It's been tens of thousands of years since the wheel was invented, why start from the beginning? 8. We should be extremely careful about people relying on the moderator address to forward mail. My understanding is that not all posting systems automatically do so. It seems this could easily break or be unreliable (egad!). The user should explicitly assure himself anonymity by sending to the anonymous server, not relying on this implicit approach. 9. Multiple machines for anonymity take longer to set up. We haven't even got one for Usenet posting right now (?). 10. DNS (Domain Name Service) is a great idea when n>1 machines are available. Currently n=0. 11. DNS complicates the picture, more room for error, and takes more time to pull off correctly. Does anybody have a clear idea that it would work, and if so how to implement it? Under your daunting list of prerequisites and requirements, I think we will be lucky to get something running before the next century. They are all *fine* and *genuine* as possibilities and opportunities, but they are *unnecessary* and *unbearable* as prerequisites and requirements. >The internet world has been without a whistleblower's newsgroup for >many years; a delay of a few months will not matter much. The internet sees new groups all the time, and alt groups get created at the slightest provocation and whim, and it would be ridiculous to delay the introduction of something this critical and useful, when far less useful and far more frivolous groups litter the cyberspace like bales of discarded data packets, ankle-deep. Look, apparently you haven't got any heat on the Mycotronx postings, but wouldn't you feel a hell of a lot more comfortable if they *weren't* funneled through your single machine? Ask Steve Jackson what paranoid and degenerate agents can accomplish when they have an easily-identified, portable target and some vague suspicions! The 911 document has all the criminality of a wedding announcement compared to the Mycotronx stuff! Don't these postings demonstrate there is an *immediate* need? Here's the deal. Despite how it may appear, I am not (consciously!) demeaning or downplaying anyone's efforts in this group and idea. I think it is great that a lot of people have a lot of ideas and are looking at the big picture and long run, making commitments. I am too! But I think we absolutely *must* start immediately. We are not going to get anywhere if someone says ``oh, *I'm* the one that's working on that---don't worry about it, just you wait, something real neat-o is going to come along any day now, wink wink.'' Haven't we been through all this before? I have nothing to do nor do a lot of others until *something* is in place! I think major improvements in software only come in the heat of use, not in the languid comfort of theory and planning. We can be exploring the weakness and the uses of the system *immediately*. We don't have to have controversial postings to the group, starting out. Currently, though, I just think there is just no momentum without a group. Which comes first, the anonymous servers or the group? Obviously, the *group*! Here's my idea. For *now*, lets just use alt.whistleblower as a *clearinghouse* of material that was *already posted* elsewhere on the net. That is, nobody takes any personal risk. They just keep their eyes out for stuff that appears in other places that fits into the `whistleblowing' category and forwards it to that group. If there is any heat they just point to the original posting and say `I did nothing but forward it, don't talk to me about it.' (By the way, the Mycotronx posting is awesome whistleblower stuff, the kind that legends are made of, but I think it still might be a bit risky to post that to a Usenet group yet, even an `alt', even anonymously). Also, we can just forward interesting stuff from newspapers and magazines. No risk there. If anybody thinks they have a solid way to remain anonymous (we're talking about cypherpunks here, I'm sure they'll find a way) they can post *now* using old-fashioned methods. I really like the idea of a big unveiling of some great new shining, sparkling, shrink-wrapped Personal All-Purpose Guaranteed Anonymous Home Whistleblower Kit (tm) by Cypherpunks, Inc. accompanied by a blaring and pretentious Official Whistleblower Press Release. But (leaving aside the sheer hilarious implausibility of that *ever* happening) that would give all our evil enemies a lot of ammunition to claim that we're `violating the status quo'. There're some things that should be loudly unveiled to the witless masses, and some things that should just be silently uncovered by sharp individuals! This is in the latter category! What more can I say? Isn't the immediate need transparently clear? Does *anyone* read what I write? Am I nothing but a babbling, deranged lunatic? Just *watch* how fast I get a FAQ there, if it *ever* starts... There are now several hundred quasi-official cypherpunks, and I think a lot of them are agitated and itching for something to do! Not to mention the vast hordes out on Usenet who will be attracted to something extraordinary. Let's get the group going and turn everybody loose to have some fun! This is something that *everyone* can contribute to directly *now*, once the group is started! Let it be a funnel for our ingenuity! But we have nothing but a bunch of impatient, dissipated, wasted energy otherwise. What a shameful tragedy. I can't be a part of it. Someday, everything we're rattling about will be refined to the point of excruciating blandness and `dulldom', and we will be telling our grandkids about the heavy burdens we had to suffer to get there (back in the ol' days we had to get anonymity *by hand!* and even then people hated it and called 'em `forgeries'!). At our current impoverished rate, though, our grandkids will consider us nothing but mad eccentrics overflowing with bizarre and impractical ideas that never saw the light of day, with a few strange insights tragically ahead of time, sluggishly mired in the bogs of politics and personalities. Cypherpunks? No, more like the hapless Babbage Ciphers, stuck endlessly in the minors. ``Yeah, just wait 'til next year, we'll really show 'em then.'' From mdiehl at triton.unm.edu Sat May 22 22:44:36 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sat, 22 May 93 22:44:36 PDT Subject: fwee! are we having fun yet? In-Reply-To: <9305230459.AA25350@longs.lance.colostate.edu> Message-ID: <9305230544.AA06451@triton.unm.edu> > This is an open letter to E. Hughes. > > Let me review my arguments for starting the group immediately. > > 5. No one other than the poster takes heat. The poster should not post > if they are concerned about the risk. I'm curious as to what good this will be then. > Look, apparently you haven't got any heat on the Mycotronx postings, > but wouldn't you feel a hell of a lot more comfortable if they > *weren't* funneled through your single machine? Ask Steve Jackson what > paranoid and degenerate agents can accomplish when they have an > easily-identified, portable target and some vague suspicions! The 911 > document has all the criminality of a wedding announcement compared to > the Mycotronx stuff! Don't these postings demonstrate there is an *immediate* need? The distributed nature of a usenet group would be nice.... > have controversial postings to the group, starting out. Currently, > though, I just think there is just no momentum without a group. Which > comes first, the anonymous servers or the group? Obviously, the *group*! Without controversial postings, no one will read the group. What is the point, then? > Here's my idea. For *now*, lets just use alt.whistleblower as a > *clearinghouse* of material that was *already posted* elsewhere on the > net. That is, nobody takes any personal risk. They just keep their eyes > out for stuff that appears in other places that fits into the > `whistleblowing' category and forwards it to that group. If there is > any heat they just point to the original posting and say `I did nothing > but forward it, don't talk to me about it.' (By the way, the Mycotronx > posting is awesome whistleblower stuff, the kind that legends are made > of, but I think it still might be a bit risky to post that to a Usenet > group yet, even an `alt', even anonymously). Also, we can just forward > interesting stuff from newspapers and magazines. No risk there. If > anybody thinks they have a solid way to remain anonymous (we're talking > about cypherpunks here, I'm sure they'll find a way) they can post > *now* using old-fashioned methods. Some time ago, I joined the bandwagon in opposing this "hasty" decision to form the WB group. But, I like this idea. My reason for opposing it the first time was that people's lives/jobs could be at stake. This might be a germination point for the full-blown WB group, but without the risks to it's contributers. I like this idea. > > What more can I say? Isn't the immediate need transparently clear? > Does *anyone* read what I write? Am I nothing but a babbling, deranged > lunatic? Just *watch* how fast I get a FAQ there, if it *ever* starts... I'm reading it. And (for once?) I agree on this subject. > There are now several hundred quasi-official cypherpunks, and I think a > lot of them are agitated and itching for something to do! Not to I know the feeling..... ;^) +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl at triton.unm.edu | But, I was mistaken. |available| | mike.diehl at fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From mdiehl at triton.unm.edu Sat May 22 23:02:56 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sat, 22 May 93 23:02:56 PDT Subject: Dolphin Encrypt. Message-ID: <9305230602.AA06626@triton.unm.edu> Hi all. I just received my demo version of Dolphin Encrypt which was shamelessly advertised on this list. ;^) I haven't had much time to play with it yet, but I thought I'd post my initial reactions. BTW, I don't think I've ever received anything in such a timely manner. Good job guys. The disk came with several pages of documentation, and advertising. The docs indicate that "the encryption process relies partly on the RSA Data Security, Inc., MD5 Message Digest Algorithm." I wonder what they mean by "partly." Interestingly, a decrypt-only version is available. Apparently, a C/C++ library of functions is available for $128 with commercial licensing offered. The documentation indicates that the encryption key can be from 10 to 60 characters in length, with case NOT SIGNIFICANT. I ran the demo but didn't have time, at the moment, to really get into it, yet. The demo indicated that the package supports a script language, which seemed to be very powerfull. In fact, part of the demo was writen with the scripting language. I think this is a novel idea. The demo seemed fairly intuitive and presented all (maybe too much?) of the needed information and status indicators. This is the extent of my comments after a VERY superficial examination of the software. I will take a better look at it later this week. If there is any interest, I will write a more in depth review. ...just my $.02 worth. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl at triton.unm.edu | But, I was mistaken. |available| | mike.diehl at fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From mlshew at dixie.com Sun May 23 04:35:23 1993 From: mlshew at dixie.com (Mark Shewmaker) Date: Sun, 23 May 93 04:35:23 PDT Subject: Meeting: Suggest Meeting at Comdex Wednesday Afternoon Message-ID: A number of people on cypherpunks and extropians will be in Atlanta at Comdex next week, so we have an opportunity to get together. One great location would be in the Omni food court (Now the CNN Center), which is right by the World Congress Center where Comdex will be held. There are a lot of fast food places and a very large commons dining area. I'd suggest meeting, say, at 1:00 Wednesday afternoon or so, not for any formal meeting, but just to get together for a while at lunch to talk, trade keys, and so forth. (You'll have probably been there before Wednesday, as it's a convenient place to go for lunch at the convention. If you don't know which building it is by Wednesday, ask anyone anywhere around you to point you towards "The Omni" or "CNN Center" or "where CNN is", go in the building, and you can't miss the food court.) Don't forget to bring copies of your public keys, or some pieces of paper or business cards with your PGP fingerprint hash written on them. From jordan at imsi.com Sun May 23 10:16:00 1993 From: jordan at imsi.com (Jordan Hayes) Date: Sun, 23 May 93 10:16:00 PDT Subject: The New Mykotronix phones... Message-ID: <9305231707.AA12544@IMSI.COM> From mbriceno at aol.com Sat May 22 03:56:25 1993 If everybody would be armend, we would no longer look at the government as the sole provider of protectios from violent crimes, rape, or muggings. I'm sure lots of people could give examples of areas where "everyone" *is* armed, and while they certainly don't rely on "the government" (i.e., local police forces) for protection, most would agree the situation is not desirable ... /jordan From bcox at gmu.edu Sun May 23 13:50:58 1993 From: bcox at gmu.edu (Brad Cox) Date: Sun, 23 May 93 13:50:58 PDT Subject: Police protection Message-ID: <9305232050.AA29804@gmuvax2.gmu.edu> >I'm sure lots of people could give examples of areas where "everyone" >*is* armed, and while they certainly don't rely on "the government" >(i.e., local police forces) for protection, most would agree the >situation is not desirable ... Yep. Switzerland for sure (every draft age citizen keeps an assault rifle and ammo). Similarly for most US rural states; Oregon, South Carolina, Texas and Arizona come to mind. So do shooting ranges and guns shows most anywhere. I've never felt safer than in such places, and most would say most such places are desirable, compared to say Washington DC or New York where guns have been outlawed for ages. Except for of course, those in the hands of the state and the criminals. Why in the world would you say otherwise? -- Brad Cox; bcox at gmu.edu; 703 968 8229 Voice 703 968 8798 Fax George Mason Program on Social and Organizational Learning From pauld at umbc.edu Sun May 23 14:12:14 1993 From: pauld at umbc.edu (Mr. Paul Danckaert (ACS)) Date: Sun, 23 May 93 14:12:14 PDT Subject: Unix Security Message-ID: <199305232111.AA15613@umbc7.umbc.edu> Hey all.. I'm writing a program to see just how secure some of this unix password security is, and I would like to know more about how the final result in the passwd file is encrypted.. where could I get such information? Thanks.. (We are going kerberos here so that should help matters some atleast.. :) Paul --- Paul Danckaert - pauld at umbc.edu --------------------------------------- From smb at research.att.com Sun May 23 14:56:18 1993 From: smb at research.att.com (smb at research.att.com) Date: Sun, 23 May 93 14:56:18 PDT Subject: Police protection Message-ID: <9305232156.AA04712@toad.com> I've never felt safer than in such places, and most would say most such places are desirable, compared to say Washington DC or New York where guns have been outlawed for ages. Except for of course, those in the hands of the state and the criminals. Why in the world would you say otherwise? -- I think because he's thinking of places like Beirut, Somalia, Bosnia, and so on. You know -- places without any effective central government. From slippery at netcom.com Sun May 23 15:31:49 1993 From: slippery at netcom.com (Sunah Cherwin) Date: Sun, 23 May 93 15:31:49 PDT Subject: privacy graphics archive Message-ID: <9305232232.AA15865@netcom2.netcom.com> I would like to assemble an archive (electronic *and* paper) of graphics relating to privacy and encryption. These could be made available for republication in books and magazines, so any items not already in the public domain ought to be accompanied by source citations so that permissions may be obtained. I'd be interested in graphs, diagrams, flowcharts, cartoons, line drawings, photos, and any other graphical content you can think of. More specifically, graphs (e. g. comparing the difficulty of breaking various encryption methods, encryption time as a function of RSA key length, etc.), diagrams (such as Hal Finney's excellent flowcharts in Extropy #10), cartoons (e. g. political cartoons about various government attempts to control/stifle encryption), and photos (of commercial software product packaging, photos of secure phone systems such as marketing depts would produce, photos of famous cypherpunks, cryptographers, and crypto programmers) Items on paper as well as items in electronic format will both be welcomed. Send the former to 1800 Market St, #243, San Francisco CA 94102. Send the latter to slippery at netcom.com in uuencode or BinHex4 format. From jet at nas.nasa.gov Sun May 23 18:35:17 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Sun, 23 May 93 18:35:17 PDT Subject: Police protection In-Reply-To: <9305232050.AA29804@gmuvax2.gmu.edu> Message-ID: <9305240134.AA23462@boxer.nas.nasa.gov> Brad Cox writes: > and ammo). Similarly for most US rural states; Oregon, South Carolina, > Texas and Arizona come to mind. So do shooting ranges and guns shows most Just so you know, gun control laws in Texas are about as strict as those in Calif. On the other hand, Louisiana has an "open-carry" law (with exceptions for banks, bars, and a few other places). I'm not sure if I felt safer in Louisiana or California. I know that we were a bit more polite in Louisiana, but then again, it was a more rural state where *everybody* was poor, not just members of a couple of ethnic groups. From esr at snark.thyrsus.com Sun May 23 19:06:45 1993 From: esr at snark.thyrsus.com (Eric S. Raymond) Date: Sun, 23 May 93 19:06:45 PDT Subject: draft FAQ Message-ID: Here's the first draft of the FAQ. You'll see that it's basically a frame, an outline, and an intro. If you can fill in one of the sections, please do so and mail it to me. --- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION --- This is the Cypherpunks FAQ. It explains the projects and purposes of the Cypherpunks mailing list. It is also intended to serve as a general introduction to privacy and encryption issues. For details on the technical and theoretical aspects of computer cryptography, see the sci.crypt FAQ, available for FTP from rtfm.mit.edu (18.172.1.27) in the directory pub/usenet-by-group/sci.crypt. The cypherpunks archive is available for FTP at soda.berkeley.edu:pub/cypherpunks This site contains code, information, rants, and other miscellany, including the most up-to-date version of this FAQ. This FAQ is maintained by Eric S. Raymond ; send additions and corrections to that address. Sections contributed by others are credited to individual authors. We gratefully acknowledge, in addition, feedback and comments from David Mandl and Eric Hughes . 1. Why cypherpunks? Because privacy is essential to freedom. If the government (or any other oppressor that behaves like one) can effectively monitor communications, it can control or suppress them. And it will do so, because the natural tendency of controllers is always to seek more control. The government cannot be relied on to protect your privacy rights. Nor can anyone else --- certainly not your employer, or the corporations that want to know all about you so they can sell you things. Given half the chance, governments and corporations will always push for security standards that protect *them*, but not *you*. Computer technology can help protect you against would-be snoopers, but only if somebody is sufficiently smart and dedicated to build the tools. The Cypherpunks list exists to build and propagate privacy software. Our aim is to give you the tools to communicate with other people and computers in ways snoopers cannot tap. 2. What are the essentials of privacy software? a. Public-key cryptosystems for secure communication. b. Unforgeable electronic signatures for message authentication. c. DC-net or similar protocols to thwart spoofing. 3. What are the potential applications of good privacy software? a. Secure communications. b. Digital cash. c. Electronic voting. d. Electronic contracts. e. Secure anonymous remailers and posters. f. 4. What are the key algorithms, tools, and implementations for privacy software? a. RSA b. DES c. Clipper/Capstone/DSS d. PGP e. Possible non-RSA trapdoor functions. 5. What are the social and political implications of good privacy software? a. Drastically lower transaction costs for trade. b. Expansion of the counter-economy. c. Disempowerment of government. d. Anonymity for whistleblowers. 6. What are the legal, political, and technical obstacles? a. The Clipper/Capstone/DSS power grab. b. The RSA patent and the PGP/RSA fight. c. RSA's base problem may not be NP-complete. 7. What can I do to help? a. Work on cryptographic software. b. Agitate against the Clipper/Capstone/DES standard. c. Promote the use of encrypted communication, help spread PGP and other appropriate tools far and wide (both to help get a better foothold to thwart the Clipper monopoly and its ilk, and to work towards making crypto as commonplace as envelopes). To join the cypherpunks mailing list, send a request to: cypherpunks at toad.com Working with us could be your best shot at stopping Big Brother. So if you have skills to contribute, act now. The freedom you save could be your own. --- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION --- -- >>eric>> From mbriceno at aol.com Sun May 23 19:18:38 1993 From: mbriceno at aol.com (mbriceno at aol.com) Date: Sun, 23 May 93 19:18:38 PDT Subject: Police protection Message-ID: <9305232219.tn33171@aol.com> > I've never felt safer than in such places [where lawabiding citezens are armed], and most would say > most such places are desirable, compared to say Washington DC > or New York where guns have been outlawed for ages. Except for > of course, those in the hands of the state and the criminals. > > Why in the world would you say otherwise? -- > > I think because he's thinking of places like Beirut, Somalia, Bosnia, > and so on. You know -- places without any effective central > government. Perhaps my post needed some clarification: I do not believe that a lawfull governmental police force becomes unneccessary once we hand every citizen a gun. Just as the police can not grant an unarmed public's security, an armed populace alone is no guarantee for safe streets. Only the combination of a well prepared public working together with a responsible government can make our lifes truely safe from infringementes by anti-social individuals. I beleive that if people were allowed to used crypto in all communication and carry a gun at all times, crime-be it street crime or white collar- would be reduced to levels far below the present rate. --Marc From bbyer at BIX.com Sun May 23 21:11:53 1993 From: bbyer at BIX.com (bbyer at BIX.com) Date: Sun, 23 May 93 21:11:53 PDT Subject: cypto + compression Message-ID: <9305232037.memo.36584@BIX.com> In-Reply-To: <199305212303.AA21876 at joes.GARAGE.COM> > In fact there are not. You can test this out; use PGP to encrypt any > file you please, and then use any compression software you like to > compress it. You will get no significant compression. I don't know if there will be any new redundancies or not, but PGP compresses it's output so you would naturally get no further compression. Ben Byer From arkuat at joes.garage.com Sun May 23 22:58:48 1993 From: arkuat at joes.garage.com (Eric Watt Forste) Date: Sun, 23 May 93 22:58:48 PDT Subject: cypto + compression In-Reply-To: <9305232037.memo.36584@BIX.com> Message-ID: <199305240602.AA17283@joes.GARAGE.COM> Ben Byer wrote: I don't know if there will be any new redundancies or not, but PGP compresses it's output so you would naturally get no further compression. Dhoh! I should have specified that PGP's built-in compression be turned off. Even without precompressing, encryption destroys almost all the redundancy that compression can take advantage of. Eric Watt Forste arkuat at joes.garage.com 1800 Market St #243 San Francisco CA 94102 "Expectation foils perception." -- Pamela C. Dean From stig at netcom.com Mon May 24 01:44:03 1993 From: stig at netcom.com (Stig) Date: Mon, 24 May 93 01:44:03 PDT Subject: PGP: Environment protection for UNIX Message-ID: <9305240844.AA22961@netcom.netcom.com> Phil & Cypherpunks: Here's a little program that demostrates a fairly simple way to immprove pgp security on multi-user systems.... main (int argn, char **argv, char **envv) { for ( ; *envv ; ++envv) { if (!strncmp(*envv,"PGP",3)) { char *c=*envv; while (*c) *c++=' '; } /* end of if */ } /* end of for */ system("printenv"); sleep(10); } It deletes from it's own environment any environment variable that begins with the string "PGP". It ain't bullet-proof but just by grepping the environment of netcom, I've identified several PGP users: yonder nickt centaur henderso This hack would prevent that... 'Course for UNIX, PGPPATH should default to $HOME/.pgp anyway. Not doin' the work I oughta be doing, Stig... /* Jonathan Stigelman, Stig at netcom.com, PGP public key on request */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From wixer!wixer.bga.com!meyer at cactus.org Mon May 24 05:42:30 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Mon, 24 May 93 05:42:30 PDT Subject: FAQ Message-ID: <9305240651.AA16024@wixer> Damned line noise zapped this last time just as I was about to send it. I don't think it went (uustat apparently knew nothing of it), so here it is again: >From Eric Raymond's draft FAQ: >The Cypherpunks list exists to build and propagate privacy software. Our >aim is to give you the tools to communicate with other people and computers >in ways snoopers cannot tap. > >2. What are the essentials of privacy software? > a. Public-key cryptosystems for secure communication. > b. Unforgeable electronic signatures for message authentication. > c. DC-net or similar protocols to thwart spoofing. Privacy extends to more than just invulnerability to eavesdropping upon one's communications. One may have private records which are viewed only by oneself, and never communicated. A cryptosystem suitable for encryption of such non-communicated information need not be a public-key cryptosystem. Thus: 2 d. Cryptosystems for protecting privately-held information against unauthorized access. From gnu Mon May 24 08:28:42 1993 From: gnu (John Gilmore) Date: Mon, 24 May 93 08:28:42 PDT Subject: Another license server begs for cryptanalysis Message-ID: <9305241528.AA04488@toad.com> I love these servers where "a short encrypted string" can enable access to all sorts of things... ---------------------------------------------------------------------------- The Florida SunFlash Third Party Announcements SunFLASH Vol 53 #30 May 1993 ---------------------------------------------------------------------------- Subject: Viman Software Ships LicenseServ 3.0 - License Manager Newsgroups: comp.newprod Contact: Vikram Duvvoori Organization: Viman Software, Santa Cruz, California Phone: (800) 827-4590 (USA, Canada, Mexico); Ph: (408) 459-0678 FAX: (408) 458-2862 email: info at viman.com Viman Software Ships LicenseServ 3.0 on all major workstations. Santa Cruz, CA., Th. April 29, 1993 - Viman Software today announced the release of its next generation of network license manager, LicenseServ 3.0, for all major workstation platforms (including Sun, HP, NeXT, IBM RS/6000, DEC, SGI, Apollo and IBM PCs). LicenseServ is a licensing software package that allows software developers to support a wide range of licensing options including usage based licensing and full-featured evaluation copies. Existing customers who have been shipping their products with LicenseServ for over a year now have been extremely satisfied with their experience. Some complex applications were licensed by earlier customers within a few minutes and were shipping globally within one week. With a comprehensive set of features at an affordable price, LicenseServ brings sophisticated licensing within the reach of even small software developers. LicenseServ is available on more than twenty Unix platforms. Integration is straightforward as it only involves adding a few (3 in many cases) function calls to the application code. The licensing is transparent to end-users and the tools which come with LicenseServ make license management simple for system administrators at the end-user sites. This release introduces several new licensing features along with function-level compliance with the LS API 1.0 - a recent standard in license management. Software vendors license their applications by linking them to the LicenseServ libraries. The vendors then have a rich set of choices. A small sample of the range of licensing options includes: - Personal/Group Licenses (restricting usage to a set of users/machines) - Component Licenses (licensing different modules within an application) - Shared licenses (several users/machines sharing a single license) - Site licenses (usage restricted to a particular site) - Version control (licensing different versions of the same software) The licenses can be customized for each of the copies shipped. The software can be restricted to a limited number of concurrent copies running on the network, or node-locked to a particular set of machines. The vendor can easily create full-featured demo copies of applications that can be sent with a "time-bomb" which would prevent them from running beyond a certain date. Extensions of this date, or upgrading the demo to a full release, could then be done by simply sending a short encrypted string over the phone or facsimile. The basic version, LicenseServ Standard, lists at $2000 for the first platform and $1000 for each additional platform. The advanced version, LicenseServ Extended, lists at $ 5000 for the first platform and $ 2000 for each additional platform. All prices include 1 year of free technical support, upgrades and a 30 day money back guarantee. Viman Software is headquartered at 1320 Mission Street, Suite 5, Santa Cruz, CA 95060, USA. For more information please send email to info at viman.com or call toll-free (800) 827-4590 (408-459-0678 outside North America) or send a fax to (408) 458-2862 ---------------- LicenseServ, LS API 1.0, Sun, HP, NeXT, IBM RS/6000, DEC, SGI, Apollo and IBM are trademarks of their respective owners. From dmandl at lehman.com Mon May 24 08:29:48 1993 From: dmandl at lehman.com (David Mandl) Date: Mon, 24 May 93 08:29:48 PDT Subject: MacWorld Special Report Message-ID: <9305241529.AA15822@disvnm2.shearson.com> There's a pretty solid Special Report in the new issue of Macworld (July, 1993) on the ever-increasing threats to electronic privacy. Part One is called "Bosses with X-Ray Eyes: Your Employer may be Using Computers to Keep Tabs on You"; Part Two is "Privacy in Peril: How Computers are Making Private Life a Thing of the Past." Highlights: The reporters performed a little test to see how easy it is to get information on people electronically. They managed to get stacks of personal, legal, and financial data on, among others, Janet Reno, Clint Eastwood, Edwin Meese, George Lucas, Joe Montana, William Hearst, and the CEO of Bank of America with very little trouble. A poll on employers' invasions of workers' privacy found that 21.6% of companies search employees' files. There's also a sidebar on the insecurity of email. Favorite quote: "The U.S. is a laughingstock among privacy experts because we protect video- tape-rental records, but not medical records." In the same issue, columnist Stephen Levy is harshly critical of the Digital Telephony Bill. He goes off on a tangent about cryptography, and, while he doesn't mention Clipper, he speculates that if the bill is passed, the banning of strong crypto would very likely be next. He mentions PGP in passing. These pieces are all very strongly pro-privacy. It's nice to see this kind of coverage. I think articles like these are a tremendous help in furthering cypherpunk goals. --Dave. From Benjamin.Britton at UC.Edu Mon May 24 05:29:51 1993 From: Benjamin.Britton at UC.Edu (Benjamin.Britton at UC.Edu) Date: Mon, 24 May 1993 08:29:51 -0400 (EDT) Subject: on privacy in digital communications Message-ID: _______________________________________________________________________________ On Privacy in Digital Communications Taxpayers, legislators, social and governmental leaders do not yet realize that use of the "Clipper Chips" would make their most intimate, most highly private and proprietary information completely accessible through online information links to organized crime, foreign governments and the American national intelligence community. Anyone who has grown up wondering why they did not prosecute the assassination of President Kennedy has reason to fear the "Clipper Chip" technology. There is no need for absolute intrusability into the private lives or public records of American citizens. On the contrary, responsible governmental efforts should seek to rebuild such privacy by outlawing databases based on Social Security numbers and by codifying legal remedies against businesses which have illegally compromised public or private information. We should move, not away from citizens' rights in the new age of computing; rather we should use a blend of American democracy and high technology to make sure we retain the rights guaranteed to us by the American Constitution. It should be made illegal to encode a database of personnel information based on the Social Security numbers of the individuals. Such databases are inherently inaccurate and encourage covert searches for private information. Alphabetic listings of individuals names can be encoded with a unique key by an institution holding a database of personal information, for purposes of information retrieval. This key should be enciphered on a timely basis, such as during annual board meetings, by individuals in positions of legal responsibility in the organization. If the key is leaked by the organization, legal suit should be able to be brought to determine how the leak occurred, to punish the offenders if appropriate, and to establish a new key to the database with participation from the prosecuting judge and the defendant. Database encoding with this new key should then be legally required and enforced, and periodic encipherment of the code by the database holders should continu! e as before. A new function of law enforcement will need to develop; police, rather than being some of the greatest abusers of private information held in data networks, will have to become the enforcers of privacy and data security. If the police don't want to do this job, or if they feel they cannot, they should be fired and new police willing and able to guarantee the rights of citizens should be hired. Data security in cyberspace is a real concern, not only for the federal government, but also for local governments, businesses and individuals. The police will enforce the laws only if the laws are established, and they can serve as guardians of private data and personal information if such responsibilities are levied upon them. Data security, personal privacy, and the gross abuses of digital databases in the hands of white collar criminals are issues which lie at the heart of America's present malaise. If the government of the United States is not morally capable of taking on the challenge of instituting privacy in digital communications, we may look forward to years of gross criminality and abuses of human rights which will make the S&L scandals of the 1980's pale by comparison. But no government intent on enslaving the citizens who continuingly create it can stand. If our representatives in the Federal government cannot squirm free of the grips of organized crime, we may look forward to a distant national revolution. But no country, intent on guaranteeing the rights of its citizens, run by leaders with moral authority and free will, would seek consciously to hand the people over as slave/cattle to the organizers of international criminal cartels. The "Clipper Chip" technology as outlined in ! national press releases would guar antee and constitute such a wholesale handover of Americans. It would codify, promulgate and direct the destruction of privacy rights for all individuals by guaranteeing the availability of all information to anyone wealthy and corrupt enough to buy it. The alternative course is for our government to turn around completely, to build ways of defending the privacy of the individual against unnecessary search and seizure. The term privacy and its root word private will take on new meanings in the coming years. For example, records containing the votes you have cast in public elections during your life may be considered private, although the public institution of government is your only guarantor of that privacy. Goverment acts (supposedly) as conscious guarantor of the privacy and security of your participation in public affairs. They could certainly make the same efforts to secure your tax information, your demographic information, your legal records, your personal information derived during security background checks by intelligence agencies; but they do not. They encode all this with your social security number guaranteeing its accessibility to international criminal cartels operating outside the control of our government. The term "privatization" has come into vogue through its promotion by the international monetary fund during the 1980's (and continuing today); it has meant the han! ding over of publicly guaranteed e nforcement of citizens' rights to private individuals not accountable through democratic processes. Such handovers are a public concern, because they threaten the structure of legal enforcement which is the original reason for a democracy. Privatization conflicts with privacy, because it is through the self-interest of private citizens involved in participation in legal processes of government, such as through election to public office or participation in jury duties, that make a democracy work for the welfare of its individual citizens. When control is taken out of the hands of the public and handed over in the form of privatization, no citizen, except he or she who controls the private company, may defend their legal rights successfully and without preemption by default. The government exists to enable citizens' participation; such participation must be an inherent part of securing personal privacy in digital communications. I suggest that computing necessitates a reaction from government, and that reaction should properly be to defend the rights of citizens, including the right to privacy. A change in direction is called for; our government should support individuality. Public participation is essential to establish that no one has the right to our privacy. One may envision a 21st century public ceremony of encoding the National Database: A one-year-old child taps on a keyboard, and nationwide in realtime others do alike. This would be no guarantee of privacy, but far better than a quarantee of no privacy. Benjamin J. Britton May 24, 1993 Assistant Professor Electronic Art, Fine Arts University of Cincinnati Benjamin.Britton at uc.edu ________________________________________________________________________________ From geoffw at nexsys.net Mon May 24 09:03:47 1993 From: geoffw at nexsys.net (Geoff White) Date: Mon, 24 May 93 09:03:47 PDT Subject: on privacy in digital communications Message-ID: <9305241546.AA02235@nexsys.nexsys.net> Here is a post from a friend of mine who has been following the Clipper debacle. He told me to post it to whatever groups would be interested. ----- Begin Included Message ----- From chrmsync at mindvox.phantom.com Mon May 24 09:42:52 1993 From: chrmsync at mindvox.phantom.com (Chrome Sync) Date: Mon, 24 May 93 09:42:52 PDT Subject: Caller ID Question Message-ID: [Lurker Mode : OFF] I know Caller ID for the common man didn't go through here in Cal., despite the fact we have call return. I have a friend in politics who'd like caller ID to screen out 'junk' calls. Is it possible to implement it, and if so, where would any hardware mods be necessary (or is it strictly a Pac.Bell switching thing). [He wants to know if there a way, legal or not, to do so strictly from his end]. Thanks in advance ... [ Cyber-Renaissance Man ] || || || Chrome Sync || || || [ ** & CypherPatriot ** ] From peb at PROCASE.COM Mon May 24 10:33:14 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Mon, 24 May 93 10:33:14 PDT Subject: cypto + compression Message-ID: <9305241730.AA13070@banff.procase.com> >if you're just using compress and you make that known Yes, this is worth pointing out; the main idea is to keep the opponent from knowing the format. Increasing the entropy via compressions is good in its own right since it makes the encoding more complex and provides more stumbling blocks. Cypher chaining seems to be even better for confounding opponents, but I'll let someone else commment on that. Paul E. Baclace peb at procase.com From karn at qualcomm.com Mon May 24 10:49:41 1993 From: karn at qualcomm.com (Phil Karn) Date: Mon, 24 May 93 10:49:41 PDT Subject: on privacy in digital communications Message-ID: <9305241749.AA05999@servo> >From UC.Edu!Benjamin.Britton at cdp.igc.org Mon May 24 06:12:53 1993 > Anyone >who has grown up wondering why they did not prosecute the assassination >of President Kennedy has reason to fear the "Clipper Chip" technology. Because the only credible suspect was killed two days later, and there is no provision for posthumous trials in the US? This reminds me of that great exchange in the movie "Sneakers" between Dan Ackroyd and Sidney Poitier. From memory: Ackroyd: "You know, the NSA shot Kennedy". Poitier: "What? Now you're telling me that the NSA was responsible for the JFK assassination??" Ackroyd: "No, they only shot him. He's still alive..." I think it would help enormously if we Cypherpunks stayed focused on our core issue: the use of strong cryptography to protect personal privacy against all potential intruders, private or government. It will not help us to gain mainstream acceptance to blur our image with fringe conspiracy theorists, gun nuts, survivalists and the like. Phil From hughes at soda.berkeley.edu Mon May 24 11:17:32 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 24 May 93 11:17:32 PDT Subject: Caller ID Question In-Reply-To: Message-ID: <9305241813.AA17842@soda.berkeley.edu> >I know Caller ID for the common man didn't go through here in Cal., >despite the fact we have call return. This is the distinction. The underlying hardware and switching protocols all have the capability for calling-number identification, but the PUC didn't allow the consumer service "Caller-ID" to exist. As a result, Pac Bell now offers services which use it in indirect ways. Not only do we have Call Return, but also Call Screen, Priority Ringing, Select Call Forwarding, and Call Trace. I just spoke to the business office and Caller-ID is not available even on their business lines, not even the Pac Bell 800 offerings. It looks like the only way to do this is to get 800 service from another carrier. Even then, I'm not sure that intra-California service will be available. Eric From hughes at soda.berkeley.edu Mon May 24 11:20:03 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 24 May 93 11:20:03 PDT Subject: MacWorld Special Report In-Reply-To: <9305241529.AA15822@disvnm2.shearson.com> Message-ID: <9305241816.AA18098@soda.berkeley.edu> Re: MacWorld Kudos to Mitch Ratcliffe for the MacWorld coverage. He's a strong advocate of privacy issues and makes sure his magazine covers them. Eric From kqb at whscad1.att.com Mon May 24 11:59:53 1993 From: kqb at whscad1.att.com (kqb at whscad1.att.com) Date: Mon, 24 May 93 11:59:53 PDT Subject: Steganography and Steganalysis Message-ID: <9305241859.AA11273@toad.com> Summary: Steganography is essential for private communication since well-encrypted messages stand out too easily and no "solidarity" of sophisticated cryptography users is likely to make such messages less obvious any time soon. By "steganography" I mean inserting a hidden message into ordinary text in such a way that even if the algorithm for inserting the hidden message is public, only the intended receiver can read the hidden message or even show that a hidden message exists. I list several types of measures of "normal" English text that may be useful for steganalysis and then I present calculations suggesting that English has a steganographic capacity of about 10 percent. Note: This is my "newbie" post to cypherpunks. It asks many questions because there is a lot that I do not know, but I hope it also has several thought-provoking ideas. I am mostly trying to elicit feedback from those who are more knowledgeable about cryptology-related matters by providing them with some problems that are both useful and mentally stimulating. Failed PGP Social Program In his introduction to PGP, Phil Zimmerman compares plaintext messages to mail sent on postcards and encrypted messages to mail in sealed envelopes. Currently, using envelopes does not arouse suspicion because almost everyone uses envelopes, but using encryption does arouse suspicion because almost nobody uses encryption. Zimmerman's proposed solution is for almost everyone to use encryption routinely, so that encrypted messages will be the norm. I do not believe that this will succeed, at least not in the way Zimmerman hopes. Even though PGP is highly regarded, free, and fairly readily accessible, no "solidarity" of PGP users will arise unless email with PGP encryption becomes transparently convenient to use and also does not invite civil lawsuits or criminal charges. (An RSAREF version of PGP would help, though.) The kinds of encryption that *will* become readily available, easy-to-use, and legally hassle-free will be the crippled kinds of encryption. Encryption that is not crippled always will be suspect, perhaps illegal. By using sufficiently intelligent steganographic techniques, however, we will not need any "solidarity" from other people at all. If our "envelopes" look like "postcards," they will not arouse the stormtroopers. Steganography and Steganalysis A few people have experimented with inserting messages into image files. But most of our email traffic is text, so I am most interested in steganographic techniques for normal English prose. Furthermore, we need to have a reasonably high efficiency for inserting the hidden message while not contorting the text too far from normal. Peter Wayner's Mimic functions for producing a baseball game commentary are notable. (No, I still haven't done the C conversion of the Think Pascal version I received almost two years ago. But I haven't forgotten!) I am not certain how efficiently his program encodes the hidden message, but I do want the resulting text to be less conspicuous. Imagine thousands of messages per day consisting of similar sounding commentary on the Whappers and the Blogs! That's too obvious. Gus Simmons [CRYPTO83] has described subliminal messages, which certainly are suitably innocuous, but unfortunately far too low bandwidth. A good steganographic system should insert encrypted messages into English text so unobtrusively that nobody but the intended receiver can show that a hidden message exists, even if the algorithm for the steganographic system is made public. (Perhaps I should call this "stealthography"?) The examples of steganography described in [KAHN] all fail this test. Similarly, so do silly kinds of "steganography" such as the following "SECRET": So how have you been doing? Everything is fine here. Can we visit soon? Remember when we went white-water rafting? Everyone got soaked! That would be fun to do again! This is silly not only because the hidden message is not encrypted but also because anyone who knows the insertion algorithm can readily discover that a hidden message does indeed exist. To create a good cryptographic system, one must first do cryptanalysis. Similarly, I suggest that to create a good steganographic system, one should first do steganalysis. For that reason, the next section of this message focuses on potential tools for steganalysis. Perhaps people more knowledgeable about steganalysis will tell how best to make use of these, and other, tools for steganalysis. Disclaimer: I admit that my knowledge of steganalysis is limited. Perhaps at this point I should just ask what I should read to learn more about this, but I suspect that the public literature is sparse and scattered. For example, we have the words "encryption" and "decryption", but what do we call the corresponding words for steganography: steganization and desteganization? If we don't even have good terminology for the process, I suspect that we do not have much well-organized literature on it, either. What follows is my best guess concerning steganographic issues. The first goal of steganalysis is to determine that a hidden message is likely. The second goal is extracting that hidden message and the third goal is decrypting that hidden message. To be able to infer that a hidden message is likely, we need measures that distinguish normal from unusual English text. Measures of Normal English Text What is normal English text? In general, this is unsolvable, and not even well-defined. It depends on the context, author, subject, etc. Nevertheless, I can think of several kinds measures that are likely to be useful and I hope that other people can suggest more. (1) letter frequency Letter frequency is just the first order Markov model for English. Shannon showed how 2nd order, 3rd order, etc. Markov models enable increasingly English-like output from a memoryless source. How much deviation from these standard frequencies is normal? What other kinds of letter frequency-related statistics might be useful? For example, if you measure the number of characters between each occurrence of a particular character, what type of distribution of intervals should you get? (An exponential distribution? A Poisson distribution? An Erlang distribution?) (2) word frequency Shannon also constructed 1st order, 2nd order, etc. Markov approximations to English using words rather than characters as the elements. How much variation should we expect from these approximations in ordinary English? Zipf's Law [WELSH, p. 97] states that the word frequency for a language obeys the formula: p(n) = A / n where A is a constant chosen so that: SUM p(n) = 1 n For example, in English, the most frequently used words are, in order, "the", "of", "and", and "to". According to Zipf's Law, the word "the" should be used about twice about as often as the word "of" and about four times as often as the word "to". Mandelbrot suggested a more complex formula: p(n) = A / (n + V)^(1/D) where V and D are independent parameters. I suppose that the intelligence agencies have even more sophisticated models. (3) compressibility According to [WELSH, p. 96], Shannon's experiments measured the entropy of English (over a 26 letter alphabet plus a space) as only 0.6 to 1.3 bits per character. Since normal English text has both upper and lower case, digits, and other characters, perhaps a better value for normal English is about 2.5 bits per character. (If so, then shouldn't compression programs be able to achieve about a factor of 8 / 2.5 > 3 compression?) Is "dense" writing less compressible than "fluff"? Apparently so, since measurements of the redundancy of various English texts [WELSH, p. 100] show significant differences. Since well-encrypted messages are incompressible, will a message that hides an encrypted message be less compressible than normal English text? (4) grammar, style, and readability Grammar checkers can distinguish normal sentences from text such as: "Distinguish normal can grammar checkers text sentences from." that may satisfy other statistics for normal English text. But what is an ordinary distribution of legal grammars of English sentences? Also, how does one allow for the different conventions in formal, written English vs. conversational English vs. slang vs. email/USENET netspeak vs. special sublanguages such as computer languages or mathematics? Bear in mind that netspeak has several distinguishing features. For example, email addresses of the form xxx at xxx.xxx.xxx, quoted text with a ">" in column 1, and smilies are typical net conventions. Mail headers and signatures (especially PGP signatures) have a special structure, too. Can a grammar checker help to distinguish normal text from text that may have a hidden message? What useful clues may style and (Kincaid, Coleman-Liau, Flesch, etc.) readability scores give? An interesting experiment would be to compare automated readability scores with the compressibility of the text. (5) semantic continuity and logic Do the sentences in a paragraph relate somehow to each other, or are they separate, independent constructions? How can that be measured automatically? (6) message context Does the content of the message look normal in its context? (For example, a baseball play-by-play would look out-of-place in sci.med.) How can that be measured automatically? (7) obvious Some people are known suspects, no matter how innocuous-looking their messages are. All their messages are suspect. (8) other measures What other measures might be useful for detecting the likely presence of a hidden message? The distribution of number of words in a sentence? The distribution of number of sentences (or words) in a paragraph? What programs and/or databases are readily available for making these measures? Steganographic Capacity of English Text If the public English text is N characters long, how long can a perfectly hidden message within that public text be? I think that it can be about N/10 characters long, for a steganographic capacity of 10%. I will show two ways to hide information in the public text: (1) the grammatical structure of the sentence and (2) the word choice in the sentence. (These are not the only methods, but they may be the two best methods.) Do you recall back in school when you "diagrammed" sentences in your English class? That was actually imposing a parenthesization on the sentence. For example, the sentence: The tall boy ate the big pie. becomes: (The (tall boy)) (ate (the (big pie))) The number of possible parenthesizations of a sentence of N words is related to the number of ways to match N pairs of parentheses. The number of matchings is the Nth Catalan number: C(2N, N) N-2 X(N) = -------- >= 2 [AHU, p. 73] N + 1 where C(2N, N) is the number of combinations of 2N objects, taken N at a time, which is (2N)!/(N!^2). The number of parenthesizations is the N-1st Catalan number. If all parenthesizations were equally likely, then the parenthesization of a sentence of N words would give greater than (N-1)-2 = N-3 bits of information for 1 - 3/N bits per word. (Of course, not all parenthesizations are equally likely. But X(N) is also much larger than 2^(N-2), so for now I'll assume that those two roughly cancel out.) Since the average word length in English is about 4 characters [WELSH, p. 101], or 5 characters counting a separating space, and each ASCII character has 8 bits, we get a steganographic efficiency of (1 - 3/N) / 40. (Notice that I am ignoring punctuation in my count of characters in English text. Since this count is just a rough approximation anyway, the effect of punctuation should get lost in the noise.) Another way to hide information in the public text is with the choice of words. Since English has a large vocabulary, I think that almost always we can get one bit of information per word, just from the word choice alone. (Unusual words should not be used often, though, since normal English text does not use them often.) For example, we might XOR all the bits of all the characters of the word and use its parity. Can we get two bits per word? Probably most of the time. Suppose that we try to get two bits per word from our word choice but succeed only with probability p. The channel capacity of a BSC is: 1 + p log p + (1-p) log (1-p) which is: 1 - H(p) By Shannon's noiseless coding theorem, we should be able to achieve an error correcting coding that approaches this capacity. (Use of that encoding unfortunately may alter the statistics of the hidden message sufficiently to expose the use of steganography, however.) For what values of p will it be worthwhile to insert an uncertain two bits per word rather than a (nearly) certain one bit? Since H(0.11) = 0.5 (approximately), p had better be .89 or higher. If p is .95, then H(p) = .29 (approximately), giving 1.4 bits / word rather than just 1 bit / word. I doubt that we can get better than 1.4 bits per word with this method and still have normal looking English, though, because of Zipf's Law. The normal frequencies of the four words "the", "of", "and", and "to" are high, totalling at least 10%, so the public text has to include many of them, whether we want their particular parity bit patterns or not. We can improve the efficiency by attempting two bits of information only for the long words and attempting only one bit for the short words. Maybe we should attempt to achieve |K/5| bits for words of K characters, where "|x|" means "x rounded down to the next integer". Or maybe we should not try to hide any bits at all in the extremely short words. I don't have enough information about typical English to analyze that. What is the total steganographic efficiency we achieve by exploiting both the grammatical structure and the word choice? My estimates total: ( (1 - 3/N) + 1.4 ) / 40 = 0.06 - 3/(40N) Just to get a number, let's assume that N = 10 words per sentence. That gives us 0.0525, which I'll round down to 0.05. That actually gives us much better than 5%, though, because the hidden message is first compressed and then encrypted. If compression halves the length of the hidden message, we get effectively a 10% efficiency for the Steganographic capacity of English. This estimate will decrease by whatever amount typical English parenthesization departs from uniform over all possibilities but it will increase by improved exploitation of word choice and, especially, by improved compression. Of course, the effectiveness of this camouflage depends on the sophistication of one's model of English text. Perhaps normal English has enough variation that a good, but not perfect, model of English will yield public text that is indistinguishable from normal text, even to the more resourceful eavesdroppers. Kevin Q. Brown INTERNET kqb at whscad1.att.com or kevin_q_brown at att.com AHU - The Design and Analysis of Computer Algorithms, Aho, Hopcroft, and Ullman, Addison-Wesley, 1974. KAHN - The Codebreakers, David Kahn, Macmillan, 1967. WELSH - Codes and Cryptography, Dominic Welsh, Claredon Press, 1988. From mnemonic at eff.org Mon May 24 12:03:29 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 24 May 93 12:03:29 PDT Subject: MacWorld Special Report In-Reply-To: <9305241529.AA15822@disvnm2.shearson.com> Message-ID: <199305241904.AA24485@eff.org> Dave writes: > In the same issue, columnist Stephen Levy is harshly critical of the Digital > Telephony Bill. He goes off on a tangent about cryptography, and, while he > doesn't mention Clipper, he speculates that if the bill is passed, the banning > of strong crypto would very likely be next. I don't think that's a tangent, Dave. Thanks for the pointer. --Mike From hughes at soda.berkeley.edu Mon May 24 12:06:14 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Mon, 24 May 93 12:06:14 PDT Subject: privacy graphics archive In-Reply-To: <9305232232.AA15865@netcom2.netcom.com> Message-ID: <9305241902.AA23897@soda.berkeley.edu> Re: graphic archive A graphical archive for paper publication is a really wonderful idea. I can keep or mirror the electronic archive on soda. One of the projects that has been discussed is getting together a presentation that we can hand out to people who will present it at local meetings. One necessary for any presentation is graphics. Here are some suggestions: 1. What the 'channel' model is. Sender, Receiver, Eavesdropper. 2. How symmetric key crypto works over a channel. [The New York Times had a good graphic of this. My favorite part was that the secret information decrypted to "... and get a quart of milk. No, make that a half gallon." An excellent subtlety to show that privacy is for everybody.] 3. How public key crypto works over a channel. 4. How key escrow works. 5. How key escrow fails to work. Not neglecting the obvious, I would suggest that any drawings such as these, in whatever form they might have been created in, also be made available in postscript. Eric From cp at jido.b30.ingr.com Mon May 24 12:20:01 1993 From: cp at jido.b30.ingr.com (Serrzna Penvt Cerffba) Date: Mon, 24 May 93 12:20:01 PDT Subject: The New Mykotronix phones... In-Reply-To: <9305231707.AA12544@IMSI.COM> Message-ID: <199305241918.AA19188@jido.b30.ingr.com> In <9305231707.AA12544 at IMSI.COM>, Jordan Hayes writes: |> From mbriceno at aol.com Sat May 22 03:56:25 1993 |> |> If everybody would be armend, we would no longer look at the |> government as the sole provider of protectios from violent |> crimes, rape, or muggings. |> |> I'm sure lots of people could give examples of areas where "everyone" |> *is* armed, and while they certainly don't rely on "the government" |> (i.e., local police forces) for protection, most would agree the |> situation is not desirable ... "Most would agree"? What a silly statement. You're in a big virtual room with lots of different people, but a lot of them are "card-carrying" libertarians who most certainly don't agree with that. However, Marc also said, "I am glad that someone is finally mentioning [the parallel between crypto and arms]." which is vacuous in light of the _endless_ discussion on this very point on Usenet (sci.crypt and elsewhere) in the beginnings of the wiretap chip flap. Which leads me to my main point: please take this off-list before it turns into the same flamewar that currently rages on talk.politics.guns and for whatever weird reason, sci.skeptic. ^ / ------/---- cp at jido.b30.ingr.com (Freeman Craig Presson) / / Gun Control: The belief that the government, with its great wisdom and moral superiority, can be trusted with a monopoly on deadly force. -- Clayton E. Cramer From pmetzger at lehman.com Mon May 24 12:22:56 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 24 May 93 12:22:56 PDT Subject: The New Mykotronix phones... In-Reply-To: <9305231707.AA12544@IMSI.COM> Message-ID: <9305241922.AA06652@snark.shearson.com> Jordan Hayes says: > From mbriceno at aol.com Sat May 22 03:56:25 1993 > > If everybody would be armend, we would no longer look at the > government as the sole provider of protectios from violent > crimes, rape, or muggings. > > I'm sure lots of people could give examples of areas where "everyone" > *is* armed, and while they certainly don't rely on "the government" > (i.e., local police forces) for protection, most would agree the > situation is not desirable ... Actually I can give such examples and show that the result id desirable, but are we discussing cryptography or anarchism here? .pm From ghoast at gnu.ai.mit.edu Mon May 24 13:55:50 1993 From: ghoast at gnu.ai.mit.edu (ghoast at gnu.ai.mit.edu) Date: Mon, 24 May 93 13:55:50 PDT Subject: Steganography and Steganalysis In-Reply-To: <9305241859.AA11273@toad.com> Message-ID: <9305242055.AA69775@hal.gnu.ai.mit.edu> What about reverse 'stealthography' where instead of first creating your message, then attempting to create some larger ody of text in which to hide the message, one would first generate the message to be hidden, then take an existing body of text (something large enough, like Shakespear's MacBeth) and then attempt to find some concise algorithm by which the recieving end would extract the message? -Devin ---- ghoast at gnu.ai.mit.edu ---- From uni at acs.bu.edu Mon May 24 15:43:12 1993 From: uni at acs.bu.edu (Shaen Bernhardt) Date: Mon, 24 May 93 15:43:12 PDT Subject: espionage Message-ID: <9305242242.AA15212@acs2.bu.edu> I get: Taking other well-known identities: Silence = Ego + Espionage <= MC^2 + Espionage solving for Espionage,o-Light^2 Espionage >= Silence - MC^2of one's ego cannot exceed one's maximum potential energy (which has great explanatory powers re. the which raises some interesting points: [Portions deleted, no value judgement implied] I meant to suggest that the poster who compromised himself should have put his/her ego aside and overcome the urge to brag. hence espionage + ego = death. I like your analysis however. From newsham at wiliki.eng.hawaii.edu Mon May 24 16:10:16 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Mon, 24 May 93 16:10:16 PDT Subject: matrix - rsa Message-ID: <9305242310.AA18309@toad.com> Hi , I was reading through some books at the library the other day and came across this, has anyone given any thought to implementing this scheme? Matrix Extensions of the RSA Algorithm Chih-Chwen Chuang and James George Dunham CRYPTO '90 , page 140. They suggest a matrix extension of the RSA algorithm which uses much less computation time. They go on to prove that the security of the system is equivalent to RSA and the hash function used: "Under a chosen plaintext attack on the key, the securityof the new algorithm is equivalent to that of the RSA algorithm. Under a known plaintext attack on themessage, the security of the system rests upon that of the one-way function." Sounds like something worth looking into , as computation times are *much* faster than that of normal RSA. From fergp at sytex.com Mon May 24 16:47:12 1993 From: fergp at sytex.com (Paul Ferguson) Date: Mon, 24 May 93 16:47:12 PDT Subject: Correction Message-ID: [HOn Sat, 22 May 1993 14:20:25 -0400 (EDT), Eric S. Raymond wrote - > To join the cypherpunks mailing list, send a request to: > cypherpunks at toad.com Not to be a nit-picker, but shouldn't that be: cypherpunks-request at toad.com Subsequent posts to the list should be to: cypherpunks at toad.com Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From fergp at sytex.com Mon May 24 17:47:38 1993 From: fergp at sytex.com (Paul Ferguson) Date: Mon, 24 May 93 17:47:38 PDT Subject: FOIA INFO 1/2 Message-ID: Phil Karn e-mailed me about posting dotted "i"s and crossed "t" FOIA sample letters. These are perhaps the best that I've seen and work well, however, I would suggest that takers have them notorozied prior to sending them the agengies in question. - -- FOIA FILES KIT - INSTRUCTIONS USING THE FREEDOM OF INFORMATION ACT REVISED EDITION Fund for Open Information and Accountability, Inc. 339 Lafayette Street, New York, NY 10012 (212) 477-3188 INSTRUCTIONS The Freedom of Information Act entitles you to request any record maintained by a federal Executive branch agency. The agency must release the requested material unless it falls into one of nine exempt categories, such as "national security," "privacy," "confidential source" and the like, in which case the agency may but is not compelled to refuse to disclose the records. This kit contains all the material needed to make FOIA requests for records on an individual, an organization or on a particular subject matter or event. HOW TO MAKE A COMPLETE REQUEST Step 1: Select the appropriate sample letter. Fill in the blanks in the body of the letter. Read the directions printed to the right of each letter in conjunction with the following instructions: For organizational files: In the first blank space insert the full and formal name of the organization whose files you are requesting. In the second blank space insert any other names, acronyms or shortened forms by which the organization is or has ever been known or referred to by itself or others. If some of the organization's work is conducted by sub-groups such as clubs, committees, special programs or through coalitions known by other names, these should be listed. For individual files: Insert the person's full name in the first blank space and any variations in spelling, nicknames, stage names, marriage names, titles and the like in the second blank space. Unlike other requests, the signatures of an individual requesting her/his own file must be notarized. For subject matter or event files: In the first blank space state the formal title of the subject matter or event including relevant dates and locations. In the second blank space provide the names of individuals or group sponsors or participants and/or any other information that would assist the agency in locating the material you are requesting. Step 2: The completed sample letter may be removed, photocopies and mailed as is or retyped on your own stationary. Be sure to keep a copy of each letter. Step 3: Addressing the letters: Consult list of agency addresses. FBI: A complete request requires a minimum of two letters. Sen done letter to FBI Headquarters and separate letter to each FBI field office nearest the location of the individual, the organization or the subject matter/event. Consider the location of residences, schools, work and other activities. INS: Send a request letter to each district office nearest the location of the individual, the organization or the subject matter/event. Address each letter to the FOIA/PA office of the appropriate agency. Be sure to make clearly on the envelope: ATTENTION--FOIA REQUEST. FEE WAIVER You will notice that the sample letters include a request for fee waiver. Many agencies automatically waive fees if a request results in the release of only a small number of documents, e.g. 250 pages or less. Under the Act, you are entitled to a waiver of all search and copy fees associated with your request if the release of the information would primarily benefit the general public. However, in January 1983, the Justice Department issued a memo to all federal agencies listing five criteria which requesters must meet before they are deemed entitled to a fee waiver. Under these criteria, a requester must show that the material sought to be released is already the subject of "genuine public interest" and "meaningfully contributes to the public development or understanding of the subject"; and that she/he has the qualifications to understand and evaluate the materials and the ability to interpret and disseminate the information to th public and is not motivated by any "personal interest." Finally, if the requested information is already "in the public domain," such as in the agency's reading room, no fee waiver will be granted. You should always request a waiver of fees if you believe the information you are seeking will benefit the public. If your request for a waiver is denied, you should appeal that denial, citing the ways in which your request meets the standards set out above. MONITORING THE PROGRESS OF YOUR REQUEST Customarily, you will receive a letter from each agency within 10 days stating that your request has been received and is being processed. You may be asked to be patient and told that requests are handled cafeteria style. You have no alternative but to be somewhat patient. but there is no reason to be complacent and simply sit and wait. A good strategy is to telephone the FOIA office in each agency after about a month if nothing of substance has been received. Ask for a progress report. The name of the person you talk with and the gist of the conversation should be recorded. try to take notes during the conversation focusing especially on what is said by the agency official. Write down all the details you can recall after the call is completed. Continue to call every 4 to 6 weeks. Good record keeping helps avoid time-consuming and frustrating confusion. A looseleaf notebook with a section devoted to each request simplifies this task. Intervening correspondence to and from the agency can be inserted between the notes on phone calls so that all relevant material will be at hand for the various tasks: phone consultations, writing the newsletter, correspondence, articles, preparation for media appearances, congressional testimony or litigation, if that course is adopted. HOW TO MAKE SURE YOU GET EVERYTHING YOU ARE ENTITLED TO ... AND WHAT TO DO IF YOU DO NOT After each agency has searched and processed your request, you will receive a letter that announces the outcome, encloses the released documents, if any, and explains where to direct an appeal if any material has been withheld. There are four possible outcomes: 1. Request granted in full: This response indicates that the agency has released all records pertinent to your request, with no exclusions or withholdings. The documents may be enclosed or, if bulky, may be mailed under separate cover. This is a very rare outcome. Next Step: Check documents for completeness (see instructions below). 2. Requested granted in part and denied in part: This response indicates that the agency is releasing some material but has withheld some documents entirely or excised some passages from the documents released. The released documents may be enclosed or, if bulky, mailed under separate cover. Next step: Check documents released for completeness (see instructions below) and make an administrative appeal of denials or incompleteness (see instructions below). 3. Request denied in full: This response indicates that the agency is asserting that all material in its files pertaining to your request falls under one or the nine FOIA exemptions. These are categories of information that the agency may, at its discretion, refuse to release. Next step: Make an administrative appeal (see instructions below). Since FOIA exemptions are not mandatory, even a complete denial of your request can and should be appeals. 4. No records: This response will state that a search of the agency's files indicates that it has no records corresponding to those you requested. Next step: Check your original request to be sure you have not overlooked anything. If you receive documents from other agencies, review them for indications that there is material in the files of the agency claiming it has none. For example, look for correspondence, or references to correspondence, to or from that agency. If you determine that there are reasonable grounds, file an administrative appeal (see instructions below). HOW TO CHECK FOR COMPLETENESS Step 1: Before reading the documents, turn them over and number the back of each page sequentially. The packet may contain documents from the agency's headquarters as well as several field office files. Separate the documents into their respective office packets. Each of these offices will have assigned the investigation a separate file number. Try to find the numbering system. Usually the lower right hand corner of the first page carries a hand-written file and document number. For instance, an FBI document might be marked "100-7142-22". This would indicate that it is the 22nd document in the 7142nd file in the 100 classification. As you inspect the documents, make a list of these file numbers and which office they represent. In this way you will be able to determine which office created and which office received the document you have in your hand. Often there is a block stamp affixed with the name of the office from whose files this copy was retrieved. the "To/From" heading on a document may also give you corresponding file numbers and will help you puzzle out the origin of the document. When you have finally identified each document's file and serial number and separated the documents into their proper office batches, make a list of all the serial numbers in each batch to see if there any any missing numbers. If there are missing serial numbers and some documents have been withheld, try to determine if the missing numbers might reasonably correspond to the withheld documents. If not, the release may be incomplete and an administrative appeal should be made. Step 2: Read all the document released to you. Keep a list of all document referred to the text--letters, memos, teletypes, reports, etc. Each of these "referred to" documents should turn up in the packet released to you. If any are not in the packet, it is possible they may be among those document withheld; a direct inquiry should be made. In an administrative appeal, ask that each of these "referred to" documents be produced or that the agency state plainly that they are among those withheld. Of course, the totals of unproduced vs. withheld must be within reasons; that is, if the total number of unproduced documents you find referred to the text of the documents produced exceeds the total number of documents withheld, the agency cannot claim that all the referred to documents are accounted for by the withheld category. You will soon get the hand of making logical conclusions from discrepancies in the totals and missing document numbers. Another thing to look for when reading the released documents if the names of persons or agencies to whom the document has been disseminated. the lower left-hand corner is a common location for the typed list of agencies or offices to whom the document has been directed. In addition, there may be additional distribution recorded by hand, there or elsewhere on the cover page. There are published glossaries for some agencies that will help in deciphering these notations when they are not clear. Contact FOIA, Inc., if you need assistance in deciphering the text. Finally, any other file numbers that appear on the document should be noted, particularly in the subject of the file is of interest and is one you have not requested. You may want to make an additional request for some of these files. HOW TO MAKE AN ADMINISTRATIVE APPEAL Under the FOIA, a dissatisfied requester has the right of administrative appeal. the name and address of the proper appeal office will be given to you by each agency in its final response letter. This kit contains a sample appeal letter with suggesting for adapting it to various circumstances. However, you need not make such an elaborate appeal; in fact, you need not offer any reasons at all but rather simply write a letter to the appeals unit stating that "this letter constitutes an appeal of the agency's decision." Of course, if you have identified some real discrepancies, you will want to set them for fully, but even if you have not found any, you may simply ask that the release be reviewed. If you are still dissatisfied after the administrative appeal process, the FOIA gives you the right to bring a lawsuit in federal district court on an expedited basis. SAMPLE FBI REQUEST LETTER Date: To: FOIA/PA Unit Federal Bureau of Investigation This is a request under the Freedom of Information Act. I request a complete and thorough search of all filing systems and locations for all records maintained by your agency pertaining to and/or captioned: ______ _____________________________________________________ [describe records desired and/or insert full and _____________________________________________________ formal name] _____________________________________________________ _____________________________________________________ including, without limitations, files and documents captioned, or whose captions include _____________________________________________________ [insert changes in name, commonly used names, _____________________________________________________ acronyms, sub-groups, and the like] _____________________________________________________ _____________________________________________________ This request specifically includes "main" files and "see references," including, but not limited to numbered and lettered sub files, "DO NOT FILE" files, and control files. I also request a search of the ELSUR Index,a nd the COINTELPRO Index. I request that all records be produced with the administrative pages. I wish to be sent copies of "see reference" cards, abstracts, search slips, including search slips used to process this request, file covers, multiple copies of the same documents if they appear in a file, and tapes of any electronic surveillances. I wish to make it clear that I want all records in you office "identifiable with my request," even though reports on those records have been sent to Headquarters and even though there may be duplication between the two sets of files. [ continued next message ] Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From fergp at sytex.com Mon May 24 17:48:03 1993 From: fergp at sytex.com (Paul Ferguson) Date: Mon, 24 May 93 17:48:03 PDT Subject: FOIA INFO 2/2 Message-ID: <5gw34B2w165w@sytex.com> [ continued from previous message ] I do not want just "interim" documents. I want all documents as they appear in the "main" files and "see references" of all units of your agency. If documents are denied in whole or in part, please specify which exemption(s) is(are) claimed for each passage or whole document denied. Please provide a complete itemized inventory and a detailed factual justification of total or partial denial of documents. Give the number of pages in each document and the total number of pages pertaining to this request. For "classified" material denied please include the following information: the classification (confidential, secret or top secret); identity of the classifier; date or event for automatic de-classification, classification review, or down-grading; if applicable, identity of official authorizing extension of automatic de-classification or review; and if applicable, the reason for extended classification. I request that excised material be "blacked out" rather than "whited out" or cut out and that the remaining non-exempt portions of documents will be released as provided under the Freedom of Information Act. Please send a memo (copy to me) to the appropriate units in your office to assure that no records related to this request are destroyed. Please advise of any destruction of records and include the date of and authority for such destruction. As I expect to appeal any denials, please specify the office and address to which an appeal should be directed. I believe my request qualifies for a waiver of fees since the release of the requested information would primarily benefit the general public and be "in the public interest." I can be reached at the phone listed below. Please call rather than write if there are any questions or if you need additional information from me. I expect a response to this request within ten (10) working days, as provided for in the Freedom of Information Act. Sincerely, name: _______________________________________________ address: ____________________________________________ ____________________________________________ telephone: __________________________________________ signature: __________________________________________ SAMPLE AGENCY REQUEST LETTER DATE: TO: FOIA/PA Unit This is a request under the Freedom of Information Act. I request a complete and thorough search of all filing systems and locations for all records maintained by your agency pertaining to and/or captioned ______________________________________________________ [describe records desired and/or insert full and ______________________________________________________ formal name] ______________________________________________________ ______________________________________________________ including, without limitation, files and documents captioned, or whose captions include: ______________________________________________________ [insert changes in name, commonly used names, ______________________________________________________ acronyms, sub-groups and the like] ______________________________________________________ ______________________________________________________ I also request all "see references" to these names, a search of the ELSUR Index or any similar technique for locating records of electronic surveillance. This request is also a request for any corresponding files in INS Headquarters or regional offices. Please place any "missing" files pertaining to this request on "special locate" and advise that you have done this. If documents are denied in part or whole, please specify which exemption(s) is(are) claimed for each passage or whole document denied. Please provide a complete itemized inventory and detailed factual justification of total or partial denial of documents. Specify the number of pates in each document and th total number of pages pertaining to this request. For classified material denied, please include the following information: the classification rating (confidential, secret, or top secret); identify the classifier; date or event for automatic de-classification, classification review or downgrading; if applicable, identify the official authorizing extension of automatic de-classification or review; and, if applicable, give the reason for extended classification. I request that excised material be "blacked out" rather than "whited out" or cut out. I expect, as provided by the Freedom of Information Act, that the remaining non-exempt portions of documents will be released. Please send a memo (copy to me) to the appropriate units in your office or agency to assure that no records related to this request are destroyed. Please advise of any destruction of records and include the date of and authority for such destruction. As I expect to appeal any denials, please specify the office and address to which an appeal should be directed. I believe my request qualifies for a waiver of fees since the release of the requested information would primarily benefit the general public and be "in the public interest." I can be reached at the phone listed below. Please call rather than write if there are any questions or if you need additional information from me. I expect a response to this request within ten (10) working days, as provided for in the Freedom of Information Act. Sincerely, name: _______________________________________________ address: ____________________________________________ ____________________________________________ telephone: (___)_______________________________________ signature: __________________________________________ SAMPLE ADMINISTRATIVE APPEAL LETTER Date: To: FOIA/PA Appeals Office RE: Request number [Add this if the agency has given your request a number] This is an appeal pursuant to subsection (a)(6) of the Freedom of Information Act as amended (5U.S.C. 552). On [date], I received a letter from [name of official] of your agency denying my request for [describe briefly the information you are after]. This reply indicated that an appeal letter could be sent to you. I am enclosing a copy of my exchange of correspondence with your agency so that you can see exactly what files I have requested and the insubstantial grounds on which my request has been denied. [Optional paragraph, to be used if the agency has withheld all or nearly all the material which has been requested]: You will note that your agency has withheld the entire (or nearly the entire) document (or file, or report, or whatever) that I requested. Since the FOIA provides that "any reasonably secregable portion of a record shall be provided to any person requesting such record after deletion of the portions which are exempt," I believe that your agency has not complied with the FOIA. I believe that there must be (additional) secregable portions which do not fall within FOIA exemptions and which must be released. [Optional paragraph, to be used in the agency has used the (b)(1) exemption for national security, to withhold information] Your agency has used the (b)(1) exemption to withhold information [I question whether files relating to events that took place over twenty years ago could realistically harm the national security.] [Because I am familiar with my own activities during the period in question, and know that none of these activities in any way posed a significant threat to the national security, I question the designation of my files or portions of my file as classified and exempt from disclosure because of national security considerations.] [Sample optional argument to be used if the exemption which is claimed does not seem to make sense; you should cite as many specific instances as you care to of items withheld from the documents that you have received. We provide two examples which you might want to adapt to your own case.] "On the memo dated _____________ the second paragraph withheld under the (b)(1) exemption appears to be describing a conversation at an open meeting. If this is the case, it is impossible that the substance of this conversation could be properly classified." Or, "The memo dated _____ refers to a meeting which I attended, but a substantial portion is deleted because of the (b)(6) and (b)(7)(c) exemptions for unwarranted invasions of personal privacy. Since I already know who attended this meeting, no privacy interest is served by the withholding." I trust that upon examination of my request, you will conclude that the records I requested are not properly covered by exemption(s) [here repeat the exemptions which the agency's denial letter claimed applied to your request] of the amended FOIA, and that you will overrule the decision to withhold the information. [Use if an itemized inventory is not supplied originally] If you choose instead to continue to withhold some or all of the material which was denied in my initial request to your agency, I ask that you give me an index of such material, together with the justification for the denial of each item which is still withheld. As provided in the Act, I will expect to receive a reply to this administrative appeal letter within twenty working days. If you deny this appeal and do not adequately explain why the material withheld is properly exempt, I intend to initial a lawsuit to compel its disclosure. [You can say that you intend to sue, if that is your present inclination; you may still decide ultimately not to file suit.] Sincerely yours, name: ____________________________________________ address: ____________________________________________ ____________________________________________ signature: ___________________________________________ [Mark clearly on envelope: Attention: Freedom of Information Appeals] FBI ADDRESSES AND PHONE NUMBERS FBI Headquarters, J. Edgar Hoover Bldg, Washington, D.C., 20535, 202-324-5520 (FOI/PA Unit) Field Offices Albany, NY 12207, U.S. Post Office and Courthouse, 518-465-7551 Albuquerque, NM 87101, Federal Office Bldg., 505-247-1555 Alexandria, VA 22314, 300 N. Lee St., 703-683-2681 Anchorage, AK 99510, Federal bldg., 907-272-6414 Atlanta, GA 30303, 275 Peachtree St. NE, 404-521-3900 Baltimore, MD 21207, 7142 Ambassador Rd., 301-265-8080 Birmingham, AL 35203, Room 1400, 2121 Bldg. 205-252-7705 Boston, MA 02203, J.F. Kennedy Federal Office Bldg., 617-742-5533 Buffalo, NY 14202, 111 W. Huron St., 716-856-7800 Butte, MT 59701, U.S. Courthouse and Federal Bldg., 406-792-2304 Charlotte, NC 28202, Jefferson Standard Life Bldg., 704-372-5485 Chicago, IL 60604, Everett McKinley Dirksen Bldg., 312-431-1333 Cincinnati, OH 45202, 400 U.S. Post Office & Crthse Bldg., 513-421-4310 Cleveland, OH 44199, Federal Office Bldg., 216-522-1401 Columbia, SC 29201, 1529 Hampton St., 803-254-3011 Dallas TX 75201, 1810 Commerce St., 214-741-1851 Denver, CO 80202, Federal Office Bldg., 303-629-7171 Detroit, MI 48226, 477 Michigan Ave., 313-965-2323 El Paso, TX 79901, 202 U.S. Courthouse Bldg., 915-533-7451 Honolulu, HI 96850, 300 Ala Moana Blvd., 808-521-1411 Houston, TX 77002, 6015 Fed. Bldg and U.S.Courthouse, 713-224-1511 Indianapolis, IN 46202, 575 N. Pennsylvania St., 317-639-3301 Jackson, MS 39205, Unifirst Federal and Loan Bldg., 601-948-5000 Jacksonville, FL 32211, 7820 Arlington Expressway, 904-721-1211 Kansas City, MO 64106, 300 U.S. Courthouse Bldg., 816-221-6100 Knoxville, TN 37919, 1111 Northshore Dr., 615-588-8571 Las Vegas, NV 89101, Federal Office Bldg., 702-385-1281 Little Rock, AR 72201, 215 U.S Post Office Bldg., 501-372-7211 Los Angeles, CA 90024, 11000 Wilshire Blvd, 213-272-6161 Louisville, KY 40202, Federal Bldg., 502-583-3941 Memphis, TN 38103, Clifford Davis Federal bldg., 901-525-7373 Miami, FL 33137, 3801 Biscayne Blvd., 305-573-3333 Milwaukee, WI 53202, Federal Bldg and U.S. Courthouse, 414-276-4681 Minneapolis, MN 55401, 392 Federal Bldg., 612-339-7846 Mobile, AL 36602, Federal Bldg., 205-438-3675 Newark, NJ 07101, Gateway I, Market St., 201-622-5613 New Haven, CT 06510, 170 Orange St., 203-777-6311 New Orleans, LA 70113, 701 Loyola Ave., 504-522-4671 New York, NY 10007, 26 Federal Plaza, 212-553-2700 Norfolk, VA, 23502, 870 N. Military Hwy., 804-461-2121 Oklahoma City, OK 73118, 50 Penn Pl. NW, 405-842-7471 Omaha, NB 68102, 215 N. 17th St., 402-348-1210 Philadelphia, PA 19106, Federal Office Bldg., 215-629-0800 Phoenix, AZ 85004, 2721 N. central Ave., 602-279-5511 Pittsburgh, PA 15222, Federal Office Bldg., 412-471-2000 Portland, OR 97201, Crown Plaza Bldg., 503-224-4181 Richmond, VA 23220, 200 W. Grace St., 804-644-2531 Sacramento, CA 95825, Federal Bldg., 916-481-9110 St. Louis, MO 63103, 2704 Federal Bldg., 314-241-5357 Salt Lake City, UT 84138, Federal Bldg., 801-355-7521 San Diego, CA 92188, Federal Office Bldg., 619-231-1122 San Francisco, CA 94102, 450 Golden Gate Ave., 415-552-2155 San Juan, PR 00918 U.S. Courthouse and Fed. Bldg., 809-754-6000 Savannah, GA 31405, 5401 Paulson St., 912-354-9911 Seattle, WA 98174, 915 2nd Ave., 206-622-0460 Springfield, IL 62702, 535 W. Jefferson St., 217-522-9675 Tampa, FL 33602, Federal Office Bldg., 813-228-7661 Washington, DC 20535, 9th and Pennsylvania Ave. NW, 202-324-3000 FEDERAL AGENCIES (SELECTED ADDRESSES) Central Intelligence Agency Information and Privacy Coordinator Central Intelligence Agency Washington, D.C. 20505 202-351-5659 Civil Service Commission Appropriate Bureau (Bureau of Personnel Investigation, Bureau of Personnel Information Systems, etc.) Civil Service Commission 1900 E Street, N.W. Washington, D.C. 20415 202-632-4431 Commission on Civil Rights General Counsel, U.S. Commission on Civil Rights 1121 Vermont Ave., N.W. Room 600 Washington, D.C. 20415 202-254-6610 Consumer Product Safety Commission Office of the Secretary Consumer Product Safety Commission 1111 18th St., N.W. Washington, D.C. 20207 202-624-7700 Department of Defense/Dept. of Air Force Freedom of Information Manager Headquarters, USAF/DADF Washington, D.C. 20330-5025 202-697-3467 I'd suggest calling first to insure the correctness of the addresses. Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From greg at ideath.goldenbear.com Mon May 24 17:50:11 1993 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Mon, 24 May 93 17:50:11 PDT Subject: Oregon, guns, etc. Message-ID: Brad Cox (bcox at gmu.edu) writes: > >I'm sure lots of people could give examples of areas where "everyone" > >*is* armed, and while they certainly don't rely on "the government" > >(i.e., local police forces) for protection, most would agree the > >situation is not desirable ... > > Yep. Switzerland for sure (every draft age citizen keeps an assault rifle > and ammo). Similarly for most US rural states; Oregon, South Carolina, > Texas and Arizona come to mind. So do shooting ranges and guns shows most > anywhere. This is absolutely untrue of Oregon - at least in the Willamette Valley. I see fewer guns (and gun-racks in pickup trucks) here than I did when I lived in Southern California. It is difficult for me to express how uninterested I am in the prospect of debating gun control here in cypherpunks. I will compromise with "very, very, uninterested." -- Greg Broiles greg at goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From steven at well.sf.ca.us Mon May 24 20:17:51 1993 From: steven at well.sf.ca.us (Steven Levy) Date: Mon, 24 May 93 20:17:51 PDT Subject: macworld Message-ID: <199305250317.AA15360@well.sf.ca.us> two short comments about the macworld privacy issue we have a long lead time and the column about digital telephone (oops, telephony) was in before the clipper stuff broke and eric, while correct about Mitch Ratcliffe being a fine reporter who is totally on top of privacy stuff, has the publication wrong - Mitch is with MacWeek, not Macworld. Easy to confuse. Steven From jslee at well.sf.ca.us Mon May 24 21:40:53 1993 From: jslee at well.sf.ca.us (John S. Lee) Date: Mon, 24 May 93 21:40:53 PDT Subject: UUDecode Message-ID: <199305250439.AA04920@well.sf.ca.us> Where can I get the source code for UUEncode/UUdecode for the Mac or UNIX. Either would be great! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +"The community can rest assured that their interests are very much my own,+ + and that anything I can do to maintain the security of the citizens, will+ + be my primary objective. Be seeing you. b-|" - Number Six->The Prisoner+ + + + from the village of jslee at well.sf.ca.us - a still tongue spills no beans + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From root at extropia.wimsey.com Mon May 24 23:50:26 1993 From: root at extropia.wimsey.com (Operator) Date: Mon, 24 May 93 23:50:26 PDT Subject: No Subject Message-ID: <199305250633.AA06800@xtropia> [ The purpose of this post is to propose an extension of PGP which would result in more widespread use of encryption by the public; and to provoke discussion about the pros/cons of said proposal ] PGP users (mostly, technically adroit e-mail types) are but a subset of computer users in general; who in turn are but a subset of persons engaging in electronic communication of all kinds (including the common telephone); all of whom can be legitimately concerned with privacy issues. If the powers that be are concerned about not being able to listen in on PGP users, at least they can take solace in the fact that PGP users constitute only a tiny fraction of the populace, and hence, in the "big picture", add up to little more than a slight irritation. I am proposing that PGP be expanded beyond its present cadre and into the 2nd group named above - the army of regular users of pc's equipped with data modems. The proposal specifically is to extend PGP beyond file encryption to generalized stream handling. Such streams can be consoles & keyboards, real-time file transfers, and digitized voice; indeed, anything that will pass over a modem or other serial transfer medium. In this scenario, a user wishing a secure interchange would simply place a voice call to another party and, upon establishing voice contact, request a transition to a modem connection. Upon invoking the new program, the user's modem would go online; it would read the party's key from the existing PGP pubkey ring, and use it to perform a DH exchange, establishing a secure session. The program would then use a packet protocol to exchange keyboard/console traffic and/or files. In one scenario, all key management would continue to be performed with the current PGP program; the pubkey ring would be 'read-only' from the standpoint of the new app. Alternatively, key management could be blended into the new app to form a true standalone application. The appeal behind this approach is that it moves the operational paradigm very close to the present one- namely "pick up the phone and dial". No logins, shells, Elm, Compuserve/Prodigy/FidoNet, etc. The user interface could be simple enough for even the most novice user to operate. Real-time voice encryption would obviously be desirable in lieu of a keyboard interface. Unfortunately, such a capability is not yet within the reach of the average pc. Within a few years it will pro- bably be a "done deal", given the movement afoot to put DSP chips in all new pc's (e.g. video compression, multimedia support, etc). For now it must suffice to build a solid technical foundation which can accommodate voice operation when the requisite hardware becomes available. And until that time, many more users will have access to convenient and handy encryption technology. [ An aside, WRT voice coding: I believe the first major opportunity to produce a cheap realtime digital voice channel will be the emergence of chips/chip sets targeted towards the growing market for digital (tapeless) telephone answering machines. This market is large, and very cost sensitive (the perfect combo for opportunistic techno-vultures); this should produce cost effective voice coding solutions within a short period of time (12 months?), given current technology levels. ] Many readers already know that the pieces required to build this new program are already in place- and could be drawn together without much fuss. Indeed, a few fledgling attempts have already been made. From the PGP sources, the necessary functions would be extracted- to perform key lookup, MP arithmetic, DH key exchange, IDEA encryption of comm packets, etc. The resulting library would be linked to the new comm application. Each subsequent revision of PGP would retain a make target that would build the interface library. The net result of building this application would be to make serious levels of security available to more people than ever before - with an ease of use also heretofore unknown. As a result I believe the PGP user base could easily expand by at least an order of magnitude. Does anyone have a better idea? [END] From mdiehl at triton.unm.edu Tue May 25 00:04:28 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Tue, 25 May 93 00:04:28 PDT Subject: my menu sys. Message-ID: <9305250704.AA02467@triton.unm.edu> After I posted my menu batch file for pgp, I realized that I hadn't put my name on it, which I felt I should do. So, here it is, with with my copyleft message attatched. I hope someone enjoys it. rem This is the PGP menu system by Mike Diehl version 0.0. This program rem requires 4dos command.com replacement to run. It may run under norton's rem N-dos. Since I wrote this program for my own use, and in an effort to help rem with the cypherpunk cause, I am releasing this program into the public rem domain. I ask that this message not be removed, and that you do not rem distribute modified copies of this program. Further, I hope that, if you rem think this program makes pgp easier to use, you will send me an (encrypted) rem email message telling me so. It helps my ego to think someone likes my rem program besides me. ;^) I have enclosed my pgp 2.2 public key at the end rem of this file. Take care, and enjoy. Mike Diehl. rem @echo off setlocal break on :main cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black MAIN MENU scrput 5 32 red on black Encrypt a file. scrput 7 32 red on black Decrypt a file. scrput 09 32 red on black siGn a file. scrput 11 32 red on black Wipe file. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to encrypt a file, you would press the E key. inkey /K"EeDdGgWwNnQq" %%in goto menu1-%in :menu1-q screen 17 26 pause cls endlocal quit :menu1-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black encrypted. Then you will be asked for the names of scrput 20 5 white on black the people who should be able to read the file. scrput 21 5 white on black Enter them all on the line separated by a space. scrput 7 5 red on black Enter the name of the file to encrypt. screen 7 52 input %%file if exist %file goto menu1-e-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto menu1-e :menu1-e-good drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name(s) of the recipients. screen 11 52 input %%in cls rem I never claimed that this would be elegent.... drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black scrput 18 5 white on black Here you are asked if you want to mark this message "For Your Eyes Only," scrput 19 5 white on black and if you want to sign the message. If you reply 'y' to the first scrput 20 5 white on black question, the recipient will only be ablt to display the message. He scrput 21 5 white on black won't be to save it. If you reply 'y' to the second question, the scrput 22 5 white on black recipient will know for certain that the message is from you. drawbox 6 3 8 74 2 red on black scrput 7 5 red on black Would you like to mark this "For Your Eyes Only?" inkey /K"ynN" %%f drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Would you like to sign this message? inkey /K"ynN" %%s if "%f" == "y" goto f if "%s" == "y" goto s cls pgp -pe %file %in goto encrypted :f if "%s" == "y" goto sf cls pgp -mep %file %in goto encrypted :sf cls pgp -mesp %file %in goto encrypted :s cls pgp -pes %file %in :encrypted echo %@name[%file].asc is the name of the encrypted file. pause goto main :menu1-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black read. Then you will be asked if you want to save the scrput 20 5 white on black plaintext file. If you do, you will be asked for a scrput 21 5 white on black new filename. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu1-d-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-d-good cls pgp -m %file goto main :menu1-g cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black signed. If you sign a message, it can be proved that scrput 20 5 white on black it came from you. There is no "Plausible Deniability." scrput 7 5 red on black Enter the name of the file to signed. screen 7 52 input %%file if exist %file goto menu1-g-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-g-good cls pgp -s %file echo %@name[%file].asc is the name of the signed file. pause goto main :menu1-w cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file to be scrput 19 5 white on black wiped. Remember, after a file is wiped... scrput 20 5 blink white on black There is no way to retrieve the file! scrput 7 5 red on black Enter the name of the file to wiped. screen 7 52 input %%file if exist %file goto menu1-w-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu1-w-good cls pgp -w %file goto main :menu1-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black SECOND MENU scrput 5 32 red on black Add a key. scrput 7 32 red on black Extract a key. scrput 09 32 red on black View a key. scrput 11 32 red on black Fingerprint. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to add a key to your ring, you would press the A key. inkey /K"AaEeVvFfNnQq" %%in goto menu2-%in :menu2-q goto menu1-q :menu2-a cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of a file that scrput 19 5 white on black contains the keys to be added to your public key ring. scrput 7 5 red on black Enter the name of the file to read. screen 7 52 input %%file if exist %file goto menu2-a-good scrput 15 10 red on black That file is not in the current directory! screen 16 10 pause goto main :menu2-a-good cls pgp -ka %file pause goto main :menu2-e cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the key ID to be extracted. scrput 19 5 white on black Then you will be asked for the names of the file to scrput 20 5 white on black put the key in. scrput 7 5 red on black Enter the key ID to extract. screen 7 52 input %%in drawbox 10 3 12 74 2 red on black scrput 11 5 red on black Enter the name of the file that is to hold the key. screen 11 59 input %%file if not exist %file goto menu2-e-good scrput 10 10 red on black That file already exists in the current directory! screen 16 10 pause goto main :menu2-e-good cls pgp -kx %in %file echo %@name[%file].asc contains the key for %in. pause goto main :menu2-v cls pgp -kv pause goto main :menu2-f cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the person who's key fingerprint you scrput 19 5 white on black want to examine. scrput 7 5 red on black Enter the name of the person. screen 7 52 input %%in cls pgp -kvc %in echo Remember to write this information down! pause goto main :menu2-n cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 4 29 16 49 2 red on black scrput 1 27 blue on black Mike's PGP shell ver. 0.0. scrput 3 35 blue on black THIRD MENU scrput 5 32 red on black Generate a key. scrput 7 32 red on black Remove a key. scrput 09 32 red on black Disable a key. scrput 13 32 red on black Next menu. scrput 15 32 red on black Quit. scrput 18 5 white on black Select an option by typing the corisponding capitalized letter. scrput 19 5 white on black For example, to generate a new key, you would press the G key. inkey /K"GgRrDdNnQq" %%in goto menu3-%in :menu3-g cls pgp -kg pause goto main :menu3-r cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black removed. scrput 7 5 red on black Enter the name of the key to remove. screen 7 52 input %%in cls pgp -kr %in pause goto main :menu3-q goto menu1-q :menu3-d cls drawbox 0 0 23 78 2 red on black drawhline 17 0 79 1 red on black drawbox 6 3 8 74 2 red on black scrput 18 5 white on black Here you will be asked for the name of the key to be scrput 19 5 white on black either disabled or re-enabled. scrput 7 5 red on black Enter the name of the key. screen 7 52 input %%in cls pgp -kd %in pause goto main :menu3-n goto main I may be reached by any of these addresses. mdiehl at triton.unm.edu, al945 at cwns9.ins.cwru.edu Or, in care of Rory McManus at r.mcmanus4 at genie.geis.com -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQA9Aiu/jVAAAAEBgM2F5mSlCA+KRd6TXIrqmPfiiAEytwSttZs7Yua939GMu2mP JL+5Qpi/ZKqF2nAJAwAFEbQsSi4gTWljaGFlbCBEaWVobCwgMSwgPG1kaWVobEB0 cml0b24udW5tLmVkdT4= =lyvx -----END PGP PUBLIC KEY BLOCK----- From 74076.1041 at CompuServe.COM Tue May 25 01:02:18 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Tue, 25 May 93 01:02:18 PDT Subject: Digital cash issues... Message-ID: <930525075401_74076.1041_FHD58-1@CompuServe.COM> Reading the article in the Whole Earth Review reminded me of our discussions several months ago about digital cash. I would be interested in seeing an implementation of digital cash suitable for email or Internet use. Chaum is working on "off-line" cash systems, where you don't have to check with the bank for every transaction. But I think there are problems with this in the network environment. The big issue in digital cash is double-spending. Someone could send the same piece of cash to more than one seller. (We say "double-spending" but really it could be triple- or worse.) Each seller can check that the cash was properly signed by the bank and not a forgery, but if they honor the cash only one of them can be reimbursed by the bank. On-line systems require the sellers to check with the bank to make sure a particular piece of cash has not been spent before. As long as the bank handles such queries sequentially, and adds each piece of cash to a database of "spent cash" as it sends an "OK" response back to a seller, then each piece of cash can only be spent once. Double-spending is prevented. Off-line systems are more complicated. They are designed so that the anonymity of the spender is lost if the cash is double-spent. This is achieved by having an exchange of messages between seller and spender, in which the seller specifies some random information and the spender responds based on the seller's message. Chaum's fancy mathematics guarantees that the spender's anonymity is protected if he only uses each piece of cash once. But if he uses it twice, the random information will be different for each transaction, and this will cause him to reveal more information about himself, enough information that the bank can deduce his identity. This process is problematical in the Internet environment, though. The need for a protocol between spender and seller might be tolerable for systems with direct TCP connections, but the universe of potential users of cash is much larger than this. I think it will be necessary for cash to work just via email. And in that case the requirement for three messages (spender to seller, seller to spender, spender to seller) for every transaction will be very cumbersome. Also, if double-spending is discovered it's not clear what you do about it. Ideally, if the customer has a large enough bank balance to cover the extra spending the bank can just dip into the account (once the customer's anonymity is broken by Chaum's algorithms) and pay off the sellers. But if this is not the case then it isn't clear who would take the loss or what legal redress the bank would have against the customer. All this seems to require some legal infrastructure which would delay the acceptance of digital cash. In an on-line system, transactions are somewhat easier. Customers send cash to sellers, sellers check the cash with the bank, and proceed with the sale. There are still three messages, but two of them are with the bank, so it is simpler because these always go to the same place. Spenders have it especially easy as they just send off their cash. So, I would think an on-line system would be more appropriate for the net environment as it exists today. Another big issue is the legality of cash. How legitimate does an initial implementation of digital cash need to be? PGP's acceptance has been hampered by its infringement of patents. Digital cash would have a worse time of it, probably; it infringes on RSA (for the bank signatures) as well as Chaum's patents. In the Whole Earth article Chaum indicated that he had the whole field pretty well locked up with patents. With PGP we can at least make a moral argument that non-commercial, personal use should be OK, but it's not clear that the concept "non-commercial" can really apply to digital money. Even if it could, RSAREF does not provide at all the functionality that is needed since it is the direct mathematics of RSA that provides the basis for blind signatures. So one would need to get permission to call the "pure RSA" entry points in RSAREF. Then some kind of agreement would be needed with Chaum. This is quite a daunting list. Whether you satisfy the patent lawyers or just decide to go with an under- ground approach, you then have the issue of backing the cash and the tax consequences. When I looked into this several months ago it looked to me like a digital cash system would be much like the "barter exchanges" which have been tried from time to time, and which have stringent tax reporting requirements, with associated serious penalties. England is apparently less strict about this than the U.S., with several cases of barter exchanges having been publicized recently. Perhaps that would be a better forum for launching a cash system. As for backing, I believe that the best way to give digital cash value is to make it possible to exchange it for regular cash. If you know that you can take received digital cash, email it to the bank, and receive a check in the mail a few days later for that amount, you will be likely to accept it. I have a Disney Dollar on my desk for which it is possible to take it to a Disney store and exchange it for a regular dollar. If the same thing can be done for digital cash then I think it will be accepted. All told, there are a lot of obstacles standing in the way of digital cash. The technology is complicated, patent issues arise at every turn, and the complexity of the tax and banking laws will have to be faced. It's not clear how soon we can expect to be able to tackle these problems. Hal From gg at well.sf.ca.us Tue May 25 02:06:14 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Tue, 25 May 93 02:06:14 PDT Subject: Caller ID Question Message-ID: <199305250905.AA25844@well.sf.ca.us> Caller ID in California: the question you need to ask is regarding ANI, Automatic Number Identification. That is available on 800-numbers and can be delivered in realtime if you have enough traffic to justify a T1. And of course you can get it from any carrier you wish. ANI is *not* Caller ID, they work differently, use different signalling systems. -gg From honey at citi.umich.edu Tue May 25 05:45:17 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 25 May 93 05:45:17 PDT Subject: UUDecode In-Reply-To: <199305250439.AA04920@well.sf.ca.us> Message-ID: <9305251245.AA11776@toad.com> bsdj has uuencode and uudecode. i can mail you a copy. peter From yerazunis at aidev.enet.dec.com Tue May 25 06:18:18 1993 From: yerazunis at aidev.enet.dec.com (Do you know what's in the trunk? 25-May-1993 0917) Date: Tue, 25 May 93 06:18:18 PDT Subject: pi compression Message-ID: <9305251318.AA14593@enet-gw.pa.dec.com> > >>Since all possible finite bit strings are, by definition, contained >>in the unending cavalcade of bits in pi, > >Definition? I have seen not this asserted even by theorem. Not >surprising, since the statement is patently false. There are >2^{\aleph_0} finite bit strings, and only \aleph_0 of those are >subsequences of pi. Um, it doesn't follow to me that it's _obvious_ that 2^Aleph_0 is larger than Aleph_0. It might be- but I'd like to see the proof. Now, Aleph_0 ^ Aleph_0, on the other hand... -Bill (wondering why this thread of recursively nonenumerable transfinite ordinal stuff keeps cropping up in *all* his mailing lists) From gnu Tue May 25 08:46:32 1993 From: gnu (John Gilmore) Date: Tue, 25 May 93 08:46:32 PDT Subject: Steganography and Steganalysis In-Reply-To: <9305241859.AA11273@toad.com> Message-ID: <9305251546.AA17642@toad.com> Someone is probably doing steganography in netnews and/or mailing lists right now! (Besides cypherpunks, I mean.) How would we find them? Someone with a news feed and some CPU time and hacking time on their hands could come up with some analysis tools that scan news or email articles, looking for unusual patterns. You can debug them on something with a small flow, then gradually speed and smarten them up to be able to run across the whole netnews flow (at multiple sites). If nothing else, such a package would provide a way to winnow signal from noise on Usenet, by tweaking the parameters until they kicked out a reasonable number of messages per day. E.g. "give me the ten messages from rec.books that use the most varied vocabulary", or "locate C source code with lots of comments for my friend who's learning C". And, if some of us work on ways to hide information in the flow, and others work on ways to locate and extract it, the two efforts will complement each other. Think of it as "quality assurance" or "testing" for the information-hiding effort. We certainly won't be the only people looking! So let's see what NSA, KGB, etc are finding... Bill Tuthill's "hum" (humanities department support) package from comp.sources may give you some ideas. It's not 100% useful for this, but it's there: A new package of programs for literary and linguistic computing is available, emphasizing the preparation of concordances and supporting documents. Both keyword in context and keyword and line generators are provided, as well as exclusion routines, a reverse concordance module, formatting programs, a dictionary maker, and lemmatization facilities. There are also word, character, and digraph frequency counting programs, word length tabulation routines, a cross reference generator, and other related utilities. The programs are written in the C programming language, and implemented on several Version 7 Unix systems at Berkeley. hum/Part01: v10i27: Bull Tuthill's "hum" text concordance package, Part01/03 hum/Part02: v10i28: Bull Tuthill's "hum" text concordance package, Part02/03 hum/Part03: v10i29: Bull Tuthill's "hum" text concordance package, Part03/03 hum.pch: v11i065: Hum concordance package update kit in ftp.uu.net:/usenet/comp.sources.unix/volume10 and volume11. John Gilmore gnu at toad.com -- gnu at cygnus.com -- gnu at eff.org Creating freedom, rather than longer chains, bigger cages, better meals, . . . From marc at GZA.COM Tue May 25 09:13:33 1993 From: marc at GZA.COM (Marc Horowitz) Date: Tue, 25 May 93 09:13:33 PDT Subject: Noise on the list Message-ID: <9305251613.AA04301@dun-dun-noodles.aktis.com> Would it be incorrect to say that people flailing randomly on the list trying to invent the next great encryption scheme is both a waste of bandwidth, and inappropriate to the list? I guess what I'm trying to say is that I see cypherpunks as a gathering of people trying to encourage privacy via technology. As such, technical discussions of how to implement a remailer would be appropriate, but it seems that garbage about how to make MacBeth decrypt into your plaintext should be reserved for sci.crypt.flame. There's also a lot of other inappropriate traffic, like the recent "espionage" thread. Save it for talk.bizarre. Should I crawl back into my hole, or am I not the only one who thinks that a lot of the random spewage on the list is just that? (flame off) I think this is a valuable list. I like being on it, most of the time. But we've already seen many people remove themselves because they were drowning in email. Can we please try to keep the messages appropriate, and the signal-to-noise ratio high? Marc From fergp at sytex.com Tue May 25 09:17:06 1993 From: fergp at sytex.com (Paul Ferguson) Date: Tue, 25 May 93 09:17:06 PDT Subject: VinCrypt Message-ID: Has anyone heard of this product or know how to get in touch with its authors/developers? 8<-------- Snip, Snip ----------- Journal: Computerworld March 1 1993 v27 n9 p6(1). -------------------------------------------------------------------- Title: Hackers switch sides, offer security package. (includes related article on the VinCrypt data security application) (Product Announcement) Author: Daly, James Abstract: Notorious computer hackers introduce their $159 VinCrypt encryption package, which enhances data security. The DOS-based application has been created by highly skilled underground systems programmers. Co-developer Ian Murphy, who is president of Secure Data Systems Inc, also will distribute the application. He indicates that VinCrypt has not gained the approval of any government agency, but he does not seek government approval. Murphy believes that data encryption packages based on the Data Encryption Standard or RSA Data Security Inc's standards are not secure because their basic algorithms have been given to the National Security Agency. VinCrypt's source code will not be passed around, but some experts suggest that it then will be difficult to evaluate the package's real security effectiveness. ----------------------------------------------------------------------- Type: product announcement Product: VinCrypt Topic: Data security Software Packages Product Introduction Computer hackers Encryption Standards 8<----- End of plea for assistance -------- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From 74076.1041 at CompuServe.COM Tue May 25 09:18:20 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Tue, 25 May 93 09:18:20 PDT Subject: Steganography... Message-ID: <930525161307_74076.1041_FHD47-1@CompuServe.COM> -----BEGIN PGP SIGNED MESSAGE----- Kevin Brown makes some interesting points about steganography and steganalysis. The issue of recognizing whether a message has or might have a hidden message has two sides. One is for the desired recipient to be clued that he should try desteganizing and decrypting the message, and the other is for a possible attacker to discover illegal uses of cryptography. Steganography should be used with a "stealthy" cryptosystem (secret key or public key), one in which the cyphertext is indistinguishable from a random bit string. You would not want it to have any headers which could be used to confirm that a desteganized message was other than random noise. This would allow some public standard to be used for steganizing messages. Ideally, the standard would be chosen so that typical real messages, when desteganized by the standard technique, would produce close to a random bit pattern. Maybe Kevin's idea about taking the parity of each (four- letter or greater?) word in the message would work. With stealthy cryptography and a "random" standard steganographic technique people could use steganography without much fear that their messages will attract attention, or that they could be proven to be using this technology just by analysis of their messages. Only the desired recipient would discover the hidden message by achieving success in decrypting the random bit string that comes from the desteganography. He would have to try this on all messages and it would only work on those fraction with hidden messages aimed at him. A big problem right now is that none of Kevin's proposed approaches seem to be capable of being fully automated. I don't think that word substitution can be done safely, at least not by some simplistic algorithm. Words have many meanings and it is not easy for software to choose an appropriate synonym. This is a similar problem to machine translation, and I think those systems still require a lot of human supervision. In the olden days, spies used the "window" method of steganography. They had a piece of paper with randomly-scattered holes in it. They would put it on top of another piece of paper and write their secret message in the holes. Removing the "window" paper left a sheet of paper with some widely scattered letters. The spy then wrote a cover message among the letters, choosing his words so that the letters fit in. The recipient then had a paper with the same window positions so that he could read the message. We could do a similar thing - position the letters of a hidden (and encrypted) message at every 5th (or 10th, or whatever) position, and have a special word processor that let you compose a message but allowed you to see the forthcoming stega letters so that you could try to make your words fit around them. This might be harder than for the paper case because we have no ability to change the spacing of our letters in order to fit around the fixed letters more easily. Steganography will be more labor-intensive than ordinary encryption. You have to write two messages: the encrypted one you want to send, and a cover message that is five to ten times longer. Plus you may need to massage the cover message to one degree or another depending on how automatic the stego insertion is. This might be reasonable if crypto is outlawed and you are part of an underground group fighting the government, but for ordinary use I don't see how to make it both easy and safe. Hal -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAIau6gTA69YIUw3AQFW6wQAk5r3TVkn3VI4LS+9103J/yQMNs1kypkt qkdX3FRHll7O9KeIipYdDvJUGeIfFzQobyBy6pGvSQZKV0tdb+ZM+3BG9LlpUFZZ Y1wGX0aJChvY+/L2RugxxLGROYOdZJzeijBj5L6swgmtsschHnsfo7j7A3md6gDq rJyFvOaU5ms= =g99M -----END PGP SIGNATURE----- From wixer!wixer.bga.com!cat at cactus.org Tue May 25 09:22:06 1993 From: wixer!wixer.bga.com!cat at cactus.org (Dr. Cat) Date: Tue, 25 May 93 09:22:06 PDT Subject: PGP voice encryption In-Reply-To: <199305250633.AA06800@xtropia> Message-ID: <9305251601.AA21567@wixer> Actually, if somebody wants to start developing PC based voice encryption, there's a pretty significant installed base of machines that can handle it already. By the end of 1992, there were about 3 million machines with sound cards, by the end of 93 it's projected to reach 6 million. Anyone that has a Soundblaster or Soundblaster compatible has both a DAC output and a microphone input. On a machine with a 9600 or 14,400 kilobaud modem, sufficient real-time compression of voice to fit within the modem bandwidth is a quite reasonable objective. I know of at least three people in the computer game industry that have been working on it, and at least one of them already has functional code. I'm sure there's a pretty fair number of Macintoshes out there that have all the hardware to support real-time encrypted voice communications also, though I don't follow the numbers in the Mac market these days... Dr. Cat / no .sig, why bore people? From wixer!wixer.bga.com!cat at cactus.org Tue May 25 09:22:13 1993 From: wixer!wixer.bga.com!cat at cactus.org (Dr. Cat) Date: Tue, 25 May 93 09:22:13 PDT Subject: Digital cash issues... In-Reply-To: <930525075401_74076.1041_FHD58-1@CompuServe.COM> Message-ID: <9305251612.AA26796@wixer> Regarding the issue of what to do under Chaum's scheme when someone double- spends a piece of digital cash & their identity is revealed... While this might be a problem for a cypherpunk style "kick society in the pants and get this going early" implementation of digital banking, I don't think it's going to be a serious hindrance in the long term. While I'm sure all big retail chains and the like will have terminals that can instantly verify a piece of cash, if there are niches for an offline system, there's a very significant economic infrastructure set up for collecting on bad debts. Any credit card company, phone company, or other corporation that does a lot of billing already has staff dedicated solely to that function, with collection agencies providing a second tier of functionality for the tougher cases. Dr. Cat / Dragon's Eye / New traditions for the next century From kelly at pleiku.netcom.com Tue May 25 09:34:33 1993 From: kelly at pleiku.netcom.com (kelly at pleiku.netcom.com) Date: Tue, 25 May 93 09:34:33 PDT Subject: No Subject Message-ID: <9305251634.AA18989@toad.com> >From kelly Tue May 25 16:34:55 +0000 1993 remote from pleiku To: netcomsv.netcom.com!toad.com!gnu (John Gilmore) cc: whscad1.att.com!kqb, toad.com!cypherpunks, toad.com!gnu, kelly Subject: Re: Steganography and Steganalysis In-reply-to: Your message of "Tue, 25 May 1993 08:46:27 MST." <9305251546.AA17642 at toad.com> Priority: urgent Date: Tue, 25 May 1993 16:34:55 +0000 From: "Stop the Big Brother CHip" Received: from pleiku by pleiku.netcom.com; Tue, 25 May 1993 09:34 PDT Content-Type: text Content-Length: 1907 Hi John, In addition I suggest still some more tools newsclip(by clarinet... provides for news clipping) newsfind(on soda.berkley.edu for searches of NNTP servers) agrep(Fuzzy set searches) expn(expanding mail aliases) addr-check(expanding and tracing mail aliases) netfind(email address searches) Xmosaic(hypertest gui... has some useful location features) whois(standard NS prog) For tracing that mysterious person on the end of the line... cypherpunks may want to consider "How to investigate by computer" by Ralph D Thomas In-detail explanation of commercial access to xcross, criminal justice/public records/postal forwarding/ credit info... And the infamous "How to get everything on anybody" Vols 1 and 2 by Lee Lapin and Scott French "The Big Brother Game" same "Ninja 1990" same... -- Parts of this .sig borrowed with permission from T.C.May. Perhaps it will indeed get me busted also. .......................................................................... Kelly Goen | Crypto Anarchy: encryption, digital money, kelly at netcom.com | anonymous networks, digital pseudonyms, zero Intelligence Systems | knowledge, reputations, information markets, Specialists Inc. | black markets, face banks, data havens, dark | tech, covert channels, shared secrets, | alt.whistleblowers, collapse of governments. Technical Monkeywrench | Public Key: PGP 2.2. | .......................................................................... PGP 2.2 Key available from PGP Keyservers on the Internet. pub 1024/1BA573 1992/09/09 kelly Key fingerprint = EF 7A 38 99 22 84 E3 3B 90 2A DB 80 DC 65 DA 31 STOP THE WIRETAP CHIP(Clipper Chip)!! From pat at tstc.edu Tue May 25 10:44:14 1993 From: pat at tstc.edu (Patrick E. Hykkonen) Date: Tue, 25 May 93 10:44:14 PDT Subject: Noise on the list In-Reply-To: <9305251613.AA04301@dun-dun-noodles.aktis.com> Message-ID: <9305251744.AA13138@tstc.edu> > I think this is a valuable list. I like being on it, most of the > time. But we've already seen many people remove themselves because > they were drowning in email. Can we please try to keep the messages > appropriate, and the signal-to-noise ratio high? Of all the lists I'm subscribed to, this is the only one that I read *every* article in. Even the "noise" articles. Humans being what they are, the noise is needed to help decide the direction of the group. Besides, for those of us who are just starting on our journey through crypto-underworld need the noise to help familiarize ourselves with how crypto works. I've learned more from the informal ramblings than I've gathered out of all the formal and/or mathematical postings to date. I don't mind tech... but let's not do away with the noise either. Thanks. One persons opinion. -- Pat Hykkonen, N5NPL Texas State Technical College at Waco {pat,postmaster,root,GOD}@tstc.edu Instructional Network Services 3801 Campus Dr. Waco, Tx 76705 V:(817) 867-4830 F:(817) 799-2843 From newsham at wiliki.eng.hawaii.edu Tue May 25 10:45:07 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Tue, 25 May 93 10:45:07 PDT Subject: PGP voice encryption In-Reply-To: <9305251601.AA21567@wixer> Message-ID: <9305251745.AA21151@toad.com> > > Actually, if somebody wants to start developing PC based voice encryption, > there's a pretty significant installed base of machines that can handle it > already. By the end of 1992, there were about 3 million machines with sound > cards, by the end of 93 it's projected to reach 6 million. Anyone that has a > Soundblaster or Soundblaster compatible has both a DAC output and a > microphone input. On a machine with a 9600 or 14,400 kilobaud modem, > sufficient real-time compression of voice to fit within the modem bandwidth > is a quite reasonable objective. I know of at least three people in the > computer game industry that have been working on it, and at least one of them > already has functional code. I'm sure there's a pretty fair number of > Macintoshes out there that have all the hardware to support real-time > encrypted voice communications also, though I don't follow the numbers in the > Mac market these days... The biggest problem is CPU power. The compression schemes that work best are very computationally expensive. Add to that the fact that you need to do simultaneous encryption and compression, and if you want full duplex make that simultaneous encryption, decryption, compression and decompression. You also have to send it over the modem, and probably frame it too. I'm currently implementing one scheme (LPC) on a DSP chip. Hopefully my end product will be <$50. I plan put its own ADC/DAC chip on board (to save computer<->DSP bandwidth). Possibly some high end CPU's like 486 and 040 could handle the load, but wouldnt leave much cpu for anything else. > Dr. Cat / no .sig, why bore people? > From TO1SITTLER at APSICC.APS.EDU Tue May 25 11:15:03 1993 From: TO1SITTLER at APSICC.APS.EDU (Kragen Sittler) Date: Tue, 25 May 93 11:15:03 PDT Subject: License plates Message-ID: <930525121307.302f@APSICC.APS.EDU> My understanding is that in many states, the Department of Motor Vehicles Records indexed on license plate number, and containing the name, address, and other information about the owner, is public or semi-public. How would an interested party go about finding this information? How difficult or costly is it? And what all is actually listed in the record? How about medical records? How private are they? How about other records which are, to me, private or appear to be private, but can actually be read by anyone without my consent? Kragen From fergp at sytex.com Tue May 25 11:46:18 1993 From: fergp at sytex.com (Paul Ferguson) Date: Tue, 25 May 93 11:46:18 PDT Subject: Bill O' Rights Message-ID: I remember reading this in the March ACM and thinking,"Man. He hit that right on the head." When I ran across this transcript in Computer Select earlier this morning (while looking for various encryption products, no less), I thought those of you who had not already seen it would be struck by John Perry's insights. BTW, I also have the full transcripts of Dorothy Denning's, William A. Bayse's (Assistant Director, FBI Technical Services Division) and Lewis M. Branscomb's (Harvard University) articles which appeared in the same issue with regards to Digital Telephony, if anyone cares for me to post them. Looking back on the progression of events, beginning with the debate of the Digital Telephony proposal and subsequently the proposal currently (officially) referred to as the "Key Escrow" Chip (and its associated escrow scheme), I can't help but surmise that the whole ball of wax is geared towards allowing the Government the ability to effectively eavesdrop on its citizens communications in the face of advancing technology, without regard to privacy matters. 8<---- Begin forwarded text --------- Journal: Communications of the ACM March 1993 v36 n3 p21(3) * Full Text COPYRIGHT Association for Computing Machinery Inc.1993. ---------------------------------------------------------------------- Title: Bill o' rights. (impact of technology on basic civil rights; humor) (Electronic Frontier) Author: Barlow, John Perry ---------------------------------------------------------------------- Full Text: *Note* Only Text is presented here; see printed issues for graphics. It has been almost three years since I first heard of the Secret Service raids on Steve Jackson Games and the cyberurchins from the Legion of Doom. These federal exploits, recently chronicled in Bruce Sterling's book Hacker Crackdown, precipitated the formation of the Electronic Frontier Foundation and kicked loose an international digital liberties movement which is still growing by leaps and conferences. I am greatly encouraged by the heightened awareness among the citizens of the Global Net of our rights, responsibilities, and opportunities. I am also heartened that so many good minds now tug at the legal, ethical, and social riddles which come from digitizing every damned thing. The social contract of Cyberspace is being developed with astonishing rapidity, considering that we are still deaf, dumb, and disembodied in here. Meanwhile, back in the Physical World, I continue to be haunted by the words of the first lawyer I called on behalf of Steve Jackson, Phiber Optik, and Acid Phreak back in the spring of 1990. This was Eric Lieberman of the prestigious New York civil liberties firm Rabinowitz, Boudin, Standard, Krinsky, and Lieberman. I told him how the Secret Service had descended on my acquaintances and taken every scrap of circuitry or magnetized oxide they could find. This had included not only computers and disks, but clock radios and audio cassettes. I told him that, because no charges had been filed, the government was providing their targets no legal opportunity to recoup their confiscated equipment and data. (In fact, most of the victims of Operation Sun Devil still have neither been charged nor had their property returned to them.) [This issue has been somewhat resolved with the recent ruling in favor of Steve Jackson and the subsequent award of damages.] The searches were anything but surgical and the seizures appeared directed less at gathering evidence than inflicting punishment without the bothersome formality of a trial. I asked Lieberman if the Secret Service might not be violating the Fourth Amendment's assurance of "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures." He laughed bitterly. "I think if you take a look at case law for the last ten years or so, you will find that the Fourth Amendment has pretty much gone away," he said. I did. He was right. A lot of what remained of it was flushed a year later when the Rehnquist Court declared that in the presence of "probable cause" ...a phrase of inviting openness...law enforcement officials could search first and obtain warrants later. Furthermore, I learned that through such sweeping prosecutorial enablements as RICO and Zero Tolerance, the authorities could entract their own unadjudicated administrative "fines" by keeping much of what they seized for their own uses. (This incentive often leads to disproportionalities between "punishment" and "crime" which even Kafka might have found a bit over the top. I know of one case in which the DEA acquired a $14 million Gulfstream bizjet from a charter operator because one of its clients left half a gram of cocaine in its washroom.) I tried to image a kind of interactive Bill of Rights in which amendments would fade to invisibility as they became meaningless, but I knew that was hardly necessary. The citizens of Stalin's Soviet Union had a constitutional guarantee of free expression which obviously, like our own, allowed some room for judicial interpretation. It occurred to me then that a more honest approach might be to maintain a concordant Bill of Rights, running in real time and providing up-to-the-minute weather reports from the federal bench, but I never got around to it. Recently I started thinking about it again. These thoughts were inspired partly by Dorothy Denning's apology for the FBI's digital telephony proposal (which appears in this issue). I found her analysis surprisingly persuasive, but I also found it fundamentally based on an assumption I no longer share: the ability of the Bill of Rights to restrain government, now or in the future. The men who drafted the U.S. Constitution and its first ten amendments knew something that we have largely forgotten: Government exist to limit freedom. That's their job. And to the extent that utterly unbridled liberty seems to favor the reptile in us, a little government is not such a bad thing. But it never knows when to quit. As there is no limit to either human imagination or creativity in the wicked service of the Self, so it is always easy for our official protectors to envision new atrocities to prevent. Knowing this, James Madison and company designed a government which was slightly broken up front. They intentionally created a few wrenches to cast into the works, and these impediments to smooth governmental operation were the Bill of Rights. Lately though, we find ourselves living in a world where the dangers we perceive are creatures of information rather than experience. Since the devil one knows is always less fearsome than the worst one can imagine, there is no limit to how terrifying or potent these dangers can seem. Very few of us, if any, have ever felt the malign presence of a real, live terrorist or drug lord or Mafia capo or dark-side hacker. They are projected into our consciousness by the media and the government, both of which profit directly from our fear of them. These enemies are, in our (tele)visions of them, entirely lacking in human decency or conscience. There is no reason they should be mollycoddled with constitutional rights. And so, we have become increasingly willing to extend to government what the Founding Fathers would not: real efficiency. The courts have been updating the Bill of Rights to fit modern times and perils, without anyone having to go through the cumbersome procedure of formal amendment. The result, I would suggest with only a little sarcasm or hyperbole, has come to look something like this: Bill O' Rights AMENDMENT 1 Congress shall encourage the practice of Judeo-Christian religion by its own public exercise thereof and shall make no laws abridging the freedom of responsible speech, unless such speech is in a digitized form or contains material which is copyrighted, classified, proprietary, or deeply offensive to non-Europeans, nonmales, differently abled or alternatively preferenced persons; or the right of the people peaceably to assemble, unless such assembly is taking place on corporate or military property or within an electronic environment, or to make petitions to the government for a redress of grievances, unless those grievances relate to national security. AMENDMENT 2 A well-regulated militia having become irrelevant to the security of the state, the right of the people to keep and bear arms against one another shall nevertheless remain uninfringed, excepting such arms as may be afforded by the poor or those perferred by drug pushers, terrorists, and organized criminals, which shall be banned. AMENDMENT 3 No soldier shall, in time of peace, be quartered in any house, without the consent of the owner, unless that house is thought to have been used for the distribution of illegal substances. AMENDMENT 4 The right of the people to be secure in their persons, houses, papers and effects against unreasonable searches and seizures, may be suspended to protect public welfare, and upon the unsupported suspicion of law enforcement officials, any place or conveyance shall be subject to immediate search, and any such places or conveyances or property within them may be permanently confiscated without further judicial proceeding. AMENDMENT 5 Any person may be held to answer for a capital, or otherwise infamous crime involving illicit substances, terrorism, or child pornography, or upon any suspicion whatever; and may be subject for the same offense to be twice put in jeopardy of life or limb, once by the state courts and again by the federal judiciary; and may be compelled by various means, including the forced submission of breath samples, bodily fluids, or encryption keys, to be a witness against himself, refusal to do so constituting an admission of guilt; and may be deprived of life, liberty, or property without further legal delay; and any property thereby forfeited shall be dedicated to the discretionary use of law enforcement agencies. AMENDMENT 6 In all criminal prosecutions, the accused shall enjoy the right to a speedy and private plea bargaining session before pleading guilty. He is entitled to the assistance of underpaid and indifferent counsel to negotiate his sentence, except where such sentence falls under federal mandatory sentencing requirements. AMENDMENT 7 In suits at common law, where the contesting parties have nearly unlimited resources to spend on legal fees, the right of trail by jury shall be preserved. AMENDMENT 8 Sufficient bail may be required to ensure that dangerous criminals will remain in custody, where cruel punishments are usually inflicted. AMENDMENT 9 The enumeration in the Constitution of certain rights, shall not be construed to deny or disparage others which may be asserted by the government as required to preserve public order, family values, or national security. AMENDMENT 10 The powers not delegated to the U.S. by the Constitution, shall be reserved to the U.S. Departments of Justice and Treasury, except when the states are willing to forsake federal funding. [John P. Barlow is a technological author and the cofounder (with Mitch Kapor) of the Electronic Frontier Foundation. He currently lives in Wyoming, New York and "in Cyberspace." His email address is barlow @eff.org.] Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From amb at cs.columbia.edu Tue May 25 11:56:53 1993 From: amb at cs.columbia.edu (andrew m. boardman) Date: Tue, 25 May 93 11:56:53 PDT Subject: Steganography and Steganalysis In-Reply-To: <9305251546.AA17642@toad.com> Message-ID: <199305251856.AA08939@ground.cs.columbia.edu> Someone is probably doing steganography in netnews and/or mailing lists right now! (Besides cypherpunks, I mean.) How would we find them? Food for thought: that, at least as of recently, the NSA bought weekly dumps of all usenet articles on tape. I highly doubt they were for their reading pleasure... andrew From arkuat at joes.garage.com Tue May 25 11:57:41 1993 From: arkuat at joes.garage.com (Eric Watt Forste) Date: Tue, 25 May 93 11:57:41 PDT Subject: privacy graphics archive In-Reply-To: <9305241902.AA23897@soda.berkeley.edu> Message-ID: <199305251901.AA16261@joes.GARAGE.COM> >I can keep or mirror the electronic archive on soda. Thanks very much for your offer. It would be great if you could keep the electronic part at soda, since we only have five megabytes on Netcom, and Joe's Garage is no the most reliable system in the world. When Sunah and I start getting stuff, I'll send mail. Arkuat From Doug.Brightwell at Corp.Sun.COM Tue May 25 11:57:58 1993 From: Doug.Brightwell at Corp.Sun.COM (Doug Brightwell) Date: Tue, 25 May 93 11:57:58 PDT Subject: License plates Message-ID: <9305251854.AA01809@media.Corp.Sun.COM> > My understanding is that in many states, the Department of Motor Vehicles Records > indexed on license plate number, and containing the name, address, and other > information about the owner, is public or semi-public. How would an interested > party go about finding this information? How difficult or costly is it? And > what all is actually listed in the record? Several weeks following a car accident that I was involved in, I received a notice from the California DMV notifying me that someone had filed a request for the information on my vehicle registration. From the name and address on the notice, I figured out that it was the other driver's attorney, probably wanting to know where to send a subpoena. Apparently, anyone can walk into a DMV office, fill out a form, pay $1.00 (or whatever) and get the info because it's public record. However, at least the DMV also alerts the "investigatee" to the fact that someone now has their home address, and provides the name and address of the requestor. Doug From baumbach at atmel.com Tue May 25 12:29:52 1993 From: baumbach at atmel.com (Peter Baumbach) Date: Tue, 25 May 93 12:29:52 PDT Subject: License plates Message-ID: <9305251859.AA06461@carp.chp.atmel.com> > My understanding is that in many states, the Department of Motor Vehicles Records > indexed on license plate number, and containing the name, address, and other > information about the owner, is public or semi-public. How would an interested > party go about finding this information? How difficult or costly is it? And > what all is actually listed in the record? Mathew Lesko has several books out that are all about finding this type of information. I have a couple of these books, they are available at most book stores. "Information USA" is about federal sources of information, and a newer book, that I don't remember the name of, is about state sources of information. I remember seeing a listing, by state, of motor vehicle license and registration data for sale. For Maryland, a magnetic tape of complete license or registration data is available for $300! > How about medical records? How private are they? > > How about other records which are, to me, private or appear to be private, but > can actually be read by anyone without my consent? > I don't know what else. Credit information "requires" your permission to be read by someone. > Kragen > The work of cypherpunks will make this information less private. Laws will not make it more private. Crypto cash will buy this information anonomously. The work of cypherpunks will also make this information more private. You all know more about this than I do; how do you cypherpunks suggest we keep this information private? Peter Baumbach baumbach at atmel.com From i6t4 at jupiter.sun.csd.unb.ca Tue May 25 12:49:21 1993 From: i6t4 at jupiter.sun.csd.unb.ca (Nickey MacDonald) Date: Tue, 25 May 93 12:49:21 PDT Subject: Something just sunk in... Message-ID: I have been way behind in my email, and I've been catching up... I was just reading some of the Clipper mail (To be called the "Huge Clipper Email Burst of 93"???? ;-) when something just sort of sunk in... Asumme for a minute that Clipper was enforced and it got to the point that it was embedded in *every* phone... What of the poor (this is sarcasm) law enforcement agency that has to tap a family such as my own. We have (at last count) 6 phones on two lines. Thats two lines to monitor for one of 6 different unit keys. Are they going to get one court order for each phone? or will the one court order do for all of the keys... Am I supposed to pay to replace all 6 phones?? I didn't see any mention of having more than one chip with the same key (not that I would want that anyway)... Have they considered this? --- Nick MacDonald | NMD on IRC i6t4 at jupiter.sun.csd.unb.ca | PGP 2.1 Public key available via finger From 76244.315 at CompuServe.COM Tue May 25 13:14:15 1993 From: 76244.315 at CompuServe.COM (Doug Porter) Date: Tue, 25 May 93 13:14:15 PDT Subject: How to make encryption w Message-ID: <930525200629_76244.315_CHN82-1@CompuServe.COM> Until many people use encryption those who encrypt will be targets. The biggest barrier to widespread use of encryption is that you have to leave your mail package to work with separate encryption programs and message files. To overcome this people need a messaging system which makes encrypting and decrypting as easy as pushing a button. The package should allow plugging and unplugging encryption programs. This lets people make their own technical, ethical and legal choices. The package also must be significantly better than the mail packages people use now, or they won't switch, and therefore won't encrypt. We've done it: Cyberdesk automates access to cyberspace and supports third party encryption programs seamlessly. Today Cyberdesk manages CompuServe (both email and forums), MCI Mail, cc:Mail (both local LAN and remotely), and The WELL (both email and conferences), with more to follow. It runs under Windows and includes features such as distribution lists and a spelling checker. Cyberdesk is in Beta now and fast approaching release. All you need is a simple interface to use an encryption program with Cyberdesk. This interface is usually just two short batch files, one for encryption and another for decryption. In some cases it may be a small program. We do not plan to provide these interfaces or any specific encryption. In addition to allowing people flexibility in their choices, we hope this approach will make ITAR irrelevant. Yep, I'm asking you to support a commercial package without monetary compensation from us. You may decide to charge users for your interface, of course. We'll give a copy of Cyberdesk to anyone who creates an interface for an unsupported encryption package. We have a chance to make it easy, and therefore common, for people to encrypt. All we need is the interfaces. Cypherpunks write code. Doug From ryan at rtfm.mlb.fl.us Tue May 25 13:16:55 1993 From: ryan at rtfm.mlb.fl.us (RYAN Alan Porter) Date: Tue, 25 May 93 13:16:55 PDT Subject: License plates In-Reply-To: <9305251854.AA01809@media.Corp.Sun.COM> Message-ID: On Tue, 25 May 1993, Doug Brightwell wrote: > > > My understanding is that in many states, the Department of Motor Vehicles Records > > indexed on license plate number, and containing the name, address, and other > > information about the owner, is public or semi-public. How would an interested > > party go about finding this information? How difficult or costly is it? And > > what all is actually listed in the record? > > Several weeks following a car accident that I was involved in, I > received a notice from the California DMV notifying me that someone had > filed a request for the information on my vehicle registration. From > the name and address on the notice, I figured out that it was the other > driver's attorney, probably wanting to know where to send a subpoena. > Apparently, anyone can walk into a DMV office, fill out a form, pay > $1.00 (or whatever) and get the info because it's public record. > However, at least the DMV also alerts the "investigatee" to the fact > that someone now has their home address, and provides the name and > address of the requestor. Here in Florida, the information is supposed to be confidential. Operation Rescue (a group of fanatical Christians intent on harassing abortion clinics and patients) has an employee in the DMV who snatches the number somehow, however. They now sit around in front of the clinics and jot down the license numbers of patients and use their inside contact to find the name and address of the patient and harass them. ObRelation2Cypherpunks: We are now trying to justify using the computer privacy laws to prosecute specifically for the fact that the records are being held electronically and Operation Rescue is illegally obtaining this information and not going through proper channels. Hugs and kisses, -Ryan the barcode guy From wcs at anchor.ho.att.com Tue May 25 13:29:40 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Tue, 25 May 93 13:29:40 PDT Subject: Something just sunk in... Message-ID: <9305252029.AA24538@anchor.ho.att.com> > enforcement agency that has to tap a family such as my own. We have (at > last count) 6 phones on two lines. Thats two lines to monitor for one of > 6 different unit keys. Are they going to get one court order for each > phone? or will the one court order do for all of the keys... Presumably one court order will cover any phones involved in conversations with your, er, the alleged perpetrator of some as-yet-unidentified crime's house. After all, they can't tell in advance what phones would actually be in use, since serial numbers are presumably not registered at time of purchase, and it's possible to move the phones around. Assuming symmetric use of keys, it's more efficient for them to only subpoena keys for phones actually in the house, since this catches both ends of the conversation, but that depends on what they can talk a judge into permitting. > Am I supposed to pay to replace all 6 phones?? ... Have they considered this? Since there have been no statements from the Feds about who pays for *single* phones, except Ed Meese's line about "People who are innocent usually aren't suspects", the case of all 6 phones isn't much different, though if you are tried and found innocent you may be able to force them to disclose which of your phones they've actually subpoenaed keys for. It's probably viewed as a "not our problem" issue, just as your legal costs for your defense aren't usually reimbursed unless they've been grossly out of line and you sue them successfully, a la Steve Jackson. The White House press releases haven't answered the question of exactly who gets access to your keys once subpoenaed, or whether they have to destroy them if you're found innocent, or not eventually charged with a crime, or whatever. It will probably be left up to the courts to decide. Bill Stewart, pessimistically reporting from New Jersey. From peb at PROCASE.COM Tue May 25 13:41:13 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Tue, 25 May 93 13:41:13 PDT Subject: VinCrypt Message-ID: <9305252040.AA15879@banff.procase.com> I saw their package at Fry's last weekend. It has a double DES mode too. It seems to have only manual encrypt/decrypt. The right way to do it is have a device driver do it for you (say, a Mach user level pager for a crypto disk). Data Encryption Standard or RSA Data Security Inc's standards are not secure because their basic algorithms have been given to the National Security Agency. VinCrypt's source code will not be passed around, Great spin, but not much more than spin. Paul E. Baclace peb at procase.com From fergp at sytex.com Tue May 25 13:48:36 1993 From: fergp at sytex.com (Paul Ferguson) Date: Tue, 25 May 93 13:48:36 PDT Subject: Say again? Message-ID: On Tue, 25 May 1993 14:56:48 -0400, andrew m. boardman wrote - > Food for thought: that, at least as of recently, the NSA bought > weekly dumps of all usenet articles on tape. I highly doubt they > were for their reading pleasure... Is this hearsay, innuendo or fact? If fact, what can you site as reference to support your statement? If you know this to be fact, please cite your references and provide as much detail as possible. Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From poier at sfu.ca Tue May 25 13:55:34 1993 From: poier at sfu.ca (Skye Merlin Poier) Date: Tue, 25 May 93 13:55:34 PDT Subject: your mail In-Reply-To: <199305250633.AA06800@xtropia> Message-ID: <9305251856.AA10704@malibu.sfu.ca> -----BEGIN PGP SIGNED MESSAGE----- :) The proposal specifically is to extend PGP beyond file encryption :) to generalized stream handling. Such streams can be consoles & :) keyboards, real-time file transfers, and digitized voice; indeed, :) anything that will pass over a modem or other serial transfer medium. This is already being attempted: Ytalk version 2.1 has both a single key stream encryption feature and a PGP encryption feature ( I haven't been able to get the PGP encryption feature to work, however.). It is still in beta testing, but it looks like it will be out soon... Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAJrzy0bkpXW3omvAQEwZQQAobdu4F3v9rGfeKTrWTwz0CgLHGj9j1eJ FTecY3x4H3h4hra3QpztpwidizyOvvbyeJFrPZc0k+lJxYjFkLduiI7F9GpL+jSe ha10iPcRDUcKxJ74nyVWTupLpnznbYmZaQ7eh7BJi3GNo6M2GeUgccPt7j47F+Fy lzSvE05eYJw= =bvHZ -----END PGP SIGNATURE----- From marc at GZA.COM Tue May 25 14:11:34 1993 From: marc at GZA.COM (Marc Horowitz) Date: Tue, 25 May 93 14:11:34 PDT Subject: Say again? In-Reply-To: Message-ID: <9305252111.AA08399@dun-dun-noodles.aktis.com> >> Is this hearsay, innuendo or fact? If fact, what can you site as >> reference to support your statement? If you know this to be fact, >> please cite your references and provide as much detail as possible. Rick Adams of UUNET confirmed on the com-priv list that his organization had been selling the FBI a usenet feed on tape. I could find the exact reference if you want. I don't know for sure that the NSA has a feed, or from whom, but it wouldn't surprise me. However, the obvious next point is, so what? It's a public system. Any idiot can pay $20/month and get a public access account. If you say something in a news post which you wouldn't want the FBI or NSA or whoever to see, you're the person who has done something stupid. Tapping a news feed isn't like tapping a phone line. It's more like turning on the television. Marc From pmetzger at lehman.com Tue May 25 14:15:35 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 25 May 93 14:15:35 PDT Subject: Steganography and Steganalysis In-Reply-To: <199305251856.AA08939@ground.cs.columbia.edu> Message-ID: <9305252115.AA13580@snark.shearson.com> andrew m. boardman says: > Someone is probably doing steganography in netnews and/or mailing > lists right now! (Besides cypherpunks, I mean.) How would we find them? > > Food for thought: that, at least as of recently, the NSA bought weekly > dumps of all usenet articles on tape. I highly doubt they were for > their reading pleasure... Many organizations buy complete dumps of usenet -- its a way of getting a newsfeed if your organization is too paranoid to let you get a network connection. I don't know if the NSA was such an organization, but it would not suprise me. Perry From amb at cs.columbia.edu Tue May 25 14:27:18 1993 From: amb at cs.columbia.edu (andrew m. boardman) Date: Tue, 25 May 93 14:27:18 PDT Subject: Say again? In-Reply-To: Message-ID: <199305252126.AA14245@ground.cs.columbia.edu> Is this hearsay, innuendo or fact? If fact, what can you site as reference to support your statement? If you know this to be fact, please cite your references and provide as much detail as possible. This was based on a verbal conversation at Interop with someone from uunet, from whom the tapes are purchased. I or they could be mis[led|informed|remembering], but if you really care, ask uunet. andrew From kqb at whscad1.att.com Tue May 25 14:49:12 1993 From: kqb at whscad1.att.com (kqb at whscad1.att.com) Date: Tue, 25 May 93 14:49:12 PDT Subject: Steganography and Steganalysis Message-ID: <9305252149.AA27051@toad.com> I have received some useful feedback to yesterday's message on steganography and steganalysis. Here are some clarifications to my cryptic presentation and a correction. I was most interested in finding if the steganographic capacity of English is high enough to make steganography practical for everyday use, so I didn't even address the meaningfulness of the output. For example, if I could only produce a capacity of a tenth of one percent, the meaningfulness would not even be an issue because nobody would want to send large messages via steganography anyway. A capacity of 10%, requiring the public text to be only 10 times as long as the hidden text, may be good enough for everyday use. If that can be achieved, then the next step is to see if meaningful output can have a high steganographic content. If so, then I expect that several cypherpunks would want to pursue that. (FYI: I plan to do more analysis on my own, even if nobody else does.) My guesstimate for the steganographic capacity of English did not provide a steganographic algorithm. For example, I haven't even looked into how to map a bit string to a parenthesis grouping; I was just noting that if you have X(N-1) possibilities, there must be log (X(N-1)) bits available, assuming all possibilities are equally likely. Is there a simple-to-compute mapping of the numbers 1 through X(N-1) to the X(N-1) parenthesizations of an N word sentence? Fortunately, N rarely gets large for ordinary English sentences, so a general solution may be unnecessary. My presentation mistakenly implied that a good steganographic algorithm may have the form: E(K, M) = E2( E1(K,M) ) where E1 is a cryptographically secure encryption function with public key K and hidden message M, E2 somehow converts the encrypted message to ordinary English text, and E1, K, and E2 are publicly known. Unfortunately, if the inverse of E2 (let's call it D2), is easily found, then the presence of a hidden message can be detected easily, even though that message cannot be decrypted easily. This is because the output of E1, which is incompressible, is easily distinguishable from D2(ordinary English text). Here is a better formulation for the steganographic schema: E(K1, K2, M) = E3( E2(K2, E1(K1,M) )) where: E1(K1,M) converts the hidden message M to a cryptographically secure cyphertext by using the key K1. E1 and K1 are public, but the decryption function D1 is difficult to compute without the private key PK1. E3(C) converts a bit string to ordinary-looking English text. Assume that both E3 and its inverse D3 are public. E2(K2, C) converts the cyphertext C into another bit string such that E2(K2, C) has the same statistical characteristics as D3(ordinary English text). Assume that E2 and K2 are public, but D2 is difficult to compute without the private key PK2. Function E1 is normal public key cryptography, which produces an incompressible cyphertext. I hope that function E3 has a high enough steganographic capacity to make steganalysis worthwhile. Function E2 cannot be a normal encryption function because its output needs to be as compressible as D3(ordinary English text). Both functions E2 and E3 are new types of functions that require more research to work well. I still haven't seen any references to this type of steganography being done before, but thanks to the various people who gave pointers to tools that may help in building it. Kevin Q. Brown INTERNET kqb at whscad1.att.com or kevin_q_brown at att.com From jordan at imsi.com Tue May 25 15:01:37 1993 From: jordan at imsi.com (Jordan Hayes) Date: Tue, 25 May 93 15:01:37 PDT Subject: dumps of USENET ... Message-ID: <9305252142.AA29071@IMSI.COM> From Tue May 25 17:37:46 1993 Many organizations buy complete dumps of usenet -- its a way of getting a newsfeed if your organization is too paranoid to let you get a network connection. I had "always heard" that mimsy.umd.edu was the machine where the Ft. Meade guys-n-gals (let's not start that *again*) hung out to read/post USENET ... /jordan From gnu Tue May 25 15:27:33 1993 From: gnu (John Gilmore) Date: Tue, 25 May 93 15:27:33 PDT Subject: Steganography and Steganalysis In-Reply-To: <9305252149.AA27051@toad.com> Message-ID: <9305252227.AA27968@toad.com> My favorite scheme was to encode messages in trailing spaces and/or tabs in netnews messages. You could also put internal tabs in place of spaces. In fact, you could do this with news messages that flow "through" your site, (if the messages aren't protected with a crypto checksum), so that you would not be the message's sender (and it wouldn't be addressed to anyone either -- recipients get very good privacy). This would be one way for a Unix "worm" program to report back to its master...and/or receive instructions. John Gilmore PS: You could put short interesting stuff just in your message-ID's! Not to mention the low order bits of timestamps (exactly *what* second did it arrive, now?). From mab at crypto.com Tue May 25 15:44:59 1993 From: mab at crypto.com (Matt Blaze) Date: Tue, 25 May 93 15:44:59 PDT Subject: Say again? In-Reply-To: <199305252126.AA14245@ground.cs.columbia.edu> Message-ID: <9305252228.AA06769@crypto.com> > Is this hearsay, innuendo or fact? If fact, what can you site as > reference to support your statement? If you know this to be fact, > please cite your references and provide as much detail as possible. > >This was based on a verbal conversation at Interop with someone from >uunet, from whom the tapes are purchased. I or they could be >mis[led|informed|remembering], but if you really care, ask uunet. > >andrew Actually, the most alarming revelation here could be that someone at uunet is going around casually disclosing information about their customers. Most communications companies, especially those that seek to be regarded as "common carriers", make quite clear to their employees that customer data are among their most proprietary and that revealing any of it is grounds for lightning-speed dismissal. (Obviously, they reveal data that they SELL about their customers, and will disclose anything on a court order, but that's not what we're talking about here). -matt (who has signed his share of non-disclosure agreements with big, bad communications companies) From amb at cs.columbia.edu Tue May 25 16:14:07 1993 From: amb at cs.columbia.edu (andrew m. boardman) Date: Tue, 25 May 93 16:14:07 PDT Subject: Say again? In-Reply-To: <9305252228.AA06769@crypto.com> Message-ID: <199305252313.AA17325@ground.cs.columbia.edu> >This was based on a verbal conversation at Interop with someone from >uunet, from whom the tapes are purchased. I or they could be >mis[led|informed|remembering], but if you really care, ask uunet. Having just spoken to someone who contracts at the NSA (and no, this name I will not post), he does not believe they get such a beast, although, as many people have pointed out, the FBI did. That, then, would be the origin of that, along with some TLA confusion. Actually, the most alarming revelation here could be that someone at uunet is going around casually disclosing information about their customers. A lot of people perceive the government as having neither a right nor a need to privacy. Certainly there are also quite a few who label themselves "privacy advocates" whose standards do a 180 when the privacy involved is that of the likes of Mykotronx... andrew From poier at sfu.ca Tue May 25 16:20:04 1993 From: poier at sfu.ca (Skye Merlin Poier) Date: Tue, 25 May 93 16:20:04 PDT Subject: Anonymity on the net Message-ID: <9305252319.AA26265@malibu.sfu.ca> -----BEGIN PGP SIGNED MESSAGE----- I know of several anonymous remailers: would it not be a good idea to "link up" several of these hosts so that one mails the first remailer, which mails another and so on and so on.... This would be a real pain in the butt to retrace, as surely the owner info wont be rubber hosed out of all of the host bosses.... Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAKpgS0bkpXW3omvAQFwgAQAzXstBcts8h5U3chnu7SQe67DFgsj4dG1 Jz3BrK2QFHMspkVtxShAC+xBfIYwvR3eCIInKFFjxdzBxbprEJk+pwaNibFvtqDS IkMM86gr6dsu0UtY0jh73I63M1aZukWVUOzO2TpPL++fibKFBYQDJFD7xeOJWHx7 OeTEAL3gedk= =rKKD -----END PGP SIGNATURE----- From newsham at wiliki.eng.hawaii.edu Tue May 25 16:24:57 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Tue, 25 May 93 16:24:57 PDT Subject: PGP voice encryption In-Reply-To: <9305251805.AA19930@buoy.watson.ibm.com> Message-ID: <9305252324.AA29081@toad.com> > > Timothy Newsham says: > > The biggest problem is CPU power. The compression schemes that work > > best are very computationally expensive. Add to that the fact that > > you need to do simultaneous encryption and compression, and if you > > want full duplex make that simultaneous encryption, decryption, > > compression and decompression. You also have to send it over the > > modem, and probably frame it too. > > You're right. But if the voice-modem, or a smart voice card (like > SoundBlaster, maybe? Can it do CELP? Can any other available card?) I'm not sure. My understanding of SoundBlaster was that it could produce sounds and had digitizing capabilities (ie. A/D D/A card) If this is so it couldnt do any computations itself. Somoene mentioned Xyxel's modems will do CELP in and of themselves. > will handle full-duplex voice in and out, and then a smart data > modem will pump it through the line (again, full duplex), then > all the CPU has to do is simultaneous encryption/decryption, > plus frame management (moving frames to/from Blaster and > modem). There is no doubt that the CPU can handle the encrypion + framing, this is what I plan to do. > > Am I missing anything? > > > I'm currently implementing one scheme (LPC) on a DSP chip. Hopefully > > my end product will be <$50. I plan put its own ADC/DAC chip on > > board (to save computer<->DSP bandwidth). Possibly some > > high end CPU's like 486 and 040 could handle the load, but > > wouldnt leave much cpu for anything else. > > What DSP are you playing with? How expensive is it? Can I buy > such a chip from somewhere (assuming the price won't scare me > out)? I am using the ADSP2105 from Analog Devices. The list price is about $12. It has internal memory (1 kwords instruction, 512 words data, 24 and 16 bits wide respectively), and boots instruction memory off of an eeprom. Minimum setup would probably be ADSP2105, xtal, eeprom (4k), max232 (interface voltage levels), DAC/ADC chip and a power supply. You can reach Analog Devices at (617) 329-4700, they send out spec sheets for free. > -- > Regards, > Uri uri at watson.ibm.com scifi!angmar!uri N2RIU > ----------- > > > From mark at coombs.anu.edu.au Tue May 25 16:39:51 1993 From: mark at coombs.anu.edu.au (Mark) Date: Tue, 25 May 93 16:39:51 PDT Subject: Say again? Message-ID: <9305252339.AA29243@toad.com> > >This was based on a verbal conversation at Interop with someone from > >uunet, from whom the tapes are purchased. I or they could be > >mis[led|informed|remembering], but if you really care, ask uunet. > >Having just spoken to someone who contracts at the NSA (and no, this name >I will not post), he does not believe they get such a beast, although, as >many people have pointed out, the FBI did. That, then, would be the >origin of that, along with some TLA confusion. Wouldnt the NSA just get a feed to their internet machines, say maybe dockmaster.ncsc.mil? All they would have to pay for is the line, which is there anyway. No need to buy tapes. Makes more sense to me. I assume they have news readers on Multics systems :) Mark mark at coombs.anu.edu.au From amahler at cvgs.schools.virginia.edu Tue May 25 16:49:32 1993 From: amahler at cvgs.schools.virginia.edu (Aaron Mahler) Date: Tue, 25 May 93 16:49:32 PDT Subject: REMOVE Message-ID: <9305252352.AA27835@cvgs.schools.virginia.edu> Due to a lack of free time (and an overflowing mailbox) I regretfully have to resign from reading The List. I hope to keep up with events as much as possible from afar. My heart is with you guys. -AM -- --------------- Aaron Mahler - Internet: amahler at cvgs.schools.virginia.edu | BIX: amahler Interactive Media, Inc - 307 Rivermont Avenue, Lynchburg, Va 24504 "To search for perfection is all very well, but to look for Heaven is to live here in Hell." - Sting, Consider Me Gone From tcmay at netcom.com Tue May 25 17:02:06 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 25 May 93 17:02:06 PDT Subject: Anonymity on the net Message-ID: <9305260002.AA12104@netcom.netcom.com> Skye Merlin Poier writes: >-----BEGIN PGP SIGNED MESSAGE----- > >I know of several anonymous remailers: would it not be a good idea to "link up" >several of these hosts so that one mails the first remailer, which mails >another >and so on and so on.... This would be a real pain in the butt to retrace, as >surely the owner info wont be rubber hosed out of all of the host bosses.... Chaining remailers is of course the basic idea of using remailers. "Linking up" the remailers would sort of defeat the purpose of the remailers, wouldn't it? The idea is for only the sender to really know the sequence of remailers. (Of course, some of us aren't always using encrypted remailers--though we really should be--and hence the first remailer node theoretically knows who sent the message and where it's going. (Later remailers won't know, as all header info gets stripped out, so most of the benefits are retained.) Longterm, this will have to fixed, by more and easier encryption. For now, just using remailers as I show below is a good exercise.) Using remailers is easily done, and in fact I do this for nearly all of the "remailed" messages I send (no, I won't say which of the "anonymous" or "nobody" messages I sent...if more people used remailers, we'd all be better off). I encourage everyone out there who has not yet played with remailers to give them a quick try. You can see for yourself in the next 10 minutes what this all means, just by sending yourself an "anonymous" message! Here's an example script I use. Note that I favor the "double colon" (sounds like a medical condition, doesn't it?) format, as my mailer doesn't have a convenient way of messing with the headers. (You are of course free to try the other remailer format, described in the documentation for the remailers.) To use the double colon method, simply place a "::" on a blank line in the _body_ of your message (not the header) followed by a line with "Request-Remailing-To: next address" in it. And then another blank line, and then your message. The forms below should make this clearer. Then _another_ such remailer form can be included, and another, and another, and so forth. Very easy to use. (Whoever came up with the double colon format, please keep it in future versions!) Karl Barrus occasionally publishes a list of operating remailers. I occasionally test these remailers by sending messages to myself, to assure myself they're still up and running and are sending stuff through promptly. I keep a small database of "functional remailers," with their speeds (most remail within seconds) and such. Once I've "pinged" these remailers, I feel more confidant about chaining several of them together. Example of Several Hops: To: ebrandt at jarthur.claremont.edu :: Request-Remailing-To: hh at cicada.berkeley.edu :: Request-Remailing-To: elee7h5 at rosebud.ee.uh.edu :: Request-Remailing-To: final address This is a test message. Several hops. Even more remailer addresses could of course be included here. {this went through in just a few minutes} To use this yourself, replace the "final address" with your own address. You should get an "anonymous" or "nobody" message in just a few minutes. Naturally, you can vary the order of the remailers, use others, etc. Check out the list of remailers Karl Barrus publishes (and maybe it's even in the soda archives?) and "roll your own." Even use PGP with the sites that support it (and at least one of the sites *requires* PGP, last time I checked). If the last address is one of the mail-to-NetNews sites, you've just posted anonymously. Happy anonymous remailing! -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From peb at PROCASE.COM Tue May 25 17:41:46 1993 From: peb at PROCASE.COM (peb at PROCASE.COM) Date: Tue, 25 May 93 17:41:46 PDT Subject: Anonymity on the net Message-ID: <9305260041.AA15894@banff.procase.com> In case you missed it...Wall Street Journal of May 24, page B1 had an article by Wm. F. Buckley on Internet anonymous messages. The article was about some professor who wrote a program to erase anon messages automatically and how he got "shouted down" and withdrew his program (it only ran on his netnews site anyway). The analogy Buckley used was that of self-policing coffee houses where people doing anti-social things are shouted out by the crowd. I guess Buckley is into anon remailers (or at least their use as free speech devices) since he portrayed the guy wiping out anon messages as being anti-social. Paul E. Baclace peb at procase.com From hughes at soda.berkeley.edu Tue May 25 18:07:48 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Tue, 25 May 93 18:07:48 PDT Subject: Anonymity on the net In-Reply-To: <9305252319.AA26265@malibu.sfu.ca> Message-ID: <9305260104.AA20217@soda.berkeley.edu> >I know of several anonymous remailers: would it not be a good idea to >"link up" several of these hosts so that one mails the first >remailer, For the complete details about this system, please see the ftp site: soda.berkeley.edu::pub/cypherpunks/remailer There is complete source code to the cypherpunks remailer system, instructions for use, scripts to set up encrypted paths, etc. More generally speaking, if you have a question which you think might be a newbie question, please check the archive site first. For basic cryptography questions, the sci.crypt FAQ (Frequently Asked Questions) is available. The full remailer is available, as well as a fairly good collection of primary and secondary source documents on the government wiretap chips. Eric From norm at netcom.com Tue May 25 18:08:12 1993 From: norm at netcom.com (Norman Hardy) Date: Tue, 25 May 93 18:08:12 PDT Subject: Steganography Message-ID: <9305260108.AA22729@netcom3.netcom.com> Here is a pitfall to be avoided in Steganography using low bits of AD converter output. Such converters may be biased in their low bit. If you hid 2,000,000 bits in a digitized image you would probably get from 998,000 to 1,002,000 one bits if you took no precautions. A real digitizer might well be expected to produce more than 1,100,000 one bits or less than 900,000. Falling too close to 50% would be a clue that the data was not the yield of a AD converter. Stuffing a few percent of extra one bits according to a random number generator known to the receiver makes the data look more typical. There may be statictical dependencies with the next more significant bit as well. Some elementary statistics can be done on the yield of a real image scanner to examine this issue. From hughes at soda.berkeley.edu Tue May 25 18:43:54 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Tue, 25 May 93 18:43:54 PDT Subject: Anonymity on the net In-Reply-To: <9305260041.AA15894@banff.procase.com> Message-ID: <9305260140.AA22229@soda.berkeley.edu> >In case you missed it...Wall Street Journal of May 24, page B1 had an >article by Wm. F. Buckley on Internet anonymous messages. If someone will type this in, I'll add to to the rants/ directory on the archive. Eric From wcs at anchor.ho.att.com Tue May 25 19:04:18 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Tue, 25 May 93 19:04:18 PDT Subject: Steganography Message-ID: <9305260134.AA21012@anchor.ho.att.com> > Here is a pitfall to be avoided in Steganography using > low bits of AD converter output. Such converters may be biased > in their low bit. [...] Falling too close to 50% would be a clue that the data That's not too risky for graphics, since many scanned pictures aren't based on raw A/D converter output; they've been processed and squashed down to some smaller number of bits. A more serious concern is compressibility - a real image file is probably more compressible than a file with the low-order bit replaced by a crypto-bit, since the real data has moderate correlation and the crypto-bits are random. I doubt the Feds will immediately start looking to see if you're shipping GIF files that have significantly worse compression than average, but they'd probably find something if they did it. Bill Stewart From wcs at anchor.ho.att.com Tue May 25 19:10:51 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Tue, 25 May 93 19:10:51 PDT Subject: SIGINT and TEMPEST follies Message-ID: <9305260126.AA20182@anchor.ho.att.com> In cypherpunks, fergp at sytex.com (Paul Ferguson) replied to my article (elisions[...] added) > > [...] The precise standards are classified (some SECRET, some > > CONFIDENTIAL COMSEC), [...], but as long > > as you're not using classified information as your sources, you can > > do anything you want. [...] > I beg your pardon, but this is _not_ the case. TEMPEST requirements > are _not_ classified and are available for public scrutiny. (You > obviously do not know where to look.) Ok, there may be standards that aren't classified. (Good!) I was referring to NACSIM 5100, 5100A, 5203, and their friends; different generations of the documents are NACSEM rather than NACSIM. > > TEMPEST isn't particularly about transients or electromagnetic pulses, > > it's about overall electromagnetic emissions. > > You're trying to separate issues that are one and the same. With the > proper equipment, I can put you and an IBM Selectric (tm) typewriter > on a wooden raft in the middle of Lake Superior, monitor and realize > every keystroke that you make and you'd not be the wiser. This type > of monitoring is easily defeated by low yield TEMPEST requirements. > I've worked in this area, Bill, and have tested these _facts_. I > don't care how you care to word it, it _is_ transient > electromagnetic emissions. I'm not arguing about whether the stuff works, I believe that :-) VT100s and Brother electronic typewriters are two other classic emitters; I hadn't heard that the IBM was loud, but it's certainly a good target. The wording *is* relevant when you're discussing whether a proposed acronym is real or made-up-to-fit, and as I said, > > I never saw TEMPEST expanded as an acronym in any of the > > documents I read. and the proposed expansions are really stretching credibility, as were the quoted article's contentions that using TEMPEST protection was illegal. > I know the technical specifics of TEMPEST (it is an acronym, BTW) If it really is, it sounds like they made up the name TEMPEST first and stretched the words *real* hard to fit, since it's not really about EMP. > > In the case of the Crippler Chip, however, you knew it had a built-in > > wiretap when you bought it, which changes some of the reasonable > > expectations about privacy a bit. > This issue is one where I must disagree with you emphatically. > The majority of the American public don't even know about Clipper. Sure, but if you're a pro-government court trying to rationalize the behavior of government officials, as the courts have been doing lately, the fact that most Americans haven't read the White House Press Releases or the New York Times won't be given much respect - they've found a presumed lack of privacy in the use of cordless phones, and I'll bet you a floppy disk they'll find some excuse to support unauthorized wiretapping of Crippler* phones if the things become widespread. > Stop the Wiretap (Clipper/Capstone) Chip. Yeah. Actually, I won't mind much if government officials use the system when for their internal communications; it's presumably fairly secure, and makes it possible to subpoena "secure" conversations by government officials if we need to, though it does risk giving the NSA more power over the rest of the government if they've stolen the keys. Bill Stewart * Clipper is a trademark of Intergraph. From ld231782 at longs.lance.colostate.edu Tue May 25 20:22:55 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Tue, 25 May 93 20:22:55 PDT Subject: a reaction to Mycotronx intelligence data Message-ID: <9305260322.AA26827@longs.lance.colostate.edu> I'm disappointed at the *nonexistent* serious response to the Mycotronx postings on the list (I guess we do have some new algebraic formulas, though.) Apparently, these are just to hot for anyone to handle. I think these should be getting our utmost scrutiny as a group for tactical rewards. Are we at war or aren't we? So once again I have to do some dangerous limbwalking because all the other cyphersheep are clutching mommy's apron :). Okay, here goes. I'm sure there will be many inaccuracies but I think it is better here to be loud and wrong than to be silent and let it die with a whimper and nary a peep. I'd like to hear other reactions surely much superior to my own unauthoritative wanderings. I'll put in many questions; if anyone has insights into them please forward them to me and I will summarize (writing about each point to the list will probably take up too much traffic). * Also, if anyone can independently *verify* *any* of these pieces of information, please say so. * If you have access to databases that record relevant info from accounts listed and that kind of thing, and aren't at risk in doing so, please query them. * What about the people listed? Ever encountered them? * Interpretations of codenames and numbers especially of interest. * The possibilities for a little creative and ingenious `social engineering' (esp. with all the phone numbers in part 1) are absolutely unlimited for some really nervy cypherpunks, but I'm not going to encourage it... * Have there been any `repercussions' to the posting on cypherpunks? We need to know how afraid people are of us. Tighter security? Disconnected phone numbers? New code names? In sending me mail, please tell me if I can quote you or your address in the summary or just attribute it anonymously. Also, do not assume that email is secure. If a PGP key of mine will make the difference between your sending me email and not, I'll send it to you. * * * First of all, as a very preliminary opinion, it all looks believable and plausible. Ironically, there is almost too *much* information! The first document was forwarded anonymously to the list by nobody at alumni.cco.caltech.edu. Both documents contain some comments apparently inserted by the source, the first only at the beginning, the second at the beginning and in the middle. In the first a statement is quoted >the >government wants us to trust to keep the Clipper design >secret, don't know jack shit about security. this comment makes sense in the light of a later message that purportedly revealed the source of the data. The statement also refers to `general ledger' probably referring to the second posting. The second posting came forwarded anonymously from nobody at alumni.cco. The contributor talks of leaving out account numbers. Also made two comments on the employee bonuses. * * * In posting 1 we have a great deal of very critical information on people involved in the company, current projects, company contacts, amazingly detailed cost/finance records. We even know their bank and banker! NSA contacts listed! It's not clear that all these diverse records would be stored in one volume of information. They appear to be pasted together from various sources, with some continuity in places. A later posting also suggests the reason for this long-term `snapshot' of company activity at the highest level. The most critical `big-picture' elements of posting 1 are probably the companies mentioned. It paints a clear picture of Mycotronx as a sort of `middleman' in coordinating and contracting other companies to do chip fabrication and testing, apparently with the NSA as their sole customer. AT&T was paid $100K under `Capstone Financial Commitments.' The companies VLSI Tech (fabrication?) and Exatron (testing?) figure prominently. Technical documentation by ELITE. Most amazing is the list of employees and their occupations. If it is complete, then it is remarkable in the number of employees, 10. There is a wide range of occupations from engineer to secretary to president that suggests the list may be complete. Chips: posting 1 refers to MYK80 for testing. Many references to KG44B, with several hundred thousand dollars worth of deliveries to the NSA. KG-48B appears to still be in testing phases. Part of the `Outrunner' project. The `Outrunner' project figures very prominently, what is it? Maybe a specialized chip for Air Force security (appears to be cryptographic because of KG-46 `Tactical Decryptor'). Capstone shows up at the end under `Financial commitments'. It's not clear if Clipper is referenced anywhere. There are many product codes that may refer to it. * * * In posting 2 we have an incredibly detailed, perhaps complete, financial ledger for the company listing everything from employee costs to office supplies. An accountant would probably find it much more readable than me. Because of the probable single source, the information is more focused (into financial categories) than that in posting 1. There are three columns in each series, beginning balance, debits, and credits, supposedly for first four months of 93. Series are probably some Federal or IRS categories for reporting. It is organized into `series' with 1000 recording various brokerage agencies. This may reflect that employees have stock options in the company. Other entries are customer and employee accounts receivable. 2000 series records employee benefits with `accued bonuses' of $341K for the period (given 10 employees, this could be astronomical for someone). Payroll is $343K for the period -- bonuses are as much as salaries. These are very high numbers for 10 employees. Probably the `upper echelon' of a few is making six figure salaries. 3000 series lists more stock. 4000 series lists sales of $2.5M for the 4 month period. 5000 lists consultant fees at $47K, subcontracts at $932K debited and $110K credited. Direct labor for Engineering came to 186K, Technician 93K, Administrative 37K. 6000 lists a lot of different categories (miscellaneous) mostly debits. 7000 series lists another `special bonus' $132K debit, $123. Net money debited and credited at the end of the statement is given as $12.5M for the four month period. Finally the source lists some `outstanding VLSI purchase orders'. It is not clear if these are owed to Mycotronx or Mycotronx owes someone else, but in the first posting the same figure $100K is mentioned for AT&T under `Capstone Financial Commitments', so these are probably payments by Mycotronx. In this document we see that `Compass' is software, a total of $160K. Motorola $76K, VLSI Tech (for the Capstone project) $212K. Myk78 (Clipper?) figures prominently with VLSI Tech: $66K, fix $68K, 78A prototype $11K, 78A production $220K. Also Myk 80 #1 and #2 $48K and $33K, and Myk82 and Myk 79 (80K and 79K). VLSI Tech `Expoteniator' (sic?) $163K. The exponentiator might be a general purpose digital exponentiator suitable for integration with many cryptographic techniques (Diffie Hellman, RSA, etc.) * * * Battle plan: *If* Mykotronx is to be harassed, the things that might be useful to focus on are the large bonuses. Where is all that cold cash going? If it ended up in the hands of a few (or even one) it would not be good PR, to say the least. Also, Mykotronx is clearly heavily dependent on VLSI Tech, and the company does not appear to sell to anyone other than the NSA currently. So those are the jugular veins, so to speak. I suppose if we were really extremists, like animal rights activists, we might individually harass members of the company. I don't encourage anyone to do this unless they do something to provoke it. However, a little friendly getting-to-know 'em type interaction might be interesting and help make sense of our current horde or glean other information. In particular, if anyone in the company feels (shall we say) undercompensated that could be another Achilles heel after they hear how much bonuses are coming out (bonus? I haven't heard about any bonuses! You heard of any bonuses?) Following is the mostly raw undistilled stuff. As noted, please comment on *anything* to me personally in email, and I'll try to organize, compile, and make sense of it all. Special thanks to the `anonymous' individual who was willing to risk potentially severe repercussions to bring the outrageous secrecy concerning the chip to glaring lighted public exposure and those who went out of their way to help `him'. Hey, even though this person could greatly benefit from Introductory Espionage 101 we love you anyway. You'll probably be the main character when Cypherpunks get their own sitcom or Monday Night Movie... posting 1 ======== * address, phone, FAQ of company * bank that holds company account(s)? Shearson Lehman Brothers. Acct #509 24261 12011. * Fed Ex Acct #1122-7492-8 * List of employees names and occupations. There are 10 employees listed. >Bob Gottfried, CEO >Leonard J. Baker, President >Ralph O' Connell, aka "The Father of COMSEC", NSA Lobbyist >Mike Furusawa, Space COMSEC Manager >Patti Linahan, Executive Secretary >Kikuo Ogawa, Buyer >R. Todd, W. Greenfield, KG-44B (Outrunner) Project >John C. Droge, Personnel >Bob Todd, Manufacturing Manager >Landy Riley, Engineering * Has anyone heard of an `NSA lobbyist'? This is very interesting. Later O'Connell is listed as `NSA Contact'. * Also, `COMSEC manager'? * `Buyer' of what? All major parts? * What about the code KG-44B Outrunner project? Under `Principle NSA Technical Contact' we have the NSA address (`Maryland Procurement Office) and code >Attn: N244 (CEB) (MDA904-92-G-0354/J.O. 5001) * Code names: what are these? People involved are clues. We already know KG-48B is also `Outrunner' and 48B and 46 are related somehow. * 46 is a `Tactical decryptor unit' -- sounds like a military application. Involvement of Air Force agents confirms it. * What is `Computer Systems Command'? That would really nail it, probably. * Capstone is being built by Mycotronx, right? It's likely Clipper and Capstone are also named KG-?. I don't think KG-46 and 48B are Clipper and Capstone due to the `tactical' Air Force involvement. Also, Clipper is MYK78, right? >KG-46 Tactical Decryptor Unit and >KG-48B Outrunner Provisioning Conference participants: >Robert Todd, Mykotronx >Bill Greenfield, Mykotronx >G. Burgio, NSA >J. Gochnour, NSA >J. Wimpy, Air Force Computer Systems Command >S. Solis, Air Force Computer Systems Command >To Be Discussed at meeting May 18 & 19, 1993 * This is an amazing piece of intelligence. These meetings were scheduled *after* this posting appeared for us. I think there are a lot of NSA agents having nightmares right now. * It is not clear, but it may be that `Outrunner Project Milestone Payments' were the subject of the May 18,19 meetings. (What is a `milestone payment'? Is that an NSA term? Military?) The meeting was very likely on Outrunner given the rest of the information. * The dates for payments are 2/14/92 (Preliminary Studies) to 5/13/93 (Deliver 4 KG-44B to NSA). What is a known project under those dates? * Most categories refer to chip design with terms like VLSI and `complete fab' and `complete tests', `crypto verif'. Also, is VLSI a company? * Entires 11a,11b,13-17 are deliveries to the NSA, batches of 44B. What is chip 44B? Very important. No deliveries of 48B to NSA listed. Since this is in the `outrunner' categories we now know that KG48B, 44B, 46 are all related. Also, the KG number appears to be some parameter on the device code. * What are these keywords: `Complete PDR' (preliminary design review?) `Complete CDR' (concluding design review?) `SFA review VLSI'? Next sounds like a `Invoice' for KG-44LSI. Mykotronx P/N M20/00301XXX KG44 VLSI Procurement to >United Technologies Microelectronics Center >Colorodo Springs, CO 80907 Can't spell! The part I like is ``Secret item handling''. The invoice is fairly small, refers to Group B and Group C testing (?). Also a statement `export of this product is controlled by U.S. Disclosure of related technical data to foreign nationals without the appropriate export license is prohibited by law.' Test plan for MYK-80: Work for Exatron. MYK-80. 176 pin TQFP might pinpoint the chip. IMS tester? Installation of PET (Positron Electron Tomography? Like a microscope?) `handlers' at Mykotronx. Training & Manuals (for MYK-80?) subcontracted to ELITE Technical Corp (Redondo Beach, CA). `Capstone financial commitments' * ``Basic VII Cap VLSI 10'' $212,000. Sun 1 yr maintenance warranty. `Compass' $160K? IKOS System. ELITE Tech. Corp. Plotter. SJ (1) and (2), $71k and $76k. * AT&T, $100K (?) What is Mycotronx *paying* AT&T 100K for Capstone? * Another `Compass' $110K. VLSI Tech $30K and $163K. VLSI Tech Capstone TQFP $10K. Hm, both VSLI Tech. and Exatron do TQFP. * VLSI Tech Exponeniator Tamper System $163K? * $225K for `Litronics'? posting 2 ======== >Acct Descr Beg Bal Debits Credits >Shearson Lehman 286,511 2,620,096 2,670,822 > >Paine Webber 95,602 868 0 > >Dean Whitter 55,391 484 0 > >Petty Cash 3,000 0 0 * Why is so much stock being traded? What is it for? Employee bonuses? Ownership of child companies? >Raw inventory 172,252 0 76,064 * not much, although what is it in? reconfirms picture as just an intermediate company, almost just a `reseller'. >Accrued payroll 25,637CR 343,682 318,045 >Accrued bonuses 214,040 341,240 127,200 * how does this break down among employees? >Common Stock 169,320 0 61,435 > >Capital disbursement 916,675 222,230 0 > >Retd Earnings, begng 2,385,020CR 0 0 * more stock. What does it mean? Retd? disbursement? >Subcontracts 0 932,210 110,419 * almost $1M debit for 4 months. Most of the action is here. >Materials/parts 0 186,252 22,423 * for what? >Direct labor-Engnrg 0 240,341 54,172 > >Direct labor-Technician 0 129,839 37,459 > >Direct labor-Adminst 0 47,542 10,081 * why are these in a different category than employee costs? What's the difference? >Special Bonus 0 132,200 123,200 * Comes out to $9K. What does it mean? >G&A Labor 0 103,4520 0 * G&A means? 100K is fairly large; more than consulting fees for example. From ld231782 at longs.lance.colostate.edu Tue May 25 20:23:03 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Tue, 25 May 93 20:23:03 PDT Subject: RSA in CMOS? Message-ID: <9305260322.AA26830@longs.lance.colostate.edu> Many people have been talking about cryptographic applications in hardware on the list. I suspect these will be largely untapped until a chip that does general-purpose RSA encryption comes along. There are many DES implementations that could be integrated with such a chip and then worked into computer cards, telephones, cryptography kits, etc. Does anyone know of the existence of an RSA chip? To the best of my knowledge they do not exist. Are there any plans for an RSA chip? The chip would ideally *not* be constrained to work with DES, or at least the DES encryption would be an option in addition to just pure RSA encryption of arbitrary data, for reasons of potential insecurity in DES and emergence of other superior algorithms (which upon appearance would not automatically make a general-purpose chip obsolete). From ld231782 at longs.lance.colostate.edu Tue May 25 20:23:12 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Tue, 25 May 93 20:23:12 PDT Subject: PGP-RSAREF rumors Message-ID: <9305260323.AA26837@longs.lance.colostate.edu> Nothing has appeared on this list on this subject since the initial flurry sparked by PGP-RSAREF negotiations. I thought I would just post a few short comments based on inside sources and speculations for all the cypherpunks waiting on the edge of their consoles to hear some word. In no way should this be construed to be representative of positions on either side. I just hope to give members a little current insight and encouraging glimpse, but also show how the difficulties involved in the negotiations mean this is not as simple as Bidzos and Zimmerman shaking hands without snarling (although that's certainly part of it). A rather serious obstacle to RSAREF integration into PGP is that the RSAREF routines only `ostensibly' allow RSA encryption of DES session keys. For novices on the list, the background for this is that RSA is too slow to use to encode an entire message, so that one uses RSA to encode a randomly generated key for each session (hence the name) that is contained in the transmission. The remainder of the transmission includes the message encrypted under the private-key algorithm (e.g. DES) with the generated session key. Since the key is shorter than the message and the private-key algorithm faster than the public-key approach, this scheme results in a net gain of speed, but with security only `as strong' as the private key algorithm. Because of suspected weaknesses in DES, Zimmerman chose to use the Swiss IDEA algorithm for the session keys, and for obvious reasons prefers to continue to do so. However, the RSAREF routines have a `published interface' that only permits the system using a DES key. There are `low level' routines that do pure unadulterated RSA encryption of arbitrary data, crucial to PGP functions, but by the terms of the license the programmer is *not* allowed to call them! The reason for this restriction is presumably that a high-degree of backward-compatibility is required of the library, so that a strict adherence to use through `official' entry points must be preserved. However, this `hamstring connected' means that by no stretch of the imagination can RSAREF be considered a `general purpose RSA cryptography library' (in fact, it appears to be designed solely for meeting the PEM standard). It also means that the cryptographic security of RSAREF is quite curiously limited to that of DES. Rumor has it that Mark Riordan got permission to put in triple DES into RSAREF for RIPEM but so far it is unclear if Zimmerman and Bidzos can/will/have hammer(d) out something that allows the current PGP IDEA cipher. The backward compatibility of all previous PGP versions, and ultimately the integration of RSAREF into PGP, is at stake. Rumor has it that even Rivest (the R in RSA!) may be helping forge something favorable to everyone. Another complication of RSAREF that most on this list are probably familiar with is that it is not permitted to be used outside the U.S. Hence parallel versions of PGP must be maintained even if RSAREF would allow an IDEA implementation. One other complication is that Mr. Zimmerman, while apparently never directly profiting from PGP use, has before publicly `reserved the right' to attempt to gain some kind of compensation for his Herculean efforts on PGP, for which he has `a life sentence' and finds that it takes major amounts of his time and commitment, although he is also firm in his promise to keep it free. Of course, the position is not wholly compatible with RSA interests. Finally, I hear that negotiations are on pause while currently Mr. Zimmerman is in the middle of his May 19 - Jun 9 `PRZ EuroCrypt Tour' and is meeting PGP fanatics, groupies, and developers all over Europe! In fact, here's an excerpt from a message that made the rounds among some PGP contributors: >From 27 May until maybe 30 May, more or less, I'll be traveling >by train from Bergan, Norway, through Oslo, then on down to Copenhagen, >down to Hamburg, and over to Amsterdam. I'll be stopping along the way to >see some sights, having never been to Europe before. > >From 30(?) May til 6 June, I'll be hanging around Amsterdam and the >surrounding area, to see some things from something other than a train seat. > >From 6 June to 9 June, I'll be in Washington DC, giving a talk at the >7 June CPSR conference in DC. Then I'm going home. > >If any of you want to pass this on to the PGP fans in Europe, who are >fanatical enough to meet me over there in my travels, feel free. If I >play my cards right, I'll never have to buy lunch while I'm in Europe. Maybe with enough encouragement and hospitality he'll make it through the subsequent negotiations without strangling anyone or being strangled :) (You may be able to reach PRZ at prz at acm.org.) From fergp at sytex.com Tue May 25 20:47:08 1993 From: fergp at sytex.com (Paul Ferguson) Date: Tue, 25 May 93 20:47:08 PDT Subject: Just the facts, ma'am. Message-ID: <9qX54B2w165w@sytex.com> Okay, folks. Let's bring this into focus. I don't like unfounded allegations, especially when they are involving my own communications providers, but let's let the truth be known. I'd like to summarize to the list several trains of thought and track this down to a reliable source. If, in fact, a UUNet operator/provider has, indeed, stated that this has been common practice, I think that it may behoove them to own-up to these allegations. Before I do confront the UUNet staff, however, I must get the allegations correct, and I therefore rely on you crypto-rebels to provide them for me. Please. In my original message I stated: >From: uunet!sytex.com!fergp (Paul Ferguson) Message-Id: Date: Tue, 25 May 93 16:30:06 EDT Organization: Sytex Communications, Inc On Tue, 25 May 1993 14:56:48 -0400, andrew m. boardman wrote - > Food for thought: that, at least as of recently, the NSA bought > weekly dumps of all usenet articles on tape. I highly doubt they > were for their reading pleasure... Is this hearsay, innuendo or fact? If fact, what can you site as reference to support your statement? If you know this to be fact, please cite your references and provide as much detail as possible. Cheers. - -- In subsequent posts, we received these replies. (I'd like to have additional affidavits, if necessary. If you do not care to get involved, fine. If you care, please re-affirm.) From: > Date: Tue, 25 May 1993 17:11:22 -0400 > From: Marc Horowitz >> Is this hearsay, innuendo or fact? If fact, what can you site as >> reference to support your statement? If you know this to be fact, >> please cite your references and provide as much detail as possible. > Rick Adams of UUNET confirmed on the com-priv list that his > organization had been selling the FBI a usenet feed on tape. I could > find the exact reference if you want. I don't know for sure that the > NSA has a feed, or from whom, but it wouldn't surprise me. I would like. Specifically, an e-mail address other than "postmaster." The point is this, Marc: Those of us who subscribe to UUNet through third party services have no idea that our communications may be recorded or archived for intelligence purposes (I know, but that's beside the point). If UUNet _is_ doing this without a broad policy statement, then I think a change is in order. Also, (and I do not implicitly imply that UUNet is responsible), I've had some very interesting problems passing encrypted traffic. For some strange reason, it just disappears. Fancy that. Should I question that? You bet. And I shall. I, and my comm provider, pays in good faith for our Internet services. We are protected under Law, and as far I know, UUNet does not expressly forbid encrypted _private_ communications. But, it happens. They just disappear sometimes. Go figure. > However, the obvious next point is, so what? It's a public system. > Any idiot can pay $20/month and get a public access account. If you > say something in a news post which you wouldn't want the FBI or NSA or > whoever to see, you're the person who has done something stupid. I beg your pardon. Since when does stupidity become a prerequisite for privacy rights violations? I'm not talking about Usenet or List posts, Marc, but private e-mail. > Tapping a news feed isn't like tapping a phone line. It's more like > turning on the television. Of course it is. This is not an issue. > Date: Tue, 25 May 1993 17:26:58 -0400 > From: andrew m. boardman > This was based on a verbal conversation at Interop with someone from > uunet, from whom the tapes are purchased. I or they could be > mis[led|informed|remembering], but if you really care, ask uunet. Thank you for your insights. I will ask UUNet, but I'm beginning to wonder if other local comm providers practice the same deceptions. Does anyone have any experiences with digex.com that they would like to share? If so, it would aid in our attempts to bring these unknown anomalies to light. I don't like spending money to have my private e-mail compromised. > Date: Tue, 25 May 93 18:28:31 EDT > From: Matt Blaze > Actually, the most alarming revelation here could be that someone at > uunet is going around casually disclosing information about their > customers. Actually, I find this possibility both extremely disturbing, yet possible. I don't wish that this what we will find out; I hope that legal inquiries will not be necessary. However, if information concerning these topics is not divulged voluntarily, then we must take legal action to bring this to the surface. > Most communications companies, especially those that seek to be > regarded as "common carriers", make quite clear to their employees > that customer data are among their most proprietary and that > revealing any of it is grounds for lightning-speed dismissal. > (Obviously, they reveal data that they SELL about their customers, > and will disclose anything on a court order, but that's not > what we're talking about here). Indeed, we are not speaking of the dissemination of USENet or List information, but rather private e-mail. > Date: Tue, 25 May 1993 19:13:37 -0400 > From: andrew m. boardman > Having just spoken to someone who contracts at the NSA (and no, > this name I will not post), he does not believe they get such a > beast, although, as many people have pointed out, the FBI did. > That, then, would be the origin of that, along with some TLA > confusion. I'd have to be presented with factual documentation to actually believe that. > A lot of people perceive the government as having neither a right > nor a need to privacy. Certainly there are also quite a few who > label themselves "privacy advocates" whose standards do a 180 > when the privacy involved is that of the likes of Mykotronx... Funny how that works, huh? The dumpster divers band together when t comes to stuff like that, from what I'm told. Cheers Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From nowhere at bsu-cs.bsu.edu Tue May 25 20:47:09 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Tue, 25 May 93 20:47:09 PDT Subject: No Subject Message-ID: <9305260350.AA27590@bsu-cs.bsu.edu> On Tue, 25 May 93 21:26:20 EDT, Bill_Stewart wrote - [ ... referring to earlier discussions on TEMPEST, ELINT and COMINT topics] > I'm not arguing about whether the stuff works, I believe that :-) It does, and I can expand further in subsequent paragraphs. > VT100s and Brother electronic typewriters are two other classic > emitters; I hadn't heard that the IBM was loud, but it's > certainly a good target. He used a very simplistic example, one which is electro-mechanical, as another list participant already pointed out. The same ELINT potential eavesdropping techniques exist, which range from keyboard monitoring (passive and active) to synchronic monitoring of "visual displays," which by all rights, parallels the electronic equivalent of monitoring your "visual" data; what is written to your visual display. > The wording *is* relevant when you're discussing whether a proposed > acronym is real or made-up-to-fit, and as I said, > > I never saw TEMPEST expanded as an acronym in any of the > > documents I read. > and the proposed expansions are really stretching credibility, > as were the quoted article's contentions that using TEMPEST protection > was illegal. TEMPEST was/is a specification that was written/developed to safeguard classified communications which were transmitted electronically, and rightly so. Digital Cryptanalysis is easy to record, measure and study; emissions are emissions. Its a well known fact that INT agencies were/are active in monitoring secure communications _recording_ for years, simply on the basis that the keys would be eventually compromised. The technical specifications of TEMPEST implementations on _SECURE_ systems are classified, likewise, the tempest requirements on confidential and FOUO (For Official Use Only) communications are less classified, at least to the level of their traffic. This was/is done in anticipation of secure, captured traffic analysis being eventually compromised. I have reason to believe that this exactly the tactics being mined now by the FBI/NIST/NSA. (whoops, slap my wrist) Traffic analysis is a dangerous concept when used in the wrong context, especially in a big brother capacity. Additionally (no classified information divulged here!), both the US INT agencies and the KGB sponsored intelligence agencies, recorded _all_ intercepted communications regardless of cryptographic tolerance, eventually under the guise that they would be compromised. This idealism alluded to the fact that compromised keys could be used to analyze past communications and provide information on future strategies. > *Clipper is a trademark of Intergraph. Oh, don't be silly. Uncle Sugar has already "officially" re-dubbed the chip the "Key Escrow" Chip. Silly, isn't it? Our Government is cheating us. Something needs to be done. Who's going to do it? Personally, I'm going to take fergp's suggestion and "question the powers that be." If any of you have a conscious, I'd suggest doing the same. To Eric Raymond: Include info on anon remailers and why they are important. Tell 'em "nobody" sent you. ;-) Quis Custodiet Ipsos Custodes? From honey at citi.umich.edu Tue May 25 20:58:09 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 25 May 93 20:58:09 PDT Subject: Steganography In-Reply-To: <9305260134.AA21012@anchor.ho.att.com> Message-ID: <9305260358.AA07063@toad.com> > A more serious concern is compressibility - > a real image file is probably more compressible than a file with the > low-order bit replaced by a crypto-bit, since the real data has moderate > correlation and the crypto-bits are random. I doubt the Feds will immediately > start looking to see if you're shipping GIF files that have significantly > worse compression than average, but they'd probably find something if they did it. how many bits are we talking about here? suppose it's two in sixteen. 7/8 of the compressible bits remain. so if the normal compressibility is 2:1, taking two out of sixteen bits would leave 1.75:1 compression. is that a "notable" difference? i haven't been paying close enough attention -- is two out of sixteen a realistic amount? it seems high to me. if it's one out of sixteen, the effect is only a 6.25% reduction in compression. is that notable? peter From wixer!wixer.bga.com!meyer at cactus.org Tue May 25 21:14:20 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Tue, 25 May 93 21:14:20 PDT Subject: AT&T Message-ID: <9305260406.AA02988@wixer> I recently switched my long distance carrier from AT&T to another, since they bribed me to do so with an offer of $35. Tonight a lady from AT&T called to ask why I switched. "They bribed me," I said. I said that I also had a problem with AT&T's support of the Clipper (or Wiretap) Chip. She had never heard of this, but I said to write this down on her report so that some higher-up in AT&T would get the message. She then offered to pay me $50 to switch back to AT&T. I thought, if I keep switching, and they keep upping the amount, eventually I can pay my rent this way. But no. I said: As long as AT&T supports the Clipper Chip I'll never return to AT&T! Ah, the pleasure of occupying the moral high ground. (Now, if they'd offered $500 ...) From hughes at soda.berkeley.edu Tue May 25 21:14:46 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Tue, 25 May 93 21:14:46 PDT Subject: RSA in CMOS? In-Reply-To: <9305260322.AA26830@longs.lance.colostate.edu> Message-ID: <9305260411.AA29308@soda.berkeley.edu> >Does anyone know of the existence of an RSA chip? To the best of my >knowledge they do not exist. Cylink makes one, as well as Mykotronx. I don't have data sheets here, but the Cylink chips are a fairly old design, do modular exponentiation, multiplication, and addition. One is 512 bits wide (roughly), the other is 1024; these sizes are inexact--the actual width differ by a few bits. They run at 16 Mhz (or at least one of them does). They're implemented in an old design process; just reimplementing them in .8 micron could speed them up a lot. They've been out for a few years. The design is patented; I've read the patent, and there are plenty of other ways to do the calculations. The Mytronx chip, the MYK-80, has a full modular exponentiator on it, as well as SkipJack. The other name of the chip is Capstone. It's not yet shipping. I take it, though, that this is unsuitable. There are also at least four commercial announcements of European exponentiator chips that I have seen, as well as some academic work which is going to silicon in Britain. There's no shortage of the chips, just the will to deploy them and the market awareness for the need for them. Eric From hughes at soda.berkeley.edu Tue May 25 21:26:45 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Tue, 25 May 93 21:26:45 PDT Subject: VinCrypt In-Reply-To: <9305252040.AA15879@banff.procase.com> Message-ID: <9305260423.AA29839@soda.berkeley.edu> Re: vincrypt package blatherings Can someone post the addresses of this company so that product literature might be ordered? I'm tempted to do a consumer education article exposing the danger of secret and unreviewed ciphers, non-trustable encryption packages, etc. It looks like these folks are prime candidates. Eric From miron at extropia.wimsey.com Tue May 25 22:09:24 1993 From: miron at extropia.wimsey.com (Miron Cuperman) Date: Tue, 25 May 93 22:09:24 PDT Subject: Encrypted UNIX "talk" available Message-ID: <199305260407.AA16052@xtropia> Last revised Tue May 25 21:05:50 PDT 1993. What is YTalk? ============== YTalk is a multi-user drop-in replacement for the UNIX "talk" program. I have added encryption facilities to it, including private key and PGP authentication. Features ======== - Multi user capabilities. - Drop in replacement for /usr/ucb/talk. - Diffie-Hellman exponential key exchange for session keys. - IDEA encryption in CFB mode. - Password authentication. - PGP authentication. - Logging of conversations to a file. Known bugs and misfeatures ========================== - No security the first time you use it, until the random seed file is created (around 300 keystrokes). - Some problems with the talk daemons on Ultrix and SCO-Unix. - Port to Alpha (64bit) incomplete. Availability ============ Version 2.1 Ftp: soda.berkeley.edu:/pub/cypherpunks/applications Bug reporting ============= All bugs to miron at extropia.wimsey.com. -- Miron Cuperman | NeXTmail/Mime ok Unix/C++/DSP, consulting/contracting | Public key avail AMIX: MCuperman | Laissez faire, laissez passer. Le monde va de lui meme. From mdiehl at triton.unm.edu Tue May 25 22:33:31 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Tue, 25 May 93 22:33:31 PDT Subject: VinCrypt In-Reply-To: <9305260423.AA29839@soda.berkeley.edu> Message-ID: <9305260533.AA12486@triton.unm.edu> > Re: vincrypt package blatherings > Can someone post the addresses of this company so that product > literature might be ordered? > I'm tempted to do a consumer education article exposing the danger of > secret and unreviewed ciphers, non-trustable encryption packages, etc. > It looks like these folks are prime candidates. Don't just be tempted! Do it! It's your patriotic duty...or some such nonsense. Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl at triton.unm.edu | But, I was mistaken. |available| | mike.diehl at fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From Z3KPW at ttacs1.ttu.edu Tue May 25 22:46:53 1993 From: Z3KPW at ttacs1.ttu.edu (Z3KPW at ttacs1.ttu.edu) Date: Tue, 25 May 93 22:46:53 PDT Subject: VinCrypt Message-ID: <01GYM1VTYBEG8Y629U@ttacs1.ttu.edu> Hey, an older version of VinCrypt has been out and freely distributable for months. It's a Video Vindicator release, so you could get it from a VV site like Demon Roach Underground BBS or the cDc ftp site (zero.cypher.com) if you wanted to take a look at an old version. From stig at netcom.com Tue May 25 23:45:43 1993 From: stig at netcom.com (Stig) Date: Tue, 25 May 93 23:45:43 PDT Subject: PGP: Environment protection for UNIX Message-ID: <9305260645.AA14381@netcom.netcom.com> I wrote: > > > main (int argn, char **argv, char **envv) > { > for ( ; *envv ; ++envv) { > if (!strncmp(*envv,"PGP",3)) { > char *c=*envv; > while (*c) *c++=' '; > } /* end of if */ > } /* end of for */ > system("printenv"); > sleep(10); > } > And I should've enclosed it in #ifdef STUPID ... #endif. I misread the putenv(3) man page and didn't realize that you could just use putenv("PGPPATH="); putenv("PGPPASS="); To wipe those variables out of your environment... They still might get caught by a 'ps -eaxuww' but chances are slim. Is it posible to alter your arguments so they're not visible to 'ps -auxww'? Well as a matter of fact, it does seems to work on my sparcstation: main (int argn, char **argv, char **envv) { system("ps -uww"); for (;*argv;++argv) { while (**argv) { *(*argv)++ = ' '; } /* end of while */ } /* end of for */ puts("--------------------------------"); system("ps -uww"); } Not elegant, but that's what makes it a GLP (grungy little program). So, is there a more elegant way to do this? How portable is it? Finally, of how much use is it? Stig /* Jonathan Stigelman, Stig at netcom.com, PGP public key on request */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From mdiehl at triton.unm.edu Wed May 26 00:07:48 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 26 May 93 00:07:48 PDT Subject: PGP: Environment protection for UNIX In-Reply-To: <9305260645.AA14381@netcom.netcom.com> Message-ID: <9305260707.AA15163@triton.unm.edu> > I wrote: > > main (int argn, char **argv, char **envv) > > { > > for ( ; *envv ; ++envv) { > > if (!strncmp(*envv,"PGP",3)) { > > char *c=*envv; > > while (*c) *c++=' '; > > } /* end of if */ > > } /* end of for */ > > system("printenv"); > > sleep(10); > > } > And I should've enclosed it in #ifdef STUPID ... #endif. I misread > the putenv(3) man page and didn't realize that you could just use > > putenv("PGPPATH="); > putenv("PGPPASS="); > > To wipe those variables out of your environment... They still might > get caught by a 'ps -eaxuww' but chances are slim. Is it posible to > alter your arguments so they're not visible to 'ps -auxww'? Well, I like this one. It lets you put little messages in place of argv[0]. #include char buff[100]; int esc = 27; void main(int argc, char *argv[]) { puts("Enter message.\n"); scanf("%s", buff); execl("/nfs/dorado/unsup/bin/ftp", buff, NULL); } +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl at triton.unm.edu | But, I was mistaken. |available| | mike.diehl at fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From stig at netcom.com Wed May 26 00:55:28 1993 From: stig at netcom.com (Stig) Date: Wed, 26 May 93 00:55:28 PDT Subject: PGP: Environment protection for UNIX In-Reply-To: Message-ID: <9305260755.AA18959@netcom.netcom.com> On May 26, 1:07am, J. Michael Diehl wrote: > Well, I like this one. It lets you put little messages in place of argv[0]. > > #include > > char buff[100]; > int esc = 27; > > void main(int argc, char *argv[]) > { > puts("Enter message.\n"); > scanf("%s", buff); > execl("/nfs/dorado/unsup/bin/ftp", buff, NULL); > } > Yeah, I like that too... 'cept if you need to pass args, it doesn't provide a covert channel. I confess to not having read my PGP manuals yet, but is there an interactive mode to PGP? If there WERE (hint), then it could be run as a subprocess of emacs or a mail program and thus be a) more convenient and b) the whole hub-bub about people snooping your environment would be a non-issue. Stig /* Jonathan Stigelman, Stig at netcom.com, PGP public key on request */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From wixer!wixer.bga.com!meyer at cactus.org Wed May 26 01:11:08 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Wed, 26 May 93 01:11:08 PDT Subject: Funny bounce Message-ID: <9305260718.AA20903@wixer> My previous message to cypherpunks, the one which had subject heading "AT&T" and which began: "I recently switched my long distance carrier from AT&T to another, since they bribed me to do so with an offer of $35." seemed to be posted OK (it apparently came back to me as expected) but I also got this funny bounce message: >From attmail.com!uucp at cactus.org Tue May 25 23:37:59 1993 >Received: by wixer (5.65/1.35) > id AA10857; Wed, 26 May 93 00:16:57 -0500 >From: attmail.com!uucp at cactus.org >Received: from att.att.com by cactus.org (4.1/SMI-4.1) > id AA17609; Tue, 25 May 93 23:37:59 CDT >Message-Id: <9305260437.AA17609 at cactus.org> >Date: 25 May 93 20:30:47 GMT >To: wixer!wixer.bga.com!meyer at cactus.org >Report-Version: 2 >Received: by /C=US/AD=ATTMAIL;Wed May 26 04:28:34 -0000 1993 >Received: by /C=US/AD=ATTMAIL/PD=DCA;Tue May 25 20:30:47 GMT 1993 >Confirming-Mts-Message-Id: >Confirming-Ua-Content-Id: >Original-Date: Wed May 26 04:27:53 GMT 1993 >Not-Delivered-To: mhs!dca/G=bryan/S=petty/OU=dcaicc due to 01 Invalid Address Specification >Content-Type: message >Status: RO > >Message-Version: 2 >From: internet!cactus.org!wixer!wixer.bga.com!meyer/S=meyer >UA-Content-ID: >End-of-Header: >EMail-Version: 2 >Subject: AT&T >UA-Message-ID: >To: internet!cactus.org!wixer!wixer.bga.com!internet!toad.com!cypherpunks >End-of-Protocol: >Content-Type: text >Content-Length: 755 > >I recently switched my long distance carrier from AT&T to another, >since they bribed me to do so with an offer of $35. > >[Rest of message deleted - PM.] This seems odd. What's going on? Do all messages with "AT&T" in the subject line get siphoned off somewhere for review? Did this one generate a bounce message because the account of Bryan Petty, AT&T spy, wasn't receiving tonight? OK, I'm just paranoid. (Paranoia - that's your state of mind when you finally realize what's really going on.) From wixer!wixer.bga.com!meyer at cactus.org Wed May 26 01:24:53 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Wed, 26 May 93 01:24:53 PDT Subject: Request for proposals Message-ID: <9305260817.AA18988@wixer> We've just released new versions of Dolphin Encrypt and Dolphin Encrypt Advanced Version, and have a few of the older manuals left over (almost the same as the new ones). If you'care to propose writing a review of this encryption software (to appear where?) and you're not obviously a government spy, then send me a message and I'll probably allow myself to be persuaded to send you a complimentary review copy (older manuals, but newest version of the software). You'll have to agree to allow your email address to be given to the other recipients of complimentary copies so that you have the opportunity to exchange email among yourselves encrypted using Dolphin Encrypt. Offer good while supplies last. Offer void whererohibited. From uunet!attmail.com!uucpinternet!sytex.com!fergp/G=Paul/S=Ferguson Wed May 26 00:18:00 1993 From: uunet!attmail.com!uucpinternet!sytex.com!fergp/G=Paul/S=Ferguson (uunet!attmail.com!uucpinternet!sytex.com!fergp/G=Paul/S=Ferguson) Date: Wed, 26 May 93 03:18 EDT Subject: Just the facts, ma'am. Message-ID: <9305260417.AA03910@relay2.UU.NET> message From pfarrell at cs.gmu.edu Wed May 26 05:33:08 1993 From: pfarrell at cs.gmu.edu (Pat Farrell) Date: Wed, 26 May 93 05:33:08 PDT Subject: Mike's bummer moving adventure Message-ID: <30838.pfarrell@cs.gmu.edu> This is a bit off topic, please excuse the list bandwidth... Today's (5/26/93) Washington Post has a story on page 1 of the Style section about net-lawyer and occasional cypherpunk poster Mike Godwin (mneumonic at eff.org). Seems that Mike just moved from Cambridge to Washington DC, and the moving truck that had all his stuff caught fire and burned. He lost "90%" of his stuff, books, clothes, records, family photos, etc. Serious bummer. The article says that he went onto the WELL and the electronic community offered to help replace some of his books, etc. A word or two from our community might help raise his spirits. Pat Pat Farrell Grad Student pfarrell at cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From jthomas at kolanut.mitre.org Wed May 26 06:15:32 1993 From: jthomas at kolanut.mitre.org (Joe Thomas) Date: Wed, 26 May 93 06:15:32 PDT Subject: Just the facts, ma'am. Message-ID: <9305261314.AA07134@kolanut> Paul Ferguson writes: > Okay, folks. Let's bring this into focus. > > I don't like unfounded allegations, especially when they are involving > my own communications providers, but let's let the truth be known. I'd > like to summarize to the list several trains of thought and track this > down to a reliable source. If, in fact, a UUNet operator/provider has, > indeed, stated that this has been common practice, I think that it may > behoove them to own-up to these allegations. Before I do confront the > UUNet staff, however, I must get the allegations correct, and I > therefore rely on you crypto-rebels to provide them for me. Please. > > [summary deleted] > > Thank you for your insights. I will ask UUNet, but I'm beginning to > wonder if other local comm providers practice the same deceptions. > Does anyone have any experiences with digex.com that they would like > to share? Nothing but good ones. Doug Humphrey even posted to the list a few times as I recall. I'm still not sure I see a problem with someone providing a newsfeed to the NSA, FBI, or anyone else, though. > [some good stuff elided, but nothing relevant to the following statement:] > Indeed, we are not speaking of the dissemination of USENet or List > information, but rather private e-mail. What? When did we start speaking of that? I'd be very interested in hearing more about this. Joe From fergp at sytex.com Wed May 26 07:16:35 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 26 May 93 07:16:35 PDT Subject: Questionable instances? Message-ID: On Wed, 26 May 93 2:18:52 CDT, Peter Meyer wrote - > My previous message to cypherpunks, the one which had > subject heading "AT&T" and which began: > "I recently switched my long distance carrier from AT&T to another, > since they bribed me to do so with an offer of $35." > seemed to be posted OK (it apparently came back to me as expected) > but I also got this funny bounce message: >From attmail.com!uucp at cactus.org Tue May 25 23:37:59 1993 [ remainder of header deleted ] > This seems odd. What's going on? Do all messages with "AT&T" in the > subject line get siphoned off somewhere for review? Did this one > generate a bounce message because the account of Bryan Petty, AT&T spy, > wasn't receiving tonight? OK, I'm just paranoid. (Paranoia - that's > your state of mind when you finally realize what's really going on.) At least I'm not the only one who has recently noticed this. I had to do a double take when I received not only my original post on UUNet questions from cypherpunks-request at taod.com, but I received a second copy with this header: From fergp at sytex.com Wed May 26 09:17:28 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 26 May 93 09:17:28 PDT Subject: Digital Bit Bucket Message-ID: On Wed, 26 May 93 09:14:50 EDT, Joe Thomas wrote - >> Indeed, we are not speaking of the dissemination of USENet or List >> information, but rather private e-mail. > What? When did we start speaking of that? I'd be very interested in > hearing more about this. Before I say anything further, let me clarify that I am making no specific allegations directed towards anyone. There have just been some questionable occurrences of late that are very weird (read: spooky) which I find little reason to dismiss as coincidental. Vanishing e-mail (both coming and going), duplicate list posts with odd originator headers and routing info. As I said before, I'd just like a few things explained and put into their perspective context. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From fergp at sytex.com Wed May 26 09:17:45 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 26 May 93 09:17:45 PDT Subject: Son of Digital Bit Bucket (or, Someone ate my e-mail!) Message-ID: <5kZ64B4w165w@sytex.com> Kelly Goen: Please attempt to resend all previous unacknowledged traffic. Please excuse my use of the list for off-topic/personal purposes, but due to to some recent unexplained message dissappearances, I'm left with few options. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From mnemonic at eff.org Wed May 26 09:18:24 1993 From: mnemonic at eff.org (Mike Godwin) Date: Wed, 26 May 93 09:18:24 PDT Subject: Mike's bummer moving adventure In-Reply-To: <30838.pfarrell@cs.gmu.edu> Message-ID: <199305261619.AA04350@eff.org> Pat Farrell writes: > The article says that he went onto the WELL and the electronic community > offered to help replace some of his books, etc. A word or two from our > community might help raise his spirits. Thanks for the good thoughts, Pat. Anyone who wants the details of my own little disaster down here should send me e-mail--offers of help are appreciated. One request this list could help me with: Does anyone know how I can find a hardbound copy of Kahn's THE CODEBREAKERS. I didn't own a copy before the fire, but I had started my crypto collection, and I'll be continuing to work on it. --Mike From pmetzger at lehman.com Wed May 26 09:32:31 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 26 May 93 09:32:31 PDT Subject: PGP: Environment protection for UNIX In-Reply-To: <9305260645.AA14381@netcom.netcom.com> Message-ID: <9305261631.AA19652@snark.shearson.com> Stig says: [More on environment wiper] The environment wiper seems silly to me. If the enclosing shell still has the environment in question, ps will still reveal it. If the enclosing shell does not have the environment variables in question, then what was the point? .pm From smb at research.att.com Wed May 26 09:57:26 1993 From: smb at research.att.com (smb at research.att.com) Date: Wed, 26 May 93 09:57:26 PDT Subject: Mike's bummer moving adventure Message-ID: <9305261657.AA28422@toad.com> Pat Farrell writes: > The article says that he went onto the WELL and the electronic commu nity > offered to help replace some of his books, etc. A word or two from o ur > community might help raise his spirits. Thanks for the good thoughts, Pat. Anyone who wants the details of my own little disaster down here should send me e-mail--offers of help are appreciated. One request this list could help me with: Does anyone know how I can find a hardbound copy of Kahn's THE CODEBREAKERS. I didn't own a copy before the fire, but I had started my crypto collection, and I'll be continuing to work on it. It's still in print: STATUS: Active entry TITLE: The Codebreakers AUTHOR: Kahn, David PUBLISHER: Macmillan PUBLICATION DATE: 09/1967 (670901) LCCN: N/A BINDING: Text ed., $60.00 ISBN: 0-02-560460-0 VOLUME(S): N/A ORDER NO.: N/A IMPRINT: N/A STATUS IN FILE: New, 80-12 SUBFILE: ST (Scientific and Technical Books and Serials in Print) LIBRARY OF CONGRESS SUBJECT HEADINGS: CRYPTOGRAPHY (00118102) PAPERBOUND BOOK SUBJECT HEADINGS: HISTORY-GENERAL-STUDY AIDS (00001338) From strat at intercon.com Wed May 26 10:29:26 1993 From: strat at intercon.com (Bob Stratton) Date: Wed, 26 May 93 10:29:26 PDT Subject: Just the facts, ma'am. Message-ID: <9305261329.AA11706@horton.legato.com> > Date: Wed, 26 May 93 09:14:50 EDT > From: jthomas at kolanut.mitre.org (Joe Thomas) > Subject: Re: Just the facts, ma'am. > > > > Thank you for your insights. I will ask UUNet, but I'm beginning to > > wonder if other local comm providers practice the same deceptions. > > Does anyone have any experiences with digex.com that they would like > > to share? > > Nothing but good ones. Doug Humphrey even > posted to the list a few times as I recall. I'm still not sure I see > a problem with someone providing a newsfeed to the NSA, FBI, or anyone > else, though. > As one of the former tech-weenies at Express Access, and now just a friend with no formal association to the business, I feel compelled to give you my thoughts on that particular service provider. Rarely will you find a system administration staff more concerned with your privacy that the guys at Digital Express Group. As I recall, the set of username->real name mappings isn't even on machine readable media on the system. When I was working with them, we had a big book, and people only accessed the book when absolutely necessary, for instance to inform a user of a file system problem or the like. In fact, on several instances, I would ask other staff people who a particular username belonged to when I had a need to contact them - more often than not, they/we couldn't remember, and I had to look it up anyway. This was by design. >From day one, there was a policy of not disclosing customer information to ANYONE without a warrant. To date, thankfully, I don't think that it's been put to the test, though I have no doubts as to the grief they'll give those trying to get the information. The original machine room was one of the best jobs of low-cost RFI/EMI shielding construction I've ever seen. (BTW, the foam insulation with foil on both sides is a boon to mankind.) It wasn't really intended to keep people from looking at the emissions as to keep the emissions from wiping out all the shortwave receivers in use, but hey, every little bit helps. I'm still a user there, and I have a hell of a lot of respect for that crew. I would also implicitly trust them as a site for anonymous remailing, key certification, or the like. I hope that becomes a part of their business focus in the future, because we need service providers who won't be intimidated. --Strat From postmaster at uunet.uu.net Wed May 26 11:05:24 1993 From: postmaster at uunet.uu.net (Kyle Jones) Date: Wed, 26 May 93 11:05:24 PDT Subject: Questionable instances? In-Reply-To: Message-ID: <9305261805.AA03358@wendy-fate.UU.NET> I can only assume that the bounce came to you becasue the cpypherpounk list isn't set to make bounces go to the list maintainer. The message was in fact a bounce, as this header testifies. Not-Delivered-To: mhs!dca/G=bryan/S=petty/OU=dcaicc due to 01 Invalid Address Specification From MCMAHON at Eisner.DECUS.Org Wed May 26 11:22:35 1993 From: MCMAHON at Eisner.DECUS.Org (John (FuzzFace/Fast-Eddie) McMahon) Date: Wed, 26 May 93 11:22:35 PDT Subject: Selling Tapes ? Message-ID: <01GYMU6G53OY003ADN@Eisner.DECUS.Org> > Rick Adams of UUNET confirmed on the com-priv list that his > organization had been selling the FBI a usenet feed on tape. I could > find the exact reference if you want. I don't know for sure that the > NSA has a feed, or from whom, but it wouldn't surprise me. Seems like the low tech way of doing it. Both organizations have machines on the Internet right now. FBI is hooked in via ALTERNet, and the NSA (NCSC) is on the MILnet. % traceroute ard.fbi.gov % traceroute tycho.ncsc.mil (and see what happens) Cheers! Fuzz From composer at Beyond.Dreams.ORG Wed May 26 11:39:22 1993 From: composer at Beyond.Dreams.ORG (Jeff Kellem) Date: Wed, 26 May 93 11:39:22 PDT Subject: Just the facts, ma'am. In-Reply-To: <9305261329.AA11706@horton.legato.com> Message-ID: <9305261839.AA05185@Beyond.Dreams.ORG> On the cypherpunks mailing list, Strat wrote... > Rarely will you find a system administration staff more concerned with > your privacy that the guys at Digital Express Group. As I recall, the > set of username->real name mappings isn't even on machine readable media > on the system. Really? That's odd, especially for a unix box, which access.digex.com seems to be. And, as a matter of fact, it does seem to show "Robert Stratton" for the username of "strat". So, it seems they do maintain username to "real name" mappings (even if they allow the user to change the "real name" listed. > When I was working with them, we had a big book, and people only > accessed the book when absolutely necessary, for instance to inform a > user of a file system problem or the like. ... > This was by design. As a side note, this sounds like a bad design.. keeping things on paper for a computer system. Perhaps, a disconnected computer system.. but, when you start talking a few thousand users, the paper begins to really become troublesome for maintaining information on accounts. ;-) FYI... -jeff Jeff Kellem Internet: composer at Beyond.Dreams.ORG From hughes at soda.berkeley.edu Wed May 26 11:46:47 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Wed, 26 May 93 11:46:47 PDT Subject: Questionable instances? In-Reply-To: <9305261805.AA03358@wendy-fate.UU.NET> Message-ID: <9305261841.AA17459@soda.berkeley.edu> >I can only assume that the bounce came to you becasue the >cpypherpounk list isn't set to make bounces go to the list >maintainer. This is the first of these messages we've had for six months, as the bounce messages do in fact go back to the maintainer, me, quite regularly. I get on the order of 300-400 per week, since often a bad address will queue up mail for a few days before bouncing it all. Eric From TO1SITTLER at APSICC.APS.EDU Wed May 26 11:52:16 1993 From: TO1SITTLER at APSICC.APS.EDU (Kragen Sittler) Date: Wed, 26 May 93 11:52:16 PDT Subject: Steganography and Steganalysis Message-ID: <930526125012.3b06@APSICC.APS.EDU> Begin quote from gnu at toad.com on Tue, 25 May 1993 15:27:27 -0700 From: gnu at toad.com (John Gilmore) Message-Id: <9305252227.AA27968 at toad.com> To: kqb at whscad1.att.com, cypherpunks at toad.com, gnu at toad.com Subject: Re: Steganography and Steganalysis In-Reply-To: <9305252149.AA27051 at toad.com> Date: Tue, 25 May 93 15:27:27 -0700 My favorite scheme was to encode messages in trailing spaces and/or tabs in netnews messages. You could also put internal tabs in place of spaces. In fact, you could do this with news messages that flow "through" your site, (if the messages aren't protected with a crypto checksum), so that you would not be the message's sender (and it wouldn't be addressed to anyone either -- recipients get very good privacy). This would be one way for a Unix "worm" program to report back to its master...and/or receive instructions. John Gilmore PS: You could put short interesting stuff just in your message-ID's! Not to mention the low order bits of timestamps (exactly *what* second did it arrive, now?). ===================================================================== Trailing spaces, however, are likely to be changed by other sites: padded or cut. This might be a good idea if you used mime/PGP's radix-64 or uuencode or something similar. Kragen From composer at Beyond.Dreams.ORG Wed May 26 12:22:49 1993 From: composer at Beyond.Dreams.ORG (Jeff Kellem) Date: Wed, 26 May 93 12:22:49 PDT Subject: Just the facts, ma'am. In-Reply-To: <9qX54B2w165w@sytex.com> Message-ID: <9305261922.AA05288@Beyond.Dreams.ORG> On the cypherpunks mailing list, Paul Ferguson wrote... > The point is this, Marc: Those of us who subscribe to UUNet through > third party services have no idea that our communications may be > recorded or archived for intelligence purposes (I know, but that's > beside the point). If UUNet _is_ doing this without a broad policy > statement, then I think a change is in order. I think you're jumping to (incorrect, IMO) conclusions here. All that was said was that an organization (the FBI, in this case) bought a USENET feed. Yes, distribution on tapes is still a feed of sorts (albeit a slow one with a bursty latency ;-). There is nothing wrong with that, as it is one of the services which UUNET Technologies provides. There is NO REASON to believe or even assume that UUNET Technologies is archiving other non-publically available communications, such as e-mail, etc. > Also, (and I do not implicitly imply that UUNet is responsible), I've > had some very interesting problems passing encrypted traffic. For some > strange reason, it just disappears. Fancy that. Should I question > that? You bet. And I shall. I, and my comm provider, pays in good > faith for our Internet services. We are protected under Law, and as > far I know, UUNet does not expressly forbid encrypted _private_ > communications. But, it happens. They just disappear sometimes. Go > figure. Sure, question it. But, also look into the problem from a real technical standpoint first, instead of just jumping to conclusions. Talk to the people you're attempting to communicate with -- maybe it's a problem on their end. Talk to your communications provider.. or maybe it's a problem somewhere along the path you're communicating through. Always check potential technical problems before jumping to (probably unfounded and paranoid) conclusions. [I'm not saying you shouldn't keep them in mind, as you should always consider all scenarios when trying to track down a problem. But, they should be in the background, not the foreground, at first.] I've just watched too many people jump to the conclusion that whatever problem was occurring was being done purposely to them.. NOT that it could just be a technical glitch... when, is WAS just a technical problem. Usually, it's just a technical problem that needs to be resolved. > Marc Horowitz wrote... > > However, the obvious next point is, so what? It's a public system. > > Any idiot can pay $20/month and get a public access account. If you > > say something in a news post which you wouldn't want the FBI or NSA or > > whoever to see, you're the person who has done something stupid. > > I beg your pardon. Since when does stupidity become a prerequisite for > privacy rights violations? I'm not talking about Usenet or List posts, > Marc, but private e-mail. But, the discussion previously WAS referring to USENET. When you speak publically, you don't assume that it's private. So, in that context, you're not speaking of privacy rights violations. > Thank you for your insights. I will ask UUNet, but I'm beginning to > wonder if other local comm providers practice the same deceptions. I haven't seen any indication of deceptions. Unless, of course, you're referring to mentioning that the FBI is/was a customer. But, then, I (and anyone else) can find out most UUNET customers who have USENET newsfeeds very easily just by looking through the USENET maps. So, I don't see that as much of a problem, as long as they're not providing other customer details. I trust UUNET's staff on maintaining that privacy, knowing some of them personally. > If so, it would aid in our attempts to bring these unknown anomalies > to light. I don't like spending money to have my private e-mail > compromised. Which is understandable, though I don't believe your e-mail has been compromised from what I've seen posted on cypherpunks. Just some thoughts on the matter... -jeff Jeff Kellem Internet: composer at Beyond.Dreams.ORG From smb at research.att.com Wed May 26 12:28:43 1993 From: smb at research.att.com (smb at research.att.com) Date: Wed, 26 May 93 12:28:43 PDT Subject: Selling Tapes ? Message-ID: <9305261928.AA02631@toad.com> > Rick Adams of UUNET confirmed on the com-priv list that his > organization had been selling the FBI a usenet feed on tape. I coul d > find the exact reference if you want. I don't know for sure that th e > NSA has a feed, or from whom, but it wouldn't surprise me. Seems like the low tech way of doing it. Both organizations have machines on the Internet right now. FBI is ho oked in via ALTERNet, and the NSA (NCSC) is on the MILnet. % traceroute ard.fbi.gov % traceroute tycho.ncsc.mil (and see what happens) This incident goes back quite a while, to the days when uucp was the normal (and almost the only) way of getting netnews. From wixer!wixer.bga.com!meyer at cactus.org Wed May 26 12:41:18 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Wed, 26 May 93 12:41:18 PDT Subject: DE platform Message-ID: <9305261837.AA13410@wixer> My apologies for not thinking to state what platform Dolphin Encrypt currently runs on. It's vanilla MS-DOS. Other versions are planned. The Dolphin Encryption Library (16 or so functions, containing the core encryption functions from DE) is also for MS-DOS (designed to work with the Microsoft and Borland development systems). This is all standard ANSI C code, so should port to other platforms without much problem. Currently there's a Clipper-oriented (that's the database language) version in preparation. Developers on other platforms (Unix, Amiga, etc.) who are interested in porting the library should send me email. I am most interested in contacting someone who can not only port the library but also market it. Porting of the Dolphin Encrypt program is a Stage II task, and depends on successful porting of the library. -- Peter From jthomas at kolanut.mitre.org Wed May 26 12:49:49 1993 From: jthomas at kolanut.mitre.org (Joe Thomas) Date: Wed, 26 May 93 12:49:49 PDT Subject: Just the facts, ma'am. Message-ID: <9305261949.AA07621@kolanut> From: composer at beyond.dreams.org (Jeff Kellem) > > On the cypherpunks mailing list, Strat wrote... > > Rarely will you find a system administration staff more concerned with > > your privacy that the guys at Digital Express Group. As I recall, the > > set of username->real name mappings isn't even on machine readable media > > on the system. > > Really? That's odd, especially for a unix box, which access.digex.com > seems to be. And, as a matter of fact, it does seem to show "Robert > Stratton" for the username of "strat". So, it seems they do maintain > username to "real name" mappings (even if they allow the user to change > the "real name" listed. Digital Express doesn't require that the GECOS field of /etc/passwd contain real names, although they obviously allow it. (Finger jthomas at access.digex.net for my full name, as well as my PGP key :^) I seem to remember that the new user signup script they use explicitly gives you the option of signing up under a pseudonymn, although they'll check up on you by phone if you do (and presumably write your name in the Big Book at that point). I've seen quite a few public access Unix sites advertising "anonymous" accounts lately, especially after Julf's server went down. Joe From pmetzger at lehman.com Wed May 26 12:53:57 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 26 May 93 12:53:57 PDT Subject: DE platform In-Reply-To: <9305261837.AA13410@wixer> Message-ID: <9305261953.AA20373@snark.shearson.com> Correct me if I'm wrong, but from what I understand, "Dolphin Encrypt" does not use any well examined crypto system -- its something that you guys, without any cryptography credentials, cooked up. On that basis, why should we care about it? Most crypto systems that amateurs come up with are pathetic to say the least, and strong systems, like triple-DES and IDEA, are widely available. Perry meyer says: > My apologies for not thinking to state what platform Dolphin Encrypt > currently runs on. It's vanilla MS-DOS. Other versions are planned. > > The Dolphin Encryption Library (16 or so functions, containing the > core encryption functions from DE) is also for MS-DOS (designed to > work with the Microsoft and Borland development systems). This is all > standard ANSI C code, so should port to other platforms without much > problem. Currently there's a Clipper-oriented (that's the database > language) version in preparation. Developers on other platforms > (Unix, Amiga, etc.) who are interested in porting the library should > send me email. I am most interested in contacting someone who can > not only port the library but also market it. > > Porting of the Dolphin Encrypt program is a Stage II task, and depends > on successful porting of the library. > > -- Peter From fnerd at smds.com Wed May 26 13:47:03 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Wed, 26 May 93 13:47:03 PDT Subject: Digital cash issues... Message-ID: <9305261714.AA04972@smds.com> > Regarding the issue of what to do under Chaum's scheme when someone double- > spends a piece of digital cash & their identity is revealed... I don't think > it's going to be a serious hindrance in the long term. ... Any credit card > company, phone company, or other corporation that does a lot of billing > already has staff dedicated solely to that function, with collection agencies > providing a second tier of functionality for the tougher cases. > > Dr. Cat / Dragon's Eye / New traditions for the next century Yes, but we would like to steer towards a world where no one you do business with knows or can reconstruct who you are or where you live. "Collection"-- the whole idea of "billing," in fact--is a way of doing business that's rooted in non-privacy. But also it's based on wanting to make transactions easier for people in a world without easy electronic transactions, accounting, budgeting, negotiation, reputations, etc. So maybe with these sorts of things, billing would be unnecessary. Anyway, thinking up variations on offline payment systems is a passtime of mine. Situations where people can't be online with the bank are special cases, so you can make up special-case solutions, like o "Tokens" or gift certificates that you buy in advance, or o Annonymous checks that expire and are refundable if the (specific, annonymous) payees don't cash them in a certain amount of time. Credit as it exists often seems like a trade with the devil of privacy invasion. Jeez, what would the world be like without *credit cards* and *junk mail*!? -fnerd From TO1SITTLER at APSICC.APS.EDU Wed May 26 13:57:58 1993 From: TO1SITTLER at APSICC.APS.EDU (Kragen Sittler) Date: Wed, 26 May 93 13:57:58 PDT Subject: private e-mail compromising Message-ID: <930526145606.413c@APSICC.APS.EDU> Where in all of the previous messages about uunet did it say they were selling the NSA anyone's email? If I read it right, all they were doing was selling a netnews feed on tape! Kragen From nobody at eli-remailer Wed May 26 14:26:46 1993 From: nobody at eli-remailer (nobody at eli-remailer) Date: Wed, 26 May 93 14:26:46 PDT Subject: Rivest evaluation of SecurID smart card Message-ID: <9305262126.AA05992@toad.com> -----BEGIN PGP SIGNED MESSAGE----- I thought this might be of some interest to the CypherPunks list. DEADBEAT - - - - - - - - - TO: Kenneth P. Weiss, Chairman Security Dynamics, Inc. 2067 Massachusetts Avenue Cambridge, Massachusetts 02140 FROM: Ronald L. Rivest /initials RLR/ DATE: April 7, 1987 RE: Evaluation of SecurID Approach to User Identification This memo provides a brief overall evaluation of your SecurID product, as you have requested, suitable for limited distribution. (It does not contain any of the proprietary information you have disclosed to me.) General Approach The SecurID card generates a pseudorandom sequence of displayed numbers: the displayed number us changed every 60 seconds. The sequence is "pseudorandom" rather than truly "random" in the sense that it is generated by applying a (proprietary) algorithm and secret key to a representation of the current time. Thus, a host computer knowing the algorithm and the secret key in the card can compute the number displayed on the user's card at any moment. Clearly, the numbers produced by such a card can be used in place of a conventional "PIN" or "password" for access control or user authentication, if the host is prepared to compute the number currently displayed on the user's card. That is, the user could enter the displayed number instead of a remembered PIN or password when he is asked to authenticate himself when initiating a login or financial transaction. One can obtain additional security by first combining a user-remembered PIN with the displayed number, so that the user is authenticated both by "what he knows" as well as "what he possesses". For example, if both the displayed number and the user's PIN are decimal numbers, the combining operation could be "add digit-by-digit without carry". The host computer, knowing both the user's PIN and the displayed number, can compute the correct value for comparison. Security Evaluation 1. An End-to-End Approach One major advantage of your approach is that it is an "end-to-end" technique: no intermediate nodes in the communication network are entrusted with any security responsibilities. The only places where secret information needs to be maintained and manipulated are the user's card and his host computer. By contrast, an approach which encrypts PINs and transmits them in encrypted form to the user's host computer may -- in a large, diverse, multiorganization network -- require tremendous complexity in terms of key management overhead and will necessitate a great deal of trust between the participating organizations. In my consulting work I have seen large organizations work very hard to design "end-to-end" authentication protocols because of their intrinsically greater security and simplicity. 2. Pseudo-random number generation As noted above, your card generates a pseudo-random sequence of numbers by applying a proprietary algorithm to a secret key and the current time (measured to the minute). The secret key is known only by the user's card and host computer. The system could be compromised if an "enemy" could predict future numbers to be displayed by the card, from past observed values. (These numbers are transmitted in the clear, and are not encrypted. This makes your approach valuable for logging in from a "dumb" terminal, but makes it possible for a wiretapper to obtain a set of previously values produced by the card.) However, I do not believe this attack can be successfully mounted against your system. I have tried to "break" your system in this manner, without success. The proprietary algorithm (which you have disclosed to me) is based on sound cryptographic principles; it is likely that the best approach to "breaking" this system is a brute-force search for the secret key. Since the secret key you use is longer than that used by DES, I believe that this approach is infeasible in practice. (I should note that while my examination of your algorithm was intensive and covered all aspects of the algorithm, it was of necessity an examination of limited duration. Some of your customers, such as those involved with matters of national security, will certainly want to see your algorithm subjected to additional intensive scutiny [sic] before adopting it for use.) Thus, I believe the sequence of numbers produced by your card will be unpredictable by an "enemy", even if he sees previously produced numbers. Therefore: o The ability to produce the number that is correct for the current time is a sound guarantee that the person logging in actually posesses [sic] the correct SecurID card. o The numbers produced do not need to be encrypted, since knowledge of past values will not allow an enemy to predict future values. Of course, other cryptographic algorithms could be used to produce the pseudo-random number sequence from the secret key and the current time. For example, one could use DES. (Given recent events, the algorithms should perhaps be called "ODES" for the _Old_ Data Encryption Standard".) However, given the shorter key length and greater implementation cost of DES, I don't see any advantage here other than that it is (or was) a standard that withstood at one time a careful review. (This, however, may be significant to some of your customers.) It is also perhaps worth noting that your algorithm, while easier to implement than DES, is more computation-intensive than DES, making a brute-force search substantially more difficult to mount. 3. Combining operations Additional security can be obtained by combining the displayed number with a user-remembered PIN, say by adding them digit-wise with carries omitted. While this combining operation is very simple, it is easy to prove that if the displayed number sequence is unpredictable, then adding a PIN to the sequence won't change this fact. Furthermore, the PIN itself is protected from disclosure, unless the "enemy" can obtain both the current displayed value and the value after the PIN has been added. However, to obtain the first requires access to the card, and to obtain the second requires wiretapping; these are not likely to be simultaneously available. (The risk here seems less than the risk that the keyboard is tapped in a conventional password scheme.) A similar analysis applies to using the displayed number sequence to "encrypt" values other that the PIN; this operation should provide the desired security. Summary The approach used in your SecurID product is novel, and offers security advantages over conventional PIN or password schemes. The cryptographic algorithm employed should provide a high degree of security. Dr. Ronald L. Rivest is a Professor in the Electrical Engineering and Computer Science Department of the Massachusetts Institute of Technology. He is a renowned world class cryptologist. Professor Rivest is one of the co-inventors of the RSA public-key cryptosystem, is a founder of RSA Data Security, Inc., and is on the Board of the International Association for Cryptologic Research. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBLAPfX/FZTpBW/B35AQFSFAF/T+Bcc2a7PWGeyn1UN0rGcWj65u+1vdyv O8Vh5sjyr1J5ELZ99fwEuO29OmQJvwCD =QVMm -----END PGP SIGNATURE----- From sneal at muskwa.ucs.ualberta.ca Wed May 26 15:00:53 1993 From: sneal at muskwa.ucs.ualberta.ca (Sneal) Date: Wed, 26 May 93 15:00:53 PDT Subject: Digital cash issuess... Message-ID: <9305262158.AA28845@muskwa.ucs.ualberta.ca> There's an interesting paper on offline cash systems by Stefan Brands, who I believe is/was a student of David Chaum. The abstract reads: "We present a new off-line electronic cash system based on a problem, called the representation problem, of which little use has been made in the literature thus far. Our system is the first to be entirely based on discrete logarithms. Using the representation problem as a basic concept, some techniques are introduced that enable us to construct protocols for withdrawal and payment that do not use the cut and choose methodology of earlier systems. As a consequence, our cash system is much more efficient in both computation and communication complexity than previously proposed systems." "Another import aspect of our system concerns its provability. Contrary to previously proposed systems, its correctness can be mathematically proven to a very great extent. Specifically, if we make one plausible assumption concerning a single hash-function, the ability to break the systems seems to imply that one can break the Diffie-Hellman problem." "Our system offers a number of extensions that are hard to achieve in previously known systems. In our opinion, the most interesting of these is that the entire cash system (including all the extensions) can be incorporated straightforwardly in a setting based on wallets with observers, which has the important advantage that double-spending can be prevented in the first place, rather than detecting the identity of a double-spender after the fact. In particular, in can be incorporated even under the most stringent requirements conceivable about the privacy of the user, which seems to be impossible to do with previously proposed systems. Another benefit of our system is that framing attempts by a bank have negligible probability of success (independent of conputing power) by a simple mechanism from within the system, which is something that previous solutions lack entirely. Furthermore, the basic cash system can be extended to checks, multi-show cash and divisibility, while retaining its computation efficiency." [...some stuff elided...] "...Using the representation problem, we show in the appendix how to batch the confirmation protoocol of undeniable signatures such that polynomially many undeniable signatures can be verified in four moves." The paper can be found at ftp.cwi.nl /pub/CWIreports/AA/CS-R9323.ps.Z -- Steve From hughes at soda.berkeley.edu Wed May 26 16:29:12 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Wed, 26 May 93 16:29:12 PDT Subject: Digital cash issuess... In-Reply-To: <9305262158.AA28845@muskwa.ucs.ualberta.ca> Message-ID: <9305262325.AA05097@soda.berkeley.edu> >As a consequence, our >cash system is much more efficient in both computation and >communication complexity than previously proposed systems." I take this with a grain of salt; see below. >In our opinion, the most interesting of >these is that the entire cash system (including all the extensions) >can be incorporated straightforwardly in a setting based on wallets >with observers, I am not surprised that they find this interesting; David Chaum has patented all the observer protocols. Having read these protocols in the original, I can say this is not much of an advantage. The observer protocols are tremendously expensive computationally. Anything you build on top of it won't be any faster. Eric From jet at nas.nasa.gov Wed May 26 16:35:31 1993 From: jet at nas.nasa.gov (J. Eric Townsend) Date: Wed, 26 May 93 16:35:31 PDT Subject: Selling Tapes ? In-Reply-To: <01GYMU6G53OY003ADN@Eisner.DECUS.Org> Message-ID: <9305262335.AA18866@boxer.nas.nasa.gov> "John (FuzzFace/Fast-Eddie) McMahon" writes: > % traceroute ard.fbi.gov > % traceroute tycho.ncsc.mil > (and see what happens) boxer.jet> traceroute fbi.gov [sound of door breaking in] "Freeze! Drop that keyboard! You'll have to come with us Mr. Townsend. You have accessed an FBI computer system without prior authority." From pmetzger at lehman.com Wed May 26 16:51:42 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 26 May 93 16:51:42 PDT Subject: Digital cash issuess... In-Reply-To: <9305262325.AA05097@soda.berkeley.edu> Message-ID: <9305262351.AA20929@snark.shearson.com> Eric Hughes says: > >As a consequence, our > >cash system is much more efficient in both computation and > >communication complexity than previously proposed systems." > > I take this with a grain of salt; see below. > > >In our opinion, the most interesting of > >these is that the entire cash system (including all the extensions) > >can be incorporated straightforwardly in a setting based on wallets > >with observers, > > I am not surprised that they find this interesting; David Chaum has > patented all the observer protocols. > > Having read these protocols in the original, I can say this is not > much of an advantage. The observer protocols are tremendously > expensive computationally. Anything you build on top of it won't be > any faster. As I understand it, "observers" are built in to supposedly uncrackable hardware built into a smart card -- and I'm not a big fan of the notion that you can make hardware non-reverse engineerable... Perry From clark at metal.psu.edu Wed May 26 17:03:41 1993 From: clark at metal.psu.edu (Clark Reynard) Date: Wed, 26 May 93 17:03:41 PDT Subject: VinCrypt Message-ID: <9305270043.AA02074@metal.psu.edu> Even as a former 'hacker' myself, the second to last person I would trust not to install a backdoor (next to the NSA) is a hacker. In addition, merely having been a systems hacker hardly qualifies one for writing complex crypto software. Without any assurance as to the authors' qualifications for writing a crypto package, or their integrity. Even if I could trust their integrity, I'm very leery of black-box software. ---- Robert W. Clark Just Say No! to the rclark at nyx.cs.du.edu Big Brother Chip From wcs at anchor.ho.att.com Wed May 26 17:12:40 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Wed, 26 May 93 17:12:40 PDT Subject: Steganography and Steganalysis Message-ID: <9305270012.AA10969@anchor.ho.att.com> John Gilmore writes: > My favorite scheme was to encode messages in trailing spaces and/or tabs > in netnews messages. You could also put internal tabs in place of spaces. and other fun things... > In fact, you could do this with news messages that flow "through" your > site, (if the messages aren't protected with a crypto checksum), so that > you would not be the message's sender (and it wouldn't be addressed to anyone > either -- recipients get very good privacy). Hmmm... While this certainly does provide some privacy, it also can break things, which is not nice to do to other people's messages. For example, if other people are encoding messages in trailing spaces or tabs in netnews messages, you'll replace their hidden messages with your own :-) I don't know if there's much news out there with Content-Length: headers or other byte-counting headers that would be disrupted; Lines: is obviously not bothered. On the other hand, if the messages that appear to be flowing through your site are really being generated there, either as forgeries of messages from other people, or forgeries of messages from anonymous posting sites, or are forged messages you're really posting through an anonymous posting site, you gain about the same effect (assuming your forgery is good enough to not attract attention.) (Forging messages from other people is best done either with cooperative people, or fake people, or people who don't mind like MAILER-DAEMON%Fidogate at BAR.BiTNet.) Bill Stewart From smb at research.att.com Wed May 26 17:37:15 1993 From: smb at research.att.com (smb at research.att.com) Date: Wed, 26 May 93 17:37:15 PDT Subject: VinCrypt Message-ID: <9305270037.AA11240@toad.com> Even as a former 'hacker' myself, the second to last person I would trust not to install a backdoor (next to the NSA) is a hacker. In addition, merely having been a systems hacker hardly qualifies one for writing complex crypto software. Without any assurance as to the authors' qualifications for writing a crypto package, or their integrity. Even if I could trust their integrity, I'm very leery of black-box software. ---- Robert W. Clark Just Say No! to the rclark at nyx.cs.du.edu Big Brother Chip Indeed. There were a pair of papers in Cryptologia a few years ago on ``Data Insecurity'' packages. The author cryptanalyzed a number of different PC-based crypto packages, and contrasted that with the glowing advertising copy... From mdiehl at triton.unm.edu Wed May 26 19:33:31 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 26 May 93 19:33:31 PDT Subject: VinCrypt In-Reply-To: <9305270043.AA02074@metal.psu.edu> Message-ID: <9305270233.AA27245@triton.unm.edu> > Even as a former 'hacker' myself, the second to last person I would > trust not to install a backdoor (next to the NSA) is a hacker. Are you meaning to imply that there is a backdoor in this package? If so, how do you justify this claim? > In addition, merely having been a systems hacker hardly qualifies > one for writing complex crypto software. Without any assurance as > to the authors' qualifications for writing a crypto package, or > their integrity. Even if I could trust their integrity, I'm very > leery of black-box software. You seem to know something about them that I do not. Care to share your knowledge? Thanx in advance. +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl at triton.unm.edu | But, I was mistaken. |available| | mike.diehl at fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+ From wixer!wixer.bga.com!meyer at cactus.org Wed May 26 20:59:27 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Wed, 26 May 93 20:59:27 PDT Subject: Data Insecurity Packages, etc. Message-ID: <9305270314.AA05215@wixer> Clark Reynard writes: >Indeed. There were a pair of papers in Cryptologia a few years ago >on ``Data Insecurity'' packages. The author cryptanalyzed a number >of different PC-based crypto packages, and contrasted that with >the glowing advertising copy... This may or may not be one of those papers: Martin Kochanski: "A Survey of Data Insecurity Packages" in Deavours et al., Cryptology, pp. 195 - 209. None of the encryption methods analyzed by Kochanski were particularly complex, even though it did take skill to crack most of them. It turns out that in each case the encryption algorithm used is fairly easy to state (in, say, half a page). Perry Metzger writes: >Correct me if I'm wrong, but from what I understand, "Dolphin Encrypt" >does not use any well examined crypto system -- its something that you >guys, without any cryptography credentials, cooked up. On that basis, >why should we care about it? Most crypto systems that amateurs come up >with are pathetic to say the least, and strong systems, like >triple-DES and IDEA, are widely available. So far the DE method has not been well-examined, except by its developers (who have spent years on this). I took a step toward public examination of the method by posting the natural language description here on cypherpunks a few weeks ago. (Anyone who missed it can get it from me.) This description has been available in the manual for a year now, for anyone who cared to purchase the product. It has also been examined by four cryptologists (professional and/or credentialed) not involved in its development, and it was ridiculed by none of them. As I said, the complete details are in the C code, which is available at present to anyone who purchases the library, and which will be made public sometime down the road. Of course, any crypto system must be made available to public examination before it can be judged strong or otherwise. If I didn't think the DE encryption method was strong I wouldn't be making it public. Just because we have DES and IDEA doesn't mean we should be satisfied with them only. The first task of a cryptanalyst is to discover what method of encryption was used. If that is known (and solving this problem itself may be non-trivial) then cryptanalysis may proceed either by (i) a study of patterns in the ciphertext or (ii) a thorough study of the encryption method used. Statistical tests have not revealed any patterns in DE-encrypted ciphertext so far. We'll see whether analysis of the DE method by others reveals any flaws. Until then I'm reminded of the saying: "Those who can, do; those who can't, criticise." This brings up an interesting question: what charactersistics, if any, do different encryption methods produce in ciphertext? From a study of several large samples of ciphertext produced by a particular encryption method, what clues might there be to the identity of the encryption method used? I'd like to hear if anyone knows of any published work which addresses this question. Since DES in electronic code book mode (which is considered insecure) encrypts 8-byte chunks which are independent of each other, it's entirely possible that the ciphertext can be identified as the product of DES-ECB. From MCMAHON at Eisner.DECUS.Org Wed May 26 21:34:26 1993 From: MCMAHON at Eisner.DECUS.Org (John (FuzzFace/Fast-Eddie) McMahon) Date: Wed, 26 May 93 21:34:26 PDT Subject: Selling Tapes ? Message-ID: <01GYNFOTREYQ003IQ1@Eisner.DECUS.Org> >What does traceroute do? I don't have it on my system... It lists the routers between your point and the destination. Sort of a poor man's mapping tool. It demonstrates that both NCSC and FBI are "openly/obviously" on the Internet. John From greg at ideath.goldenbear.com Thu May 27 00:59:12 1993 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Thu, 27 May 93 00:59:12 PDT Subject: VinCrypt Message-ID: <5T774B1w164w@ideath.goldenbear.com> -----BEGIN PGP SIGNED MESSAGE----- J. Michael Diehl writes: > > Even as a former 'hacker' myself, the second to last person I would > > trust not to install a backdoor (next to the NSA) is a hacker. > > Are you meaning to imply that there is a backdoor in this package? If so, how > do you justify this claim? It seems safer to assume that the software is insecure, until proven otherwise. This is the approach that's been taken with the Clipper chip, and seemed reasonable in that case - I suggest that it is in this case, as well. > > In addition, merely having been a systems hacker hardly qualifies > > one for writing complex crypto software. Without any assurance as > > to the authors' qualifications for writing a crypto package, or > > their integrity. Even if I could trust their integrity, I'm very > > leery of black-box software. > > You seem to know something about them that I do not. Care to share your > knowledge? Thanx in advance. Rather, the original poster (Clark Reynard) seems to *not* have information - e.g., information about how or why the author(s) of this crypto package are trustable, or why we should consider their software secure if we can't look at the source. If they are so naive as to think that the NSA can't afford a copy of Sourcer and a few person-hours to disassemble VinCrypt, what other (absurd) assumptions have they made? If a machine can execute it, a machine (or a machine and a person) can disassemble it. I can't believe that anyone's willing to take this VinCrypt crap even a little bit seriously. Any dork with a laser printer can print up a press release and mail it out - looks like maybe this was a slow week for the computer press. As far as I can tell, we're supposed to assume that VinCrypt is useful software because of the political/social perspective of its authors. While I share their suspicion of the powers that be, I do not trust them to write software that is free of intentional and/or nonintentional weaknesses. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLARuSX3YhjZY3fMNAQESdQP+LP7jdBJLzvzDItehb4Lwwwch9Wi1LfS6 5pvPd/+NeXYNb2RDYSbf7RNvQ6nQTgLYvD9cs8Xw5kXAJzhA/6PVULgMj66OsC63 3SMeVzQuu3Ui0Ki0nF+RslKNDL/gffurPSzJ9Pwn4uCiAFiXObjkriYE5M02bJOw Ax7pVUq7ueQ= =Mj7Z -----END PGP SIGNATURE----- -- Greg Broiles greg at goldenbear.com Golden Bear Computer Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 From pmetzger at lehman.com Thu May 27 08:15:14 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 27 May 93 08:15:14 PDT Subject: VinCrypt In-Reply-To: <9305270233.AA27245@triton.unm.edu> Message-ID: <9305271514.AA26019@snark.shearson.com> > > In addition, merely having been a systems hacker hardly qualifies > > one for writing complex crypto software. Without any assurance as > > to the authors' qualifications for writing a crypto package, or > > their integrity. Even if I could trust their integrity, I'm very > > leery of black-box software. > > You seem to know something about them that I do not. Care to share your > knowledge? Thanx in advance. Oh, come on. Every decent cryptoweenie knows that you don't trust black box cryptography software. Most amateurs (and the average person writing crypto code is NOT a professional cryptographer) have no idea of what they are doing and produce crap. If you don't know how the program you are buying works, odds are that its one of the majority of programs, i.e. its crap. Throughout the last two thousand years, fools, often individuals who were otherwise rather intelligent, have repeatedly invented new cryptosystems over and over again which were completely worthless. Indeed, virtually everyone thinks that they know enough to build a new cryptosystem -- and virtually no one has bothered to learn how real cryptosystems are broken. This even bites the best of us. Phil Zimmermann tells the story of how he once invented a cryptosystem only to open up a college text on cryptography and see that the problem of breaking his new cryptosystem was so trivial that it was a homework exercise at the end of the first chapter. I, for one, will never use any crypto system for which the algorithm hasn't been extensively published and scrutinized. Perry From postmaster at uunet.uu.net Thu May 27 10:44:09 1993 From: postmaster at uunet.uu.net (Kyle Jones) Date: Thu, 27 May 93 10:44:09 PDT Subject: Questionable instances? In-Reply-To: <9305261805.AA03358@wendy-fate.UU.NET> Message-ID: <9305271743.AA04028@wendy-fate.UU.NET> Eric Hughes writes: > > I can only assume that the bounce came to you becasue the > > cpypherpounk list isn't set to make bounces go to the list > > maintainer. > > This is the first of these messages we've had for six months, as the > bounce messages do in fact go back to the maintainer, me, quite > regularly. I get on the order of 300-400 per week, since often a bad > address will queue up mail for a few days before bouncing it all. If that's so, then it must be that the stupid transport software at AT&T is ignoring the envelope sender information. From ian at bvsd.Co.EDU Thu May 27 12:53:57 1993 From: ian at bvsd.Co.EDU (Ian S. Nelson) Date: Thu, 27 May 93 12:53:57 PDT Subject: VinCrypt In-Reply-To: <9305270043.AA02074@metal.psu.edu> Message-ID: <199305271953.AA13069@bvsd.Co.EDU> > > Even as a former 'hacker' myself, the second to last person I would > trust not to install a backdoor (next to the NSA) is a hacker. > > In addition, merely having been a systems hacker hardly qualifies > one for writing complex crypto software. Without any assurance as > to the authors' qualifications for writing a crypto package, or > their integrity. Even if I could trust their integrity, I'm very > leery of black-box software. I think the line about "not trusting DES or RSA because those algorithms have been given to the NSA" about says it all. -- Ian S. Nelson I speak for only myself. Finger for my PGP key. If you are a beautiful woman, it is mandatory that you reply to this message. From miron at extropia.wimsey.com Thu May 27 14:31:49 1993 From: miron at extropia.wimsey.com (Miron Cuperman) Date: Thu, 27 May 93 14:31:49 PDT Subject: Interim patch for ytalk Message-ID: <199305272044.AA05646@xtropia> I also intend to change the name of the program to PGTalk. If anybody has better ideas, please let me know. This patch is important for the security of the encryption. The idea was to have cipher feedback (pun intended!). Somehow I reversed a couple of lines. *** ytalk/idea.c Thu May 27 13:40:36 1993 --- pgtalk/idea.c Thu May 27 13:40:52 1993 *************** *** 504,510 **** { idea_ecb(iv,temp, Z); /* encrypt iv_idea, making temp. */ ! if (!decrypt) /* buf is ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); --- 504,510 ---- { idea_ecb(iv,temp, Z); /* encrypt iv_idea, making temp. */ ! if (decrypt) /* buf is ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); *************** *** 511,517 **** /* convert buf via xor */ xorbuf(buf,(byte *)temp,chunksize); /* buf now has enciphered output */ ! if (decrypt) /* buf was plaintext, is now ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); --- 511,517 ---- /* convert buf via xor */ xorbuf(buf,(byte *)temp,chunksize); /* buf now has enciphered output */ ! if (!decrypt) /* buf was plaintext, is now ciphertext */ /* shift in ciphertext to IV... */ cfbshift((byte *)iv,buf,chunksize,IDEABLOCKSIZE); From kent_hastings at qmail2.aero.org Thu May 27 16:15:55 1993 From: kent_hastings at qmail2.aero.org (Kent Hastings) Date: Thu, 27 May 93 16:15:55 PDT Subject: Physical Links Message-ID: <199305272315.AA13892@aerospace.aero.org> Physical Links Public key and other crypto techniques have been discussed here. So has TEMPEST shielding against eavesdropping. But, there hasn't been a discussion of physical data link options (unless it was "before my time"). IMHO, this topic should have a place in the FAQ. m. Physical Data Links. a. Telco/Dial-up b. Radio 1. VLF 2. MW (near Broadcast AM) 3. Shortwave 4. VHF 5. UHF 6. Microwave c. Infrared/Visible Free Space d. Laser/Maser Beam n. Modulation Techniques. a. AM b. SSB c. ACSSB d. FM e. SSTV f. FSTV g. Spread spectrum (hybrids of the following) 1. FH - frequency hopping 2. DS - direct sequence 3. TH - time hopping 4. TR - transmitted (noise) reference 5. SR - stored (usually pseudo-noise code) reference o. Network elements (?) 1. Wire and cable (underground, disguised) 2. Point-to-point (radio) 3. Simple repeaters/linear translators (transponders) 4. Regenerative repeaters (digital packet) 5. Satellites 6. Meteor scatter 7. Moonbounce I'd like to see pro and con discussion of these items. Having encrypted messages won't do any good if Our Enemy simply pulls the plug at the telephone company. Kent - kent_hastings at qmail2.aero.org. #000# From bakunin at gnu.ai.mit.edu Thu May 27 16:38:09 1993 From: bakunin at gnu.ai.mit.edu (bakunin at gnu.ai.mit.edu) Date: Thu, 27 May 93 16:38:09 PDT Subject: Physical Links Message-ID: <9305272337.AA16384@spiff.gnu.ai.mit.edu> Well, gee. Now, if we do all our encrypting at home, and only encrypted messages make it onto them thar links, wouldn't that help some? Not that physical links aren't a particular weak point. Just that. michael -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQCNAiwCUMgAAAEEALVBnm7CCroKf8P9qh+yB5c4QCCEhZ8AtaqMnqf7UEHxmHXW WTClI/LGZaMzTZGE6Mw8J8O6EVJK/7WvGg23YPXXm4t+8sLW+QESFbJbhksZjZaG dTmG4QH10b09K9/qYdugh2c7O01VqU7CD1ZgHMpp8VkVHcda0tF7S6aYxdMbAAUR tChNaWNoYWVsIEJha3VuaW4gPGJha3VuaW5AZ251LmFpLm1pdC5lZHU+ =xJ6U -----END PGP PUBLIC KEY BLOCK----- From TO1SITTLER at APSICC.APS.EDU Thu May 27 20:38:36 1993 From: TO1SITTLER at APSICC.APS.EDU (Kragen Sittler) Date: Thu, 27 May 93 20:38:36 PDT Subject: Steganography Message-ID: <930527213642.3e2f@APSICC.APS.EDU> I headed to the library to check out what they had, crypto-wise. I found one book copyright 1939, which had a chapter on methods of steganography. Some of the suggestions I got from it: -Use every third letter of each word. -Use every nth letter of each word, where n varies depending on a key. (e.g., 2-4-1-5-5-3) -use every nth word of a sentence. -encode in base-3 before steganizing. -use the number of syllables in a word. -use the number of words in a sentence. Irrelevant suggestions: -use different fonts. (within the same word.) -use broken and whole pickets in a fence. -use empty and full positions in a cartridge-belt, as in machine gun. -use invisible ink instead, it's easier. :-) Maybe these will help those more able to program than myself. Kragen. From tcmay at netcom.com Thu May 27 21:29:32 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 27 May 93 21:29:32 PDT Subject: Steganography In-Reply-To: <930527213642.3e2f@APSICC.APS.EDU> Message-ID: <9305280429.AA29877@netcom3.netcom.com> Kragen Sittler writes: > I headed to the library to check out what they had, crypto-wise. I found one > book copyright 1939, which had a chapter on methods of steganography. > > Some of the suggestions I got from it: > -Use every third letter of each word. > -Use every nth letter of each word, where n varies depending on a key. > (e.g., 2-4-1-5-5-3) > -use every nth word of a sentence ...rest elided... Was this "Cryptanalysis," by Helen Gaines? Or the Herbert S. Zim popularization? Both are very dated. Somehow I don't think 1939 methods will be real useful in a 1993 world. But the book may be educational...you have to crawl before you can walk, etc. (Kahn's "The Codebreakers" has some good stuff on hiding messages, mostly from World War II...think about it, those spies may've used your 1939 book as a tutorial!) There haven't been many recent books dealing explicitly with steganography, though modern crypto texts like Brassard's "Modern Cryptology," the Antichrist's "Cryptography and Data Security" (Dorothy Denning), or Salomaa's "Public Key Cryptography" are good sources. And conference proceedings (annual "Crypto" conferences) should have some articles on "covert channels" and the like. You can find these books in (most) large university libraries or in (many) technical bookstores. If the only crypto book you have access to is from 1939, find a larger library. Happy reading! -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From ld231782 at longs.lance.colostate.edu Thu May 27 22:04:29 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Thu, 27 May 93 22:04:29 PDT Subject: forged Sternlight posting? Message-ID: <9305280504.AA05292@longs.lance.colostate.edu> Apparently someone has forged a Sternlight posting on sci.crypt and alt.privacy.clipper. If the author can hear me: you should be severely ashamed. I've said before that Sternlight is actually (in a warped way) a *resource* to the net because of his representation of the NSA and `fuzzy-brained public' opinion. Without him, we'd have nothing but all of ourselves in a bland choir. Cypherpunks, maybe we can help track down the culprit. The forgery says `recently, some have called me a dupe'. Perhaps it is an allusion to a recent flame war wherein the counterfeiter participated. Cypherpunks are sneaky, but not sleazy. I look forward to the day when digital signatures and other authentication methods make forged postings like this a strange historical anachronism. ------- Forwarded Message From kocherp at leland.stanford.edu Thu May 27 21:45:14 1993 From: kocherp at leland.stanford.edu (kocherp at leland.stanford.edu) Date: Thu, 27 May 93 22:45:14 -0600 Subject: Public Apology [ARTICLE IS A FORGERY] Message-ID: <9305280445.AA09696@cardinal.Stanford.EDU.Stanford.EDU> Here's a copy of the forged note, plus my response. Regards, Paul Kocher kocherp at leland.stanford.edu - ------------------------------------------------------------------------------- Article 499 in alt.privacy.clipper: Path: nntp.Stanford.EDU!headwall.Stanford.EDU!agate!howland.reston.ans.net!usc!c s.utexas.edu!not-for-mail From: strnlght at netcom.com (David Sternlight) Newsgroups: alt.privacy.clipper Subject: Public Apology Date: 27 May 1993 01:58:35 -0500 Organization: DSI/USCRPAC Lines: 36 Sender: daemon at cs.utexas.edu Message-ID: <9305270624.AA00395 at silverton.berkeley.edu> NNTP-Posting-Host: cs.utexas.edu In article <9305270624.AA00395 at silverton.berkeley.edu> you write: >Dear Friends, > >Many of you have come to know me through my public analysis of >encryption technology and the law as I understand it. I have taken the >past few days to reflect on my positions. I now realize that I myself >have been misled and in turn may have been misleeding some of you. I am >very impressed with the quality and clarity of thought that many of you >on the system have displayed in your numerous and extensive replies to >my ruminations. Unfortunately, I have also been impressed with the >misleading and self-serving views presented by my former friend Jim >Bidzos, and by my colleagues in the United States Government. Recently, >some have called me a dupe, and, understandably, I have reacted >strongly. Only now do I realize how right they have been. > >Let me now try to explain my current thinking: Democracy, as defined by >our founding fathers, and the Greek philosophers before them, has as its >cornerstone free and unfettered public discourse. In our modern world, >privacy and the ability to speak without fear of disclosure or reprisal, >is a prerequisite for all but the most perfunctory such discourse. If >there is one thing I should have learned in my journeys to our spanish- >and portuguese-speaking neighbors to the south, it is that the >government can never be relied upon as the guarantor of privacy. >Contrariwise, it is all too often positioned as the infractor. We should >not, nay, we must not, allow the trivia of narrow-minded export >restrictions and the tyranny of questionable patents to stand in the way >of our personal liberties. > >I therefore undertake to present my public apologies to such enlightened >and forward-thinking members of our community as Daniel Bernstein, >Vesselin Bontchev, Peter Honeyman, Perry Metzger, and especially Phil >Zimmermann. I can only hope they will find the generosity to judge me >not on my past, but on my present and future actions. > >-- >David Sternlight Great care has been taken to ensure the accuracy of > our information, errors and omissions excepted. - ------------------------------------------------------------------------------- My article to sci.crypt and alt.privacy.clipper follows Newsgroups: alt.privacy.clipper,sci.crypt Subject: Re: Public Apology [ARTICLE IS A FORGERY] Summary: Expires: References: <9305270624.AA00395 at silverton.berkeley.edu> Sender: Followup-To: alt.privacy.clipper Distribution: Organization: DSG, Stanford University, CA 94305, USA Keywords: In article <9305270624.AA00395 at silverton.berkeley.edu> strnlght at netcom.com (David Sternlight) writes: >Only now do I realize how right they have been. I'm quite certain this post is a forgery. Plenty of things seem wrong here. For example, David doesn't usually post through cs.utexas.edu (which is reportedly is one of the least difficult sites to use for forging news articles). Other things are also wrong with the header... FLAME MODE: In my opinion, posting this represents a disgusting violation of net ethics (and the law). It is frightening that someone could be so immature as to attempt to damage David's relationships with Jim Bidzos and others. Hopefully someone can kill the article before it propigates too far... Regards, Paul Kocher kocherp at leland.stanford.edu [I'm sending this to sci.crypt in addition to alt.privacy.clipper, where a supposed "Public Apology" from David Sternlight was posted.] ------- End of Forwarded Message From ld231782 at longs.lance.colostate.edu Fri May 28 21:27:30 1993 From: ld231782 at longs.lance.colostate.edu ( L. Detweiler ) Date: Fri, 28 May 93 21:27:30 PDT Subject: Sternlight forgery Message-ID: <9305290406.AA25605@longs.lance.colostate.edu> Sheesh, hours spent on the Mycotronx posting are rewarded with uniform deafening apathy, and this gets all the reaction. I'd never have thought I'd be flamed for condemning a forgery. When did it happen that cancelling other's postings and deceitful forgeries wasn't taboo? Ok, ok, maybe it never was, and nothing's sacred in cyberspace; don't flame me with the history of Usenet taboos. Perhaps I didn't make this clear, but the names and themes (Zimmerman, Bidzos, RSA, PGP, other cypherpunk members) in the forged letter suggested to me a cypherpunk subscriber may have been responsible. Otherwise, I would not have posted it here. It's just my modest warning and reminder that while we might be revolutionaries we're not scoundrels. I take exception to the description of the posting as an `innocent joke'. I have no problem with an `innocent joke' like this being posted under someone's name or even anonymously. It seems to me at least some of the intent was rooted in malice and deceit. Ah, but I'm starting to sound like Depew. peter honeyman >go hang with spaf if you want to deal out this kind of bullshit. >cypherpunks are not the cops of the net. Ouch. I assure you Mr. Spafford is not my type, and anyway he has apparently resigned from the position of net.policeman so the point is mute. (At the quasi-demise of anon.penet.fi there was a lot of rumor and speculation that he was the `highly regarded net personality' who sent the poison letter alluded by Helsingius. I wonder if that tipped him over the edge?) Excuse me, I just thought it might give some bored cypherpunk something to do with their afternoon in helping track down the posting. I think I'll just go lurk in a dark Usenet corner. L. From RAGLAN54%MMC.BITNET at uga.cc.uga.edu Fri May 28 21:28:10 1993 From: RAGLAN54%MMC.BITNET at uga.cc.uga.edu (RAGLAN54%MMC.BITNET at uga.cc.uga.edu) Date: Fri, 28 May 93 21:28:10 PDT Subject: Electronic Contracts Message-ID: <01GYQ0C6AR1U8WX3NV@MMC.BITNET> Just a thought here. I'm still new to this cryptography thing, taking it seriously, have read through the FAQ and the past week or so of posts here. I just got a copy of PGP tonight, and on reading through the manual, something leaped out at me: electronic signature validation. If your private key acts as validation for a message, then what you have is an electronic signature that could be verified, and thus you could sign a contract online; you're snet the contract in email, you attach your private-key signature to it and email it back, and voila, you've entered into a contractual agreement that would stand up in court. Has there been a test case of this? Are there any lawyers or other legal types on this echo that could give an opinion on the validity of this idea? Or has this issue been discussed before? Andrew *5 From banisar at washofc.cpsr.org Fri May 28 21:30:10 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Fri, 28 May 93 21:30:10 PDT Subject: CPSR Seeks Clipper Docs Message-ID: <9305281842.AA46660@hacker2.eff.org> PRESS RELEASE May 28, 1993 CPSR Seeks Clipper Documents - Brings Suit Against NSA and National Security Council Washington, DC -- Computer Professionals for Social Responsibility filed suit today in federal district court seeking information about the government's controversial new cryptography proposal. The "Clipper" proposal, announced by the White House at an April 16 press conference, is based on a technology developed by the National Security Agency that would allow the government to intercept computer encoded information. Law enforcement agencies say that capability this is necessary to protect court ordered wire surveillance. But industry groups and civil liberties organizations have raised questions about the proposal. They cite the risk of abuse, the potential loss in security and privacy, costs to US firms and consumers, and the difficulties enforcing the policy. Marc Rotenberg, CPSR Washington office director, said "The Clipper plan was developed behind a veil of secrecy. It is not enough for the White House to hold a few press conferences. We need to know why the standard was developed, what alternatives were considered, and what the impact will be on privacy. " "As the proposal currently stands, Clipper looks a lot like 'desktop surveillance,'" added Rotenberg. David Sobel, CPSR Legal Counsel, said "CPSR is continuing its oversight of federal cryptography policy. These decisions are too important to made in secret, without public review by all interested parties." In previous FOIA suits, CPSR obtained records from the General Services Administration questioning the FBI's digital telephony plan, a legislative proposal to require that communications companies design wiretap capability. More recently, CPSR obtained records through the FOIA revealing the involvement of the National Security Agency in the development of unclassified technical standards in violation of federal law. CPSR is a national membership organization, based in Palo Alto, CA. Membership is open to the public. For more information about CPSR, contact CPSR, P.O. Box 717, Palo Alto, CA 9403, 415/322-3778 (tel), 415/322-3798 (fax), cpsr at cpsr.org From poier at sfu.ca Fri May 28 21:31:16 1993 From: poier at sfu.ca (Skye Merlin Poier) Date: Fri, 28 May 93 21:31:16 PDT Subject: Modified Vigenere encryption? Message-ID: <9305280735.AA22115@malibu.sfu.ca> -----BEGIN PGP SIGNED MESSAGE----- I was just thinking... What if one were to use Vigenere encryption with a key at least as long as the message (therefore making the incidence of coincidences irrelevant)? A key made of, for instance, words strung together from a dictonary selected pseudorandomly? Are there other weaknesses in the Vigenere system that are escaping me? Perhaps one could use (in the pseudorand words example) distribution / transition / equilibrium proabilities in the english language? If so, are there any other options for generating a long key without the need for a truly random key (which would make using the Vigenere table pointless because it would just be an one- time-pad)? Also, what are the weaknesses of the Playfair cypher? My texts mention it, but don't say much of anything other than how it works... Just pondering at odd hours... Skye - -- - -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAXAvS0bkpXW3omvAQG5EQP/dVH9mxGEvd59ec5e63LKvq45QCwW3K/W QQU9KlkqGsqw6s5R9N3JQeK+BEIDhq2qViPkP9PPDBPmK9nyAx1zLxQ7tP5W+HvT wuFeG+Yqzg5IBsOQXRKPaBeNJcgCyDXUgFSKSRT0fGD1n5XCb7zKScht2p4Cp0CB 07jUWV0cPqQ= =Cydq -----END PGP SIGNATURE----- From wixer!wixer.bga.com!meyer at cactus.org Fri May 28 21:32:21 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Fri, 28 May 93 21:32:21 PDT Subject: Trust, Amateur/Professional, use of PRNGs Message-ID: <9305280750.AA07434@wixer> >Date: Thu, 27 May 1993 11:33:06 -0400 >From: "Perry E. Metzger" > >meyer says: >> >> Perry Metzger writes: >> >> >Correct me if I'm wrong, but from what I understand, "Dolphin Encrypt" >> >does not use any well examined crypto system -- its something that you >> >guys, without any cryptography credentials, cooked up. On that basis, >> >why should we care about it? Most crypto systems that amateurs come up >> >with are pathetic to say the least, and strong systems, like >> >triple-DES and IDEA, are widely available. >> >> So far the DE method has not been well-examined, except by its >> developers (who have spent years on this). > >In that case, I do not think it is worthy of trust. (See "The >Codebreakers" by David Kahn for dozens upon dozens of stories of >amateurs who spent long times producing cryptosystems that were >essentially junk.) I am not asking that you take it on trust. If I were I wouldn't be revealing the details of the encryption method and I wouldn't be subjecting the software to critical examination. You omit to point out that Kahn also discusses the cryptosystem invented in the late 18th Century by Thomas Jefferson. I'm not aware that Jefferson was a "professional" cryptologist or that he was "credentialed" in this field. Yet his cryptosystem was sufficiently strong that even after 1922 "other branches of the American government used the Jefferson system, generally slightly modified, and it often defeated the best efforts of the 20th-century cryptanalysts who tried to break it down! To this day the Navy uses it." (Kahn, p.195 of the hardbound edition.) This shows that your distinction between "professionals" (by implication, the experts) and "amateurs" (by implication, the self-deluding fools) is false. There is no such clear-cut distinction. Whether a cryptosystem is strong or not has to be decided by an examination of the system itself, not on the basis of whether its author has attended cryptology classes at M.I.T. >> Statistical tests have not revealed any patterns in DE-encrypted >> ciphertext so far. > >Or in 99% of other crypto systems. I can construct completely trivial >and easily broken crypto systems that don't reveal any patterns >without careful analysis. As an example, it takes mere minutes to >break a cryptosystem constructed by XORing the plaintext stream with >the output of a linear congruential pseudorandom number generator -- >but the output will indeed look random to ordinary statistical tests. XORing the plaintext with the outcome of a linear congruential PRNG is a very simple-minded way to use a PRNG. Such operations are certainly amenable to mathematical analysis. No doubt you've read your Abraham Sinkov on "Mathematical Cryptanalysis" and other such works, where the solving of simultaneous equations in several (perhaps many) unknowns may yield a solution in some cases. Yet I fail to understand why you assume that someone (even someone "uncredentialed") who uses PRNGs in a cryptosystem will necessarily do so in a simple-minded way. I can't imagine why any intelligent designer of a cryptosystem would commit that error. From honey at citi.umich.edu Fri May 28 21:33:51 1993 From: honey at citi.umich.edu (peter honeyman) Date: Fri, 28 May 93 21:33:51 PDT Subject: forged Sternlight posting? In-Reply-To: <9305280504.AA05292@longs.lance.colostate.edu> Message-ID: <9305281918.AA09887@cygnus.com> > Apparently someone has forged a Sternlight posting on sci.crypt and > alt.privacy.clipper. If the author can hear me: you should be severely > ashamed. ... > > Cypherpunks, maybe we can help track down the culprit. ... > > Cypherpunks are sneaky, but not sleazy. ... go hang with spaf if you want to deal out this kind of bullshit. cypherpunks are not the cops of the net. peter From wixer!wixer.bga.com!meyer at cactus.org Fri May 28 21:34:48 1993 From: wixer!wixer.bga.com!meyer at cactus.org (meyer) Date: Fri, 28 May 93 21:34:48 PDT Subject: Reply to Eric Message-ID: <9305281746.AA11286@wixer> Eric Hughes writes: >>It has also been examined by four cryptologists (professional and/or >>credentialed) not involved in its development, and it was ridiculed >>by none of them. > >I hear the sounds of autonecrothaphty (digging one's own grave). Was >it recommended by any of them, and did any of the test it? It's true I'm going out on a limb here, but the potential benefit to the world is a new cryptosystem of some value (a deliberately modest claim). And one that was not designed by NSA complete with trapdoors. Anything new always meets with resistance. The description was run by the cryptanalysts for their comment. The consensus was that the method was probably strong, or at least not obviously weak, but that they had insufficient information to judge properly. You may disagree. You may not like the proposed method, but the real question is whether it works. In-house testing has been as rigorous as we can make it, but any outside cryptanalyst is welcome to take a shot at it. >>The first task of a cryptanalyst >>is to discover what method of encryption was used. > >Usually not. This often comes as collateral information related to >the intercept. In the case of a PC seizure, having a manual lying >around and an executable on the disk usually qualifies. Yes, a cryptanalyst looks around for other evidence as to which cryptosystem was used before the hard work of analysing ciphertext. As you say, it may be a manual or an exmcttable. The encipherer himself may reveal it. But in any case, identifying the encryption method *is* the first step in cryptanalysis. From dmandl at lehman.com Fri May 28 21:35:12 1993 From: dmandl at lehman.com (David Mandl) Date: Fri, 28 May 93 21:35:12 PDT Subject: forged Sternlight posting? Message-ID: <9305281244.AA13343@disvnm2.shearson.com> > From: ""L. Detweiler"" > > Apparently someone has forged a Sternlight posting on sci.crypt and > alt.privacy.clipper. If the author can hear me: you should be severely > ashamed. I've said before that Sternlight is actually (in a warped way) > a *resource* to the net because of his representation of the NSA and > `fuzzy-brained public' opinion. Without him, we'd have nothing but all > of ourselves in a bland choir. > > Cypherpunks, maybe we can help track down the culprit. The forgery says > `recently, some have called me a dupe'. Perhaps it is an allusion to a > recent flame war wherein the counterfeiter participated. I think the forgery was kind of primitive and obvious (OK, I admit I did get a little chuckle out of it). But if it wasn't already clear to everyone that it was a fake, I'm sure Sternlight's and your responses made it clear. I'm strongly opposed to being cops and "tracking down the culprit." It was just an innocent joke, and no one was hurt. If Sternlight's ego was bruised, then (as my mom used to say) "my heart bleeds for him." It's not a big deal. We've got better things to do than help David Sternlight fight his battles (though I agree it's useful to have him around). --Dave. From arkuat at joes.garage.com Fri May 28 21:36:55 1993 From: arkuat at joes.garage.com (Eric Watt Forste) Date: Fri, 28 May 93 21:36:55 PDT Subject: crypto product list Message-ID: <199305281748.AA09808@joes.GARAGE.COM> I'd like to put together a list of all commercially available encryption products, both the good and the bad, both the standalone and the built-in (to nonencryption products), with information about what algorithms are used in encrypting. I'm particularly interested in *commercially-available* (or free) products for telephonic security (cellular, standard, and fax), device-driver-level computer security products that use encryption, any mail software that uses builtin encryption (calls to RIPEM, PGP, whatever), products that license and incorporate RSA (nonproducts that will do this when they are products include Apple's OCE... is the RSA-compliant version of Lotus Notes out yet?), etc. etc. If you can mail information about such products to arkuat at joes.garage.com or to slippery at netcom.com, particularly the addresses of marketing departments that I can write to to get more information, I will compile a text file of this data and, with Eric Hughes permission, put it up in the cypherpunks directory of soda.berkeley.edu. Please send information about products that are commercially available or freely accessible right now. If you have information about products that you are fairly certain will be on the market within the next six months (before the end of 1993), please send the information but clearly indicate that the product in question is not yet available and clearly indicate a *conservative* estimate of the date the product will be available. Let me emphasize that my use of the word "product" is fully intended to include free software, not just monopolized intellectual property. If you know what encryption algorithm(s) is/are used by the product, such as DES (ECB, CBC, CFB), IDEA, RSA, Vigenere, please indicate that. If the manufacturers of the product have not disclosed the encryption algorithm, then please say so. What I myself know least about are the products for secure telephony, so I'd appreciate information on these the most. But I'm sure I have lots of gaps in my knowledge of hard-disk and e-mail security stuff also. I hope to have a preliminary file ready for soda (if soda wants it) before June 10th. If it's still short, I may post it here so y'all can more easily fill in the gaps. Eric Watt Forste arkuat at joes.garage.com 1800 Market St #243 San Francisco CA 94102 "Expectation foils perception." -- Pamela C. Dean From hughes at soda.berkeley.edu Fri May 28 21:37:49 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Fri, 28 May 93 21:37:49 PDT Subject: ADMIN: sequencing problems Message-ID: <9305281700.AA13903@soda.berkeley.edu> Many have wondered why the mail comes out of order sometimes. The following comments are my surmise of the situation; I haven't done an experimental confirmation of the situation. The sequencing problem comes from the way that toad.com handles mail. If it can't be delivered immediately upon arrival, it goes in the queue. If it can be sent out immediately, then it is sent out. Now toad.com routes to many sites through a relay at uunet; this relay bogs down. If toad.com can't connect to the relay, it queues the mail. The queue is processed only at intervals. The next mail might go out immediately, before the queue has been processed again. I see the same thing at soda. I'm not going to try to fix it. Eric From hughes at soda.berkeley.edu Fri May 28 21:37:59 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Fri, 28 May 93 21:37:59 PDT Subject: VinCrypt In-Reply-To: <9305271514.AA26019@snark.shearson.com> Message-ID: <9305281652.AA13454@soda.berkeley.edu> >This even bites the best of us. Phil Zimmermann [...] PGP 1.0 had Phil's Bass-o-matic cipher, which he subsequently dropped. When I first saw that, I thought to myself, "snake oil," but not in those words. I'm glad that lesson got learned. >I, for one, will never use any crypto system for which the algorithm >hasn't been extensively published and scrutinized. I am in total agreement. Eric From fergp at sytex.com Fri May 28 21:38:38 1993 From: fergp at sytex.com (Paul Ferguson) Date: Fri, 28 May 93 21:38:38 PDT Subject: Oh, da horrah. Message-ID: -----BEGIN PGP SIGNED MESSAGE----- On Thu, 27 May 93 23:04:21 -0600, ""L. Detweiler"" wrote - > Apparently someone has forged a Sternlight posting on sci.crypt and > alt.privacy.clipper. If the author can hear me: you should be severely > ashamed. I've said before that Sternlight is actually (in a warped way) > a *resource* to the net because of his representation of the NSA and > `fuzzy-brained public' opinion. Without him, we'd have nothing but all > of ourselves in a bland choir. > Cypherpunks, maybe we can help track down the culprit. The forgery says > `recently, some have called me a dupe'. Perhaps it is an allusion to a > recent flame war wherein the counterfeiter participated. > Cypherpunks are sneaky, but not sleazy. I look forward to the day when > digital signatures and other authentication methods make forged > postings like this a strange historical anachronism. I'm surprised no one realized this before now. My first reaction to this was that of humor. My second reaction was that I felt embarrassed for thinking it was funny. My subsequent reaction was that of irony. As was overheard in the newsgroup - > From: steiner at jupiter.cse.utoledo.edu (Jason 'Think!' Steiner) > Date: 27 May 93 07:09:07 EST > heh. maybe David should start signing his posts with PGP so he won't > have this problem in the future. :^) > [yeah, the irony was deliberatly manufactured by whoever forged that > post, but it's still too good to pass up.] I couldn't agree more. I do, however, agree that it was a pretty sleazy trick on somone's part -- but the irony factor is just too surreal. Cheers. -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAYovJRLcZSdHMBNAQGLtQP/Y5mGsWAGqtCwHYpiPkq/98ofprvRowq3 AZ1u+w0TJSYXeZpF+jSr6cOLH8boWS1Ud3tugFTUuQA/SD7sMFSwdPlvBzfHAIiE 1BiVs7+SDCFOPXXpttv8PezR0ZspyXwxNofGZVM1wXLG1siPBE3XeEbBjKp2SCev DK5Ez1QbSCI= =2Pne -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From hughes at soda.berkeley.edu Fri May 28 21:39:02 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Fri, 28 May 93 21:39:02 PDT Subject: Data Insecurity Packages, etc. In-Reply-To: <9305270314.AA05215@wixer> Message-ID: <9305281626.AA12145@soda.berkeley.edu> >It has also been examined by four cryptologists (professional and/or >credentialed) not involved in its development, and it was ridiculed >by none of them. I hear the sounds of autonecrothaphty (digging one's own grave). Was it recommended by any of them, and did any of the test it? >The first task of a cryptanalyst >is to discover what method of encryption was used. Usually not. This often comes as collateral information related to the intercept. In the case of a PC seizure, having a manual lying around and an executable on the disk usually qualifies. Eric From stig at netcom.com Fri May 28 23:03:42 1993 From: stig at netcom.com (Stig) Date: Fri, 28 May 93 23:03:42 PDT Subject: Modified Vigenere encryption? In-Reply-To: <9305280735.AA22115@malibu.sfu.ca> Message-ID: <9305290603.AA16770@netcom.netcom.com> I must've missed it. Will some kind soul forward to me a description of Vigenere? > > Also, what are the weaknesses of the Playfair cypher? My texts mention it, but > don't say much of anything other than how it works... > Well, a while ago I saw a description of playfair in a novel and it was simple enough that I coded it... I guess I had lots of free time. Don't pick on my code. It's old. Stig /** * playfair.c -- implementation of the playfair cipher * written by stig, 10-mar-91 * * --- TO COMPILE (put this in your makefile) --- * unpf pf: playfair.c * cc $(CFLAGS) -o pf playfair.c * - rm unpf * ln pf unpf * * --- THIS PROGRAM works as a filter--- * pf keyword code_file * unpf keyword my na me is xs ti go ri on at ha nz * * 2) transform each letter pair using the alphabet square: * (i may be written as either i or j) * a) letters appear in the same row -- replace them with letters to * the right. letter to right of rightmost letter is first letter * of the row. (hi -> il (or jl)) * b) letters appear in the same column -- replace them with letters * below. (ha -> ph) * c) otherwise -- replace each letter with the letter occupying the * same row in the grid and the column of the other letter in the * pair. (my -> pk) * * MY NA ME IS XS TI GO RI ON AT HA NZ * pk pd nk lq zq xf le bf es rv ph su */ #include #include #include #include char *Key = 0; char Square[26] = " "; /* 25 spaces */ #define pos(row,col) Square[ (row)*5 + (col) ] #define findrow(c) ((int)(index(Square,c)-Square)/5) #define findcol(c) ((int)(index(Square,c)-Square)%5) #define jtoi(c) (((c)=='j') ? 'i' : (c)) #define ENCODE 1 #define DECODE 4 build_square() { char *key = Key, c; int i = 0; assert(key && *key); while (*key) { *key = tolower(*key); *key = jtoi(*key); if (isalpha(*key) && !index(Square, *key)) Square[i++] = (*key); ++key; } for (c = 'a'; c <= 'z'; ++c) { if (c == 'j' || index(Square, c)) continue; Square[i++] = c; } assert(i == 25); } /* read stdin, place processed data in buf */ prepare(buf, mode) char *buf; int mode; { int c, last = 0; /* last character */ char splitter = 'x'; /* separates repeated letters, 'x' or 'z' */ while ((c = getchar()) != EOF) { if (!isalpha(c)) continue; c = tolower(c); c = jtoi(c); if (c == last && mode == ENCODE) { *buf++ = splitter; splitter = (splitter == 'x') ? 'z' : 'x'; } last = c; *buf++ = c; } *buf = 0; } extern long random(); outchar(c, mode) char c; int mode; { if (c == 'i' && mode == ENCODE && (random() & 4)) c = 'j'; putchar(c); } transform(buf, ofs) char *buf; int ofs; /* 1 encodes, 4 decodes */ { int r1, c1, r2, c2; for (; *buf; buf += 2) { r1 = findrow(buf[0]); c1 = findcol(buf[0]); if (!buf[1]) { buf[2] = 0; buf[1] = 'a'+(random()%26); } r2 = findrow(buf[1]); c2 = findcol(buf[1]); if (r1 == r2) { outchar(pos(r1, (c1 + ofs) % 5), ofs); outchar(pos(r2, (c2 + ofs) % 5), ofs); } else if (c1 == c2) { outchar(pos((r1 + ofs) % 5, c1), ofs); outchar(pos((r2 + ofs) % 5, c2), ofs); } else { outchar(pos(r1, c2), ofs); outchar(pos(r2, c1), ofs); } } putchar('\n'); } main(argn, argv) int argn; char **argv; { char buf[BUFSIZ]; char *cmd; int mode; srandom(getpid()); if (argn != 2) { fprintf(stderr, "Playfair en/decoder\nusage: %s keyword\n", argv[0]); exit(1); } Key = argv[1]; cmd = rindex(argv[0], '/'); cmd = (cmd) ? cmd + 1 : argv[0]; mode = (cmd[0] == 'u') ? DECODE : ENCODE; if (mode == DECODE) printf("NOTE: 'i' may be 'j', 'x' or 'z' may be extra.\n\n"); build_square(); prepare(buf, mode); transform(buf, mode); return (0); } /* Jonathan Stigelman, Stig at netcom.com, PGP public key by finger */ /* fingerprint = 32 DF B9 19 AE 28 D1 7A A3 9D 0B 1A 33 13 4D 7F */ From hughes at soda.berkeley.edu Sat May 29 00:10:16 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sat, 29 May 93 00:10:16 PDT Subject: CIPHERS: Dolphin Encrypt public review In-Reply-To: <9305281746.AA11286@wixer> Message-ID: <9305290706.AA00052@soda.berkeley.edu> >The description was run by the cryptanalysts for their comment. I've never seen any names, nor any statements of their analysis. As far as I'm concerned this stands as hearsay. >The consensus was that the method was probably strong, or at least >not obviously weak, but that they had insufficient information to >judge properly. Insufficient information?? And this is all you have for review? Did they even see code, or just an English description of it? Look, if saying they didn't laugh at it is digging your own grave, saying they didn't even look at the full algorithm is acting as your own firing squad. >In-house testing has >been as rigorous as we can make it, but any outside cryptanalyst is >welcome to take a shot at it. Anything as significant as a new cipher needs to be publically examined before it can be trusted. The opportunity for such public examination is not sufficient, only the actual publication and subsequent responses qualify. Therefore, I have a challenge for you to submit your algorithm in full detail to the public scrutiny of the academic cryptographic community. You have unfortunately missed the deadline for papers for CRYPTO 93, but you can always submit a paper to the Journal of Cryptology. If the cipher is to be considered secure, it should be proof against the most sophisticated attacks known; currently this means that it should be proof against differential cryptanalysis. Until this kind of high-level review has been made, I openly and publically recommend that this cipher not be used. As far as a product goes, Dolphin Encrypt would be much more useful if its cipher were trusted. A rewrite to use triple DES would be straighforward and would greatly increase the trustworthiness of the product. Eric From hughes at soda.berkeley.edu Sat May 29 00:41:19 1993 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Sat, 29 May 93 00:41:19 PDT Subject: Trust, Amateur/Professional, use of PRNGs In-Reply-To: <9305280750.AA07434@wixer> Message-ID: <9305290737.AA03283@soda.berkeley.edu> Re: disclosure >If I were I wouldn't >be revealing the details of the encryption method and I wouldn't >be subjecting the software to critical examination. To my mind, selling the code for the encryption method does not count as revealing the details to a very wide audience. Were it freely available, I would say that you had satisfied that concern. Were it even available on a non-compete covenant basis and free of monetary charge I would be satisfied. Let me see if I can paraphrase. You'll sell me the code, so that I can evaluate it or have someone else do this. This evaluation is much more for your benefit than mine, because where I might use it for myself, this same information accrues much more to the value of the cipher itself, which is yours. Oh, please. Re: An inappropriate historical comparison >You omit to point out that Kahn also discusses the cryptosystem >invented in the late 18th Century by Thomas Jefferson. I'm not >aware that Jefferson was a "professional" cryptologist or that he >was "credentialed" in this field. The single salient difference that you ignore is fifty years of public and intensive research into cryptography, starting with Shannon. I have seen nothing other than vague claims of security and one statistic of flat byte distribution in the ciphertext (necessary and easy to achieve). I have seen very little awareness of any of this work. In particular, the most sophisticated analysis for ciphers to date has been differential cryptanalysis. I have not seen the results of any such examination of your cipher. To give you a clue as to how good this technique is, Biham and Shamir were able to break FEAL-4 with a few dozen chosen plaintexts, and FEAL-8 with somewhat more. Re: levels of expertise >This shows that your distinction between "professionals" (by >implication, the experts) and "amateurs" (by implication, the >self-deluding fools) is false. There is no such clear-cut >distinction. The state of cryptography two hundred years ago is not relevant to the current state of knowledge. Today there is much, much more to know about the subject, and there is a lot of relevant prior art. Should you claim that this prior art is not needful to know in order to design new ciphers, I will not imply that your are a self-deluding fool, I will explicitly declaim you as self-deluding fool. Re: arguments _ad authoritatem_ >Whether a cryptosystem is strong or not has to be >decided by an examination of the system itself, not on the basis of >whether its author has attended cryptology classes at M.I.T. But lacking both criteria, I have no belief at all that your cipher is secure. In fact, given the track record or the uncredentialled in the last twenty years, I have exactly the opposite opinion. Re: cryptanalysis >No doubt you've read >your Abraham Sinkov on "Mathematical Cryptanalysis" and other such >works, These and other such works are by no means the state of the art. If you've learned all your cryptography from these, it's time to do some more reading. >where the solving of simultaneous equations in several >(perhaps many) unknowns may yield a solution in some cases. One of the fundamentals of real cryptography is that exact solution techniques are much less powerful than statistical methods of the appropriate form. Techniques of adding in 'noise' prevent exact methods, but that is largely irrelevant. Every useful statistic will come through just as before, except that a larger data set is needed. Eric From markh at wimsey.bc.ca Sat May 29 12:32:25 1993 From: markh at wimsey.bc.ca (Mark C. Henderson) Date: Sat, 29 May 93 12:32:25 PDT Subject: lucas encryption beta available Message-ID: U.S. and Canadian cypherpunks: I have a very early BETA of a free program that uses LUC and triple DES available. (uses gmp-1.3, only runs on Unix-like systems) I'm making it available in the hope that people will grab it, look it over and send comments, criticisms &c. anon ftp to netcom.netcom.com cd /pub/henderso get lucas-0.3.4.tar.z (gzip format) it binary mode. If you need gmp, you can also find it in the same directory. Please don't export this outside of the U.S. and Canada. -- Mark Henderson markh at wimsey.bc.ca (personal account) RIPEM key available by key server/finger/E-mail MD5OfPublicKey: F1F5F0C3984CBEAF3889ADAFA2437433 From jas at netcom.com Sat May 29 13:50:00 1993 From: jas at netcom.com (jas at netcom.com) Date: Sat, 29 May 93 13:50:00 PDT Subject: HDTV Markey hearings! Message-ID: <9305292128.AA10251@netcom3.netcom.com> Hi, I don't think this subject is relevant to this list, but I was flipping through the channels today and caught the last few minutes of the Markey Hearings on HDTV and digital broadcasting on C-Span. I wonder if anybody caught this and could e-mail me about it or posting it on this list. (The outcome of it). -jas. Does anybody know if it was broadcated on internet radio or the mbone?. From mccoy at ccwf.cc.utexas.edu Sat May 29 17:02:37 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Sat, 29 May 93 17:02:37 PDT Subject: crypto product list In-Reply-To: <199305281748.AA09808@joes.GARAGE.COM> Message-ID: <199305300039.AA04087@tigger.cc.utexas.edu> > From: Eric Watt Forste > > > I'd like to put together a list of all commercially available encryption > products [...] Source #1 : Information Systems Security Products and Services Catalogue Printed by the Government Printing Office (GPO) For subscription information call (202) 783-3238 or mail to: Superintendant of Documents U.S. Government Printing Office Washington, DC 20402 This is a catalogue of NSA-tested security products for govt agencies and contractors. Think what you like of the organization compiling the info, but this is the "real-world" security stuff people; this covers just about everything from secure satellite uplinks and tempest equipment to encrypting modems. Some of it is not available to the public, but vendor contact numbers are provided, so with a little hunting you might be able to find a nice list of the "high-end" of the spectrum. Source #2 : InfoSecurity Product News. The trade rag of this business. Can't remember the subscription info, but this seems to be where the MIS types shop... jim From gg at well.sf.ca.us Sun May 30 00:36:13 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Sun, 30 May 93 00:36:13 PDT Subject: >>>>>'s Message-ID: <199305300814.AA05423@well.sf.ca.us> Maybe I'm the only one around here who feels this way, but when I see a posting which begins with a whole bunch of inanely long quotes from previous postings, often going so far as to have whole nests of stacked >>>> symbols in front, I just go, *splat* and ctrl-C, and on to the next. Like, if we're reading this stuff regularly, we've got enough of a sense of the flow to be able to recognise someone's position from an abridged or abbreviated quote. For example, "Dolphin-crypt... an unexamined system (by analysts outside the community)..." does as well to convey the meaning involved, as posting a huge nest of paragraphs quoted entire. So in summary, what d' y'all think of trying to cut down on the swarms of >>>>>>>>>>> lengthy full-paragraph quotes and replace them with something a bit more compact, eh...? From mercury at well.sf.ca.us Sun May 30 06:32:00 1993 From: mercury at well.sf.ca.us (Michael Edward Marotta) Date: Sun, 30 May 93 06:32:00 PDT Subject: An inquiring mind wants to know Message-ID: <199305301409.AA11995@well.sf.ca.us> (This is for an article in the 1994 Loompanics catalog.) You are familiar with PGP and RIPEM, right?. Jim Bidzos told me about RIPEM when I asked him about PGP. (I wasn't too interested in his relationship -- or lack of one -- with Phil Z. I was more interested in RSA and the Feds.) So, since Mark Riordan was in my back yard, I called him and got a good interview and also his mailer. I got it on a unix system I have an account on and he sent me an MS-DOS version. I also talked with Phil Zimmermann. In fact, I talked to him first. I got PGP from a BBS operator I know via libernet at dartmouth.edu and I have played with it. I've also tried RIPEM. I don't know about you guys, but I find PGP much easier to use. RIPEM has all the hallmarks of unix wizardry. It is poorly documented. The interface is difficult. It grew in ways the designer never contemplated. And I haven't even RUN anything yet... Mark told me that it was primarily a MAILER. OK, I can accept that. But I just don't see it catching on. PGP, on the other hand, shows all the evidences of shareware. It's hard to comment on the obvious. So, I assume that I am in the normal range for a netrunner. I typically log in to fidonet bbses from home. I have a PC clone. I have had accounts on CompuServe, Prodigy and Delphi. I have a couple of email addresses. I can't see myself using RIPEM. I can indeed see myself using PGP. Here are my questions: How do you relate to the above? Do you see "everyone" on the Net happy as clams with privacy- enhanced mailers? Do you expect more people to find out about and rely on PGP? Do you see something else working here that I haven't perceived? Thank you for your time and consideration. Mike Marotta From 72114.1712 at CompuServe.COM Sun May 30 09:39:23 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sun, 30 May 93 09:39:23 PDT Subject: >>>>>s Message-ID: <930530171111_72114.1712_FHF43-1@CompuServe.COM> _________________________________________________________________ SANDY SANDFORT ssandfort at attmail.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ George A. Gleason wrote: " . . . So in summary, what d' y'all think of trying to cut down on the swarms of >>>>>>>>>>> lengthy full-paragraph quotes and replace them with something a bit more compact, eh...?" Like that, George? You know folks, George is right. It isn't necessary, however, to re-invent the wheel. Literary conventions for text presentation have existed for decades--if not centuries. "NetSpeak" can be oh so clever, but often, it's not very conducive to communication. Almost everyone on this list took English in school (-especially- those NOT educated in the US). If you don't remember your English grammar, spelling or style; buy some books. (Or as we say in NetSpeak, "RTFM"!) RELATED GRIPE: For all the excessive IQ on this list, I see lots of poor reading skills. As an example, I don't know how many of you have sent responses to me at my CompuServe address, even though I clearly request otherwise at the end of every one of my posts. (Didn't you get that far?) Often, I see responses to posts that focus on what the reader -thought- was said, rather than what was -actually- said. Before you go shooting from the hip, be sure you are responding to more than just some emotionally loaded key words. Also, I'm sure not all of you read -your own- posts before you launch them into Cyberspace. S a n d y P.S. Some of you may think this is not a relevant topic for Cypherpunks. If so, I suggest you think again. I leave the proof of relevance as an exercise for the student. >>>>>> Please address e-mail to: ssandfort at attmail.com <<<<<< _________________________________________________________________ From kelly at netcom.com Sun May 30 11:16:56 1993 From: kelly at netcom.com (Kelly Goen) Date: Sun, 30 May 93 11:16:56 PDT Subject: FWEE: alt.whistleblower possibles Message-ID: <9305301855.AA07356@netcom.netcom.com> Path: netcom.com!netcomsv!decwrl!uunet!digex.com!digex.net!not-for-mail I found this in alt.conspiracy and thought I would forward it to the list.... it looks like we may want to talk to these folks cheers kelly >From: j_wilson at access.digex.net (john m. wilson) >Newsgroups: alt.conspiracy >Subject: TO SYSOP OF ALT.CONSPIRACY >Date: 15 May 1993 22:09:26 -0400 >Organization: Express Access Online Communications, Greenbelt, MD USA >Lines: 26 >Message-ID: <1t47om$el6 at access.digex.net> >NNTP-Posting-Host: access.digex.net >Keywords: SYSOP ALT.CONSPIRACY QUESTION > >I am in contact with the Association of National Security Alumni, >a group of ex-security officers and associated professionals. > >They would like to find a place to post electronic copies of >"UNCLASSIFIED" a periodical devoted to government actions of >an unquestionable nature. > >Also I was asked to post a copy of Julianne McKinneys "Microwave >Harrassment & Mind-Control Experimentation" where it would be >available to interested parties. > >I would like to post the previously mentioned document in this >forum when it is delivered to me in electronic form. > >Also I would like to find an FTP site or sympathetic news group >who would keep the copies of "UNCLASSIFIED" online. > >This message is directed to the moderator of alt.conspiracy but >obviously I will entertain any useful response. > >Also I do not condone or endorse any of the veiws stated in the >previously listed documents. > > -John Wilson > The Silicon Service > From kelly at netcom.com Sun May 30 11:16:57 1993 From: kelly at netcom.com (Kelly Goen) Date: Sun, 30 May 93 11:16:57 PDT Subject: (fwd) Re: TO SYSOP OF ALT.CONSPIRACY Message-ID: <9305301855.AA07361@netcom.netcom.com> Path: netcom.com!netcomsv!decwrl!concert!news-feed-1.peachnet.edu!darwin.sura.net!howland.reston.ans.net!noc.near.net!nic.umass.edu!twain.ucs.umass.edu!not-for-mail From: eggo at twain.ucs.umass.edu (Round Waffle) Newsgroups: alt.conspiracy Subject: Re: TO SYSOP OF ALT.CONSPIRACY Date: 17 May 1993 14:05:14 -0400 Organization: The Durex Blender Corporation Lines: 15 Message-ID: <1t8k4qINNa35 at twain.ucs.umass.edu> References: <1t47om$el6 at access.digex.net> NNTP-Posting-Host: twain.ucs.umass.edu Keywords: SYSOP ALT.CONSPIRACY QUESTION In article <1t47om$el6 at access.digex.net> j_wilson at access.digex.net (john m. wilson) writes: > [material deleted] >This message is directed to the moderator of alt.conspiracy but >obviously I will entertain any useful response. > [material deleted] Well, alt.conspiracy has no moderator. Post away. -- +- eggo at titan.ucs.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation -----------------+ From marc at Athena.MIT.EDU Sun May 30 15:04:41 1993 From: marc at Athena.MIT.EDU (Marc Horowitz) Date: Sun, 30 May 93 15:04:41 PDT Subject: [daemon@ATHENA.MIT.EDU : National Security Telecommunications 5.27.93] Message-ID: <9305302242.AA20145@bill-the-cat.MIT.EDU> Subject: National Security Telecommunications 5.27.93 Errors-To: Mail-Server at campaign92.org Reply-To: Clinton-Info at campaign92.org Date: Fri, 28 May 1993 09:59-0400 From: The White House <75300.3115 at compuserve.com> To: Clinton-News-Distribution at campaign92.org E X E C U T I V E O F F I C E O F T H E P R E S I D E N T 27-May-1993 07:03pm TO: Jeffrey L. Eller TO: Jonathan P. Gill FROM: David Seldin Office of the Press Secretary SUBJECT: NATIONAL SECURITY TELECOMMUNICATIONS ADVISORY COMMISSION THE WHITE HOUSE Office of the Press Secretary For Immediate Release May 26, 1993 PRESIDENT APPOINTS AUGUSTINE TO CHAIR ADVISORY PANEL (Washington, DC) The President announced today that he has appointed Norman R. Augustine as Chair and William T. Esrey as Vice Chair of the President's National Security Telecommunications Advisory Committee (NSTAC). Augustine is Chairman and Chief Executive Officer of Martin Marietta Corporation and has previously served as Vice Chair of NSTAC. Esry is Chairman and Chief Executive Officer of Sprint Corporation. Also named to the NSTAC today were Joseph T. Gorman, the Chairman and CEO of TRW Inc., and Albert F. Zettlemoyer, the President of Paramax Systems Corporation and a Senior Vice President of Unisys Corporation. The President's National Security Telecommunications Advisory Committee is a Federal Advisory Committee designed to provide information and advice to the President regarding telecommunications planning. It is composed of up to 30 telecommunications industry executives. # # # --[0113]-- ------- End forwarded transaction ------- End of Forwarded Message From strong+ at cmu.edu Sun May 30 17:32:36 1993 From: strong+ at cmu.edu (Thomas W. Strong, Jr.) Date: Sun, 30 May 93 17:32:36 PDT Subject: An editorial comment from comp.risks Message-ID: In an article about the absurdity of ITAR legislation, Peter Neuman (the moderator) added this comment at the bottom. > [Incidentally, at last week's IEEE Symposium on Research in Security > and Privacy, a rump group decided that because crypto falls under > munitions controls, the right to bear arms must sanction private uses of > cryptography! PGN] Does anyone here have any more information about this? Particularly whether or not it can be backed up? ----------------------------------------------------------------- Tom Strong N3NBB ts49+ at andrew.cmu.edu From fergp at sytex.com Sun May 30 19:10:07 1993 From: fergp at sytex.com (Paul Ferguson) Date: Sun, 30 May 93 19:10:07 PDT Subject: Washington Post article on Clipper/Capstone/Skipjack & Privacy Message-ID: <976D5B1w165w@sytex.com> -----BEGIN PGP SIGNED MESSAGE----- The Washington Post Sunday, May 30, 1993 Pages H1, H4 Business section CHIPPING AWAY AT PRIVACY? Encryption Device Widens Debate Over Rights of U.S. to Eavesdrop by John Mintz and John Schwartz Washington Post Staff Writers The two men were well-dressed, Bill Frezza recalls. They walked into his New Jersey office a few days after his company, Ericsson-G.E. Mobile Data, Inc., announced the introduction of a portable device for sending and receiving electronic messages. The two asked knowledgeable questions about whether the product incorporated "encryption" technology, which scrambles signals to frustrate eavesdroppers. They wanted to buy some of the expensive, high-tech devices. With cash. "They were not tekkies," concluded Frezza, the firm's marketing chief. By the time they left (empty-handed, since there were no devices to sell yet), Frezza had decided they were drug dealers. The New Jersey incident illustrates why law enforcement and intelligence agencies are working so hard to keep a finger on new communications technologies emerging around the world. They fear these advances will give criminals and terrorists a new advantage - -- by making it all but impossible for authorities to tap their telephones and computer lines. The problem, say the feds, is that the bad guys are always the first to get the hot new toys -- whether they are fast cigarette boats, automatic weapons or computerized gadgets that ensure privacy. So the authorities -- over sharp protests from civil libertarians -- are continually looking for ways to defeat encryption technologies and continue monitoring communications. This conflict, simmering for years, came to a boil on April 16, when the White House announced it was imposing a new scheme for encrypting voice and data communications. The system, which employs a scrambler device dubbed the "Clipper Chip," leaves a deciphering "key" in the federal government's pocket. Whitfield Diffie, a pioneering cryptographer at Sun Microsystems Inc., compares Clipper to "the little keyhole in the back of the combination locks used on the lockers of schoolchildren. The children open the locks with the combinations, which is supposed to keep other children out, but the teachers can always look in the lockers by using the key." The government will stock up on phones and computers equipped with Clipper, and many companies that do business with the government will need to buy the same gear. The administration also hopes Clipper will catch on across the business landscape. Meanwhile, federal officials have been drawing up legislation to require telecommunications companies to grant law enforcement special access to U.S. communications networks. "We feel we need these tools to do our job," said James K. Kallstrom, the FBI's chief of investigative technology. Kallstrom said if the FBI can't get industry to make the changes, disaster could occur. "I don't have a lot of dead bodies laying around here or dead children from an airplane explosion that we haven't been able to solve -- yet." For Jim Bidzos, president of a California-based encryption firm called RSA Data Security Inc., the controversy "comes down to one simple question: Do you have the right to keep a phone call or a computer transmission private? The government says no." David Sobel, an attorney with Computer Professionals for Social Responsibility, an advocacy group for high-tech industries, said the fight over Clinton's Clipper chip is the opening shot in "the battle for the future direction of the nation's data highways." Spooking the 'New Agers' The Clinton White House's decision to cast its lot with the FBI and the super-secret National Security Agency (NSA) has its ironies. The young computer wizards who manage the information industry helped elect Clinton, and they share with him a dream of a 21st-century telecommunications revolution. But many of the industry's "new agers," as one White House official calls them, think Clinton is selling out to spooks and spies. The FBI and NSA had won support in the Bush administration for Clipper, first proposed several years ago. Then within weeks of the Democrats' move into the White House, top law enforcement and national security officials won over the Clinton team. One White House official said they were "taken with the aura of making national security decisions inside the White House.... You see the stakes differently." The FBI and state and local law enforcement officials told the incoming Clinton team that resolving this issue was one of their highest priorities, industry sources said. Mike Godwin, counsel for the Electronic Frontier Foundation, which is mobilizing the communications industry against Clipper, said that "like all liberals, Clinton has an interest in being seen as a good law-and-order guy." Clinton's National Security Council is now conducting a closed-door review of those subjects -- which the industry criticizes for being secret, and on Friday corporate critics will converge on the White House. Old Ways, New Days To understand the FBI's and NSA's concern about the new information age, it helps to recall the state of communications a quarter-century ago. In the 1950s and 1960s, there was only one phone company, AT&T, and it worked closely with the NSA and law enforcement, industry experts said. Similarly, the computer business was dominated by International Business Machines Corp. AT&T and IBM were huge, discreet and overtly patriotic bureaucracies -- proud members of the military-industrial complex. When the administration of President Gerald Ford filed an antitrust suit against AT&T in the 1970s, the Defense Department opposed it on national security grounds, since the firm was seen as key to the nation's mastery of the global communications system. When the antitrust suit succeeded in 1984 and a federal judge dismantled AT&T, the NSA was scared, government officials said. Instead of the one mighty AT&T, there are now seven regional "Baby Bell" companies and hundreds of new telecommunications players in the U.S. market, some foreign-owned. The computer business also has been balkanized, with some firms run by youngish rebels of the post-Vietnam War generation who sneer at authority. (The founders of Apple Computer Inc., started in business selling "blue boxes" -- machines that help users scam the phone company -- to students at the University of California at Berkeley.) The FBI and NSA are uncomfortable speaking about the nation's vital communications secrets with some of these newcomers, government officials said. Adding to law enforcement worries is the technology itself: Where the system was once just copper wires on poles, now it's a dizzying tangle of satellites, microwave towers, fiber-optic cables and cable TV systems, all linked up and bouncing signals around in cyberspace. "They feel this onslaught, being drowned by this technology revolution that's overrunning their capabilities," one White House source said of the NSA and FBI. "They're feeling very threatened.... They fear the horse is getting out of the barn." Dealing With Digits The government's response to the new world has been twofold: an attempt to make the nation's phone and communications networks more open to government taps, and a drive to limit the spread of data encryption. The biggest worry for law enforcement is the high-tech modernization of the nation's communications system, especially the "digitalization" of phone networks. This translates conversations and data into the "0"s and "1"s of computer talk. Anyone who has heard the squeal of a fax machine knows it doesn't sound like conversation. The FBI wants a guarantee that when a court approves a wiretap, it can gain access through special "ports" to conversations or data streams that can be retranslated from digital language. The FBI is "panicky," said one Baby Bell executive, over the increasing sophistication of the U.S. phone system. "They're sitting over there with their simple little pair of alligator clips" that were once used to tap phone lines. The FBI's Kallstrom offers an example of the limits imposed by changing technology: In the mid-1980s in New York City, because digital switches that control cellular phone networks were not designed with law enforcement in mind, investigators looking into drug dealers, mobsters, terrorists and all other miscreants had only five "ports," or entry points, from which to tap cellular phones. "For years, criminals had a free pass to engage in criminal activity there," he said. "It's a mini-version of what'll happen in the future." The FBI says it wants to maintain the status quo, meaning its ability to keep monitoring calls. "You want to maintain what?" said Nathan Myhrvold, a Microsoft Corp., vice president. "That's just such a crazy thing to say in the computer industry," where product cycles are measured in months. In March 1992, the FBI took the offensive in the battle to keep the taps open. That's when it surprised industry with a legislative proposal that would require telecommunications firms to guarantee law enforcement access to its new information networks. This "digital telephony" proposal was later withdrawn after a bitter outcry from communications and computer companies. The firms opposed, among other things, provisions that the Federal Communications Commission must draw up rules on this highly complex matter in secret and on a highly expedited schedule, and that the phone companies' customers finance the modifications through rate increases that could cost many billions of dollars. Federal officials have been drafting new legislation, sources said, but have been tight-lipped about its content. Encryption Anxieties On top of the surveillance problems posed by a digital network, law enforcement also is vexed by the rise of inexpensive encryption technologies, used in everything from personal computer messages to electronic commerce. Businesses that zip sensitive secrets across the globe need to guard against industrial espionage, and some encryption systems are virtually unbreakable -- not only by industrial pirates, but also by the NSA and FBI. The government hopes Clipper will replace chips providing unbreakable encryption for conversations. The NSA also is promoting a chip to encrypt data, called "Capstone." Both use a classified encryption algorithm, or formula, called "Skipjack." Using these technologies, government officials retain their own master keys, actually long strings of numbers, to decrypt messages. To assuage the fears of civil libertarians, the government will split each key in two -- like the two pieces of a treasure map torn down the middle -- and place the pieces with two government agencies. A police officer who gets a judge's approval for a wiretap must go to the two agencies to tap the line. Administration sources said that if the current plan doesn't enable the NSA and FBI to keep on top of the technology, then Clinton is prepared to introduce legislation to require use of its encryption technology, which is crackable by the NSA, and ban use of the uncrackable gear. "It's an option on the table," said a White House official. Stephen Bryen -- formerly a top trade security official in the Pentagon and now president of a small Silver Spring-based firm that develops encryption technology -- says that he realized recently that "I've got a competitor, and it's the U.S. government." He said it is almost unprecedented for government to compete directly with industry in this way. "It's hard to compete against taxpayer money," he said. "The playing field's not level." So far, Clipper's launch has been less than auspicious. A coalition of top computer and telecommunications firms and trade groups -- including IBM, Microsoft and about 25 others -- has sent letters to Clinton raising a list of 150 pointed questions about the decision. On Friday, an association of firms that make computers said that with Clipper, government officials may find it "difficult to resist" monitoring communications it shouldn't. It recommended the government slow deliberations on the question. Details about Clipper's technology are classified. Without knowing about it, Clipper's critics say they can't evaluate how secure it is -- the central issue for those wanting privacy. Dorothy Denning, a Georgetown University cryptography expert briefed on the chip by government officials, says Clipper strikes a balance between strong data security and restricted government access. "I was impressed," she said. In any case, many in industry say they doubt Clipper will gain favor in the market. Data security shoppers may avoid a product with a famous security hole installed by the government. Paul Jones, vice president for government marketing at a Virginia-based encryption firm called Guardata, said a security consultant for a big labor union recently told him, "Do you think I'm dumb enough to buy something endorsed by the NSA?" For the same reason, Clipper would be a hard sell overseas, where companies might fear U.S. intelligence agencies would spy on them. The federal government, said Bidzos of RSA Data Security, "is forcing a showdown we just can't win" overseas. Rep. Edward J. markey (D-Mass.), chairman of the House telecommunications subcommittee, fears the government may eventually ban encryption. "In a digitally linked world, where encryption is the key to privacy," he said, "banning encryption may be like banning privacy." Frezza of Ericsson GE said despite his personal reluctance to sell high-tech gear to criminals, the government's effort to limit encryption software is bought so easily. "The genie is already out of the bottle," he said. "We're all going to look back on this date in five years and laugh that anyone tried to control this technology." -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAloa5RLcZSdHMBNAQGtcgQAjhCYLsOMh/SbxVHEJByUvdXXbMfuf30p l7JFINuhOOaqDx3c2azJMEPSHxFWG4q4yCQ3xOOlAQFMWKycGFR8ZU+hTH0M2ltc K4imn1G4v0hQ3BLauA4P4eOv7Zr4ehhDH6qq/zr6iAr3JTZiANvs9DujetQherb4 YHvOKsvu9Bs= =i5rB -----END PGP SIGNATURE----- Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp at sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip. From jjl at Panix.Com Sun May 30 20:56:02 1993 From: jjl at Panix.Com (J. J. Larrea) Date: Sun, 30 May 93 20:56:02 PDT Subject: Wash. Post reveals nasty surprise Message-ID: <199305310424.AA29607@sun.Panix.Com> Just received this snippet of an article in Sunday's Washington Post. The authors are being contacted to see if permission can be obtained to post the entire piece. > Full cite is Washington Post Business section, pages H1,H4, Sunday, May 30, > 1993. Byline is John Mintz and John Schwartz, Washington Post staff writers. > Near the end, it reads: > > "Administration sources said if the current plan doesn't enable the NSA and > FBI to keep on top of the technology, then Clinton is prepared to introduce > legislation to require use of its encryption technology, which is crackable > by the NSA, and to ban use of the uncrackable gear. > 'It's an option on the table,' said a White House official." Very scary stuff... clearly a strong reaction to the Clipper announcement was *far* from overreaction. - JJ From 74076.1041 at CompuServe.COM Mon May 31 07:39:38 1993 From: 74076.1041 at CompuServe.COM (Hal) Date: Mon, 31 May 93 07:39:38 PDT Subject: Clipper harmful to CPs? Message-ID: <930531151140_74076.1041_FHD60-4@CompuServe.COM> -----BEGIN PGP SIGNED MESSAGE----- Headline: "Clipper Considered Harmful" ...so what else is new, huh? But I was thinking specifically of Cypherpunks. Reading the article about the group in the Whole Earth Review, an article written before the advent of the Clipper proposal, reminded me of all the things we were working on before the Clipper forced them onto the back burner. Anonymous mail, anonymous posting, steganography, digital cash, whistle- blowers, encryption itself - all the ingredients of Tim's "crypto anarchy" - in many of these areas it seemed we had a certain amount of momentum which has been lost. If "Cypherpunks write code", how much code has been written lately? Now it seems like our motto is changing to "Cypherpunks write letters", to their congressmen. Things are not all black; Miron Cuperman has recently released his encrypted talk program based on PGP technology, and Kevin Brown's postings on stega- nography had some interesting ideas, although they need some development before anything could be coded. But for the most part progress in our previous areas of attention has been slowed if not halted. This can only be welcome to the forces which created the Clipper. Even if the chip fails, they have at least succeeded in distracting the underground crypto community, dividing it to some extent (to PGP or not to PGP?), and delaying the prospect of having to deal with a fully functioning infrastructure for true anonymity and privacy. I know Clipper is an important threat, and I know that many in the Cypherpunks community have helped lead the battle against the chip. But I am encouraged by the widespread opposition to the proposal among technically sophisticated people - not just on the net, but in the trade press as well. The right groups (EFF, CPSR, etc.) are asking the right questions, and Rep. Markey is turning up the heat in Washington. The battle is not yet won, but there is only a limited amount of leverage available in the political process. Our main skills are technical, not political. I contend that our efforts are better spent putting the technology into people's hands, per the group's original charter. We should be working to create new tools which will increase the average computer user's access to strong privacy. We should be pushing the envelope of what is possible today, exploring and experimenting with implementations of these new ideas. I claim that our best response to the threat posed by Clipper is a hearty "screw you" and a rededication to the Cypherpunks goals. Let the powers that be know that we are not intimidated or cowed by their threats. We must continue to oppose Clipper, but at the same time we must make progress on the crypto privacy front. Otherwise our opponents are winning, regardless of the eventual political outcome. Hal Finney 74076.1041 at compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAnyqagTA69YIUw3AQFmpQQAprR81Th1dS8iOr6XnfGF7bCdaLTghKGB y5d16EZwqshZVJjGInR8HIcxviPOYdFggCZXSKOq8PVwIoqQK6L15h/5lbsScPpy mRgLa4gh/jxFloe6Uj28gpoHAjyAPF1CIiAJ260aqsl/vFfsSb7DmPhl9qJ2bghl XKR4UeeA2nE= =sXHm -----END PGP SIGNATURE----- From avalon at coombs.anu.edu.au Mon May 31 08:23:08 1993 From: avalon at coombs.anu.edu.au (Darren Reed) Date: Mon, 31 May 93 08:23:08 PDT Subject: Modem Use Fees (fwd) Message-ID: <9305311523.AA03215@toad.com> Forwarded message: > Date: Mon, 31 May 1993 11:32:11 -0400 (EDT) > From: Stan Bernstein > Subject: Modem Use Fees > Message-Id: > Mime-Version: 1.0 > Content-Type: TEXT/PLAIN; charset=US-ASCII > > > The following, originating from Mr. Tom Justice (CGFS69A [Prodigy]) and > authorized for resubmission to other networks, deals with proposed modem > use fees. It was originally posted on Prodigy a couple of days ago. I would be > interested in anyone's take on the accuracy of this. I apologize for its > length but did not want to distort it too much through truncation. > > "...Two years ago the FCC tried and (with your help and letters of > protest) failed to institute regulations that would impose additional > costs on modem users for data communication. > "Now they are at it again. A new regulation that the FCC is quietly > working on will directly affect you as the user of a computer and modem. > The FCC proposes that users of modems should pay extra charges for the use > of the publc telephone network which carry their data. In addition > computer network services would also be charged as much as $6.00 per hour > per user for the use of the publc telephone network. Obviously these > charges would be passed on to the consumer. The money is to be collected > and given to the telephone company in an effort to raise funds lost to > deregulation. Jim Eason of KGO newstalk radio San Francisco commented on > the proposal during his afternoon radio program during which he said he > learned of the new regulation in an article in the New York Times...." > > In a second post on Prodigy, Mr. Justice suggests writing to various > regulatory officials to convey the following suggested text: > > "Dear Sir: > "Please allow me to express my displeasure with the FCC proposal which > would authorize a surcharge for the use of modems on the telephone > network. This regulation is nothing less than an attempt to restrict free > exchange of information among the growing number of comptuer users. Calls > placed using modems require no special telephone equipment, and users of > modems pay the phone company for use of the network in the form of a > monthly bill. > "In short, a modem call is the same as a voice call and therefore > should not be subject to any additional regulation...." > > Mr. Justice ends his second post with the following: > > "It is important that you act now. The bureaucrats already have it in > their heads that modem users should subsidize the phone company and are > now listening to public comment. Please stand up and make it clear that we > will not stand for any government restriction on the free exchange of > information. > "Pleae deal with this in a TIMELY manner. We can't wait and watch, or > we will be walked over by government regulations that are trying to > strangle us." > # # # > Stanley Bernstein (sbernst at panix.com) > > > > > > > > From nobody at pmantis.berkeley.edu Mon May 31 09:20:21 1993 From: nobody at pmantis.berkeley.edu (nobody at pmantis.berkeley.edu) Date: Mon, 31 May 93 09:20:21 PDT Subject: No Subject Message-ID: <9305311700.AA04897@pmantis.berkeley.edu> LOOKING FOR: MS-DOS utilities for cryptanalysis. WHY ON EARTH WOULD I WANT SUCH A THING? I'm analyzing a piece of encryption shareware advertised on comp.archives.msdos.announce. The author proudly claims that: "The algorithm used was developped independently of any literature on the subject of data encryption. The author hasn't read any texts on this subject and any ressemblance that may or may not exist between this algorithm and any previous algorithms is purely coincidental." He charges $15.00 for it too... One of those "secret algorithm" deals... PARTICULAR TOOLS I'D USEFUL... - A binary file editor/composer with hex and ascii displays - A tool for generating and viewing letter frequencies, digram/ trigram frequencies I've been able to get by with stuff I have lying around and quick programs I written as needed. But it sure would be nice if there were some slick utilities made for the job! I looked on soda in pub/cypherpunks/cryptanalysis and found nothing useful. If anyone has anything like this, please, *please* upload it to soda... Thanx... -the Cire From nobody at rosebud.ee.uh.edu Mon May 31 12:19:16 1993 From: nobody at rosebud.ee.uh.edu (nobody at rosebud.ee.uh.edu) Date: Mon, 31 May 93 12:19:16 PDT Subject: PGP vs. RIPEM Message-ID: <9305311919.AA06505@toad.com> -----BEGIN PGP SIGNED MESSAGE----- ( >>>>>>'s inserted for the benefit of George Gleason ;-) From: Michael Edward Marotta >>>>>> (This is for an article in the 1994 Loompanics catalog.) That's great that Loompanics is covering encryption. >>>>>> I don't know about you guys, but I find PGP much easier to use. >>>>>> RIPEM has all the hallmarks of unix wizardry. It is poorly >>>>>> documented. The interface is difficult. It grew in ways the >>>>>> designer never contemplated. And I haven't even RUN anything >>>>>> yet... Mark told me that it was primarily a MAILER. OK, I can >>>>>> accept that. But I just don't see it catching on. PGP, on the >>>>>> other hand, shows all the evidences of shareware. It's hard to >>>>>> comment on the obvious. I think the existance of two programs is good, helping to promote some rivalry and a certain amount of borrowing of good ideas from each other. PGP now has a contrib directory with information and scripts to help integrate it into mailers, an area which RIPEM has focussed on from the beginning. >>>>>> So, I assume that I am in the normal range for a netrunner. I >>>>>> typically log in to fidonet bbses from home. I have a PC clone. >>>>>> I have had accounts on CompuServe, Prodigy and Delphi. I have a >>>>>> couple of email addresses. I can't see myself using RIPEM. I >>>>>> can indeed see myself using PGP. PGP was originally developed on a PC and then ported to Unix, while for RIPEM it was the other way around, I believe. The workings of RIPEM are more Unix-ish while PGP is more DOS-ish. Which program seems more natural may depend on your background. The user community is more diverse than most people realize. You sound like you have somewhat more of a PC orientation than many people on the net. Most of the people I run into have the opposite problem - they think everything is Unix and that the PC is just some little corner of the world which isn't really relevant. They think that Usenet and Unix workstations are the de facto target environment for any communications utility. Actually, I think your experience is more relevant - PC's at home, hooking up to BBS's, Fidonet, and the commercial services for communications; also, people using PC's at home and dialing into Unix boxes at school or work. Another big area is people using networked PC's at work, although since we are mostly talking about freeware packages here we haven't paid much attention to that. Especially with encryption, which generally can't run securely on multi- user workstations, it makes more sense to think of PC's as the target platform. Some people are starting to have single-user systems which can run Unix, and this may increase with time, but for now DOS is where the emphasis should be. Many of the PC magazines predict that Unix is dead in that market and that Windows is the platform of choice in the future, so that is where we should be aiming, IMO. As Phil Zimmermann says, "skate to where the puck will be." I didn't really mean to open up the standard OS wars here, but it's important to realize that encryption has unique requirements for secrecy and security which may affect the DOS vs Unix debate. (And yes, I know I'm leaving out Macs, Amigas, Ataris, and who knows what else.) >>>>>> Here are my questions: >>>>>> How do you relate to the above? >>>>>> Do you see "everyone" on the Net happy as clams with privacy- >>>>>> enhanced mailers? >>>>>> Do you expect more people to find out about and rely on PGP? >>>>>> Do you see something else working here that I haven't perceived? The big problem, as Eric Hughes has frequently mentioned here, is the need to integrate encryption with mailing. I think what is really needed is some way of dealing with people who read mail on their PC while using some kind of terminal program or similar package to connect to a BBS, commercial service, or Unix box. The problem is that there are so many different programs in use and people probably won't be willing to switch just to get encryption. A lot of programs have fancy features including scripting, macro keys, etc., and switching requires learning new ways of doing all your old stuff. Hal Finney 74076.1041 at compuserve.com -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAi+1agTA69YIUw3AQGPLgQAlyIQOjmSo/Aq+aAUcTClfSVKXKMJiWk1 rYJ5qWiUYhkyyxRzTcLLUcGHg7kMlBwX1Xm8ptdq+/9FRUPXC8zGQjfD+Fn5AoHU FjItmAk6t4JEDRiaYTQAhVlJZnt3LHmnvMADxwCm36He6svjQTWDDXyob0giWw9s 2bQbGLGZG9Y= =yYIN -----END PGP SIGNATURE----- From bakunin at gnu.ai.mit.edu Mon May 31 13:21:27 1993 From: bakunin at gnu.ai.mit.edu (bakunin at gnu.ai.mit.edu) Date: Mon, 31 May 93 13:21:27 PDT Subject: divers Message-ID: <9305312059.AA24756@spiff.gnu.ai.mit.edu> In re: > wars chill out. I, too, think people overquote, but I also don't feel compelled to tell them how to post. Let your conscience guide. In re: my gripe overLONG posts. Wilde once wrote a friend words to the effect that '..I do not have time to write you a short letter.' Take the time to be concise. In re: PGP/RIPEM PC/Unix Well, gee. I prefer PGP for my encryption, but unix otherwise. What am I, weird? In re: 2d amendment & encryption Love the idea. I fear the 2d amendment is far too compromised. If gun control coexists with ol' #2, so can encryption control. concisely, michael From tcmay at netcom.com Mon May 31 13:22:01 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 31 May 93 13:22:01 PDT Subject: Clipperpunks Write Code? In-Reply-To: <9305311901.AA28803@relay2.UU.NET> Message-ID: <9305312100.AA22836@netcom3.netcom.com> (I've taken the liberty of renaming Hal Finney's thread, mainly since I wasn't sure _what_ it was named...it arrived via the -request list and was missing some headers....) Hal Finney writes: > Headline: "Clipper Considered Harmful" > > ...so what else is new, huh? > > But I was thinking specifically of Cypherpunks. Reading the article > about the group in the Whole Earth Review, an article written before > the advent of the Clipper proposal, reminded me of all the things we > were working on before the Clipper forced them onto the back burner. > > Anonymous mail, anonymous posting, steganography, digital cash, whistle- > blowers, encryption itself - all the ingredients of Tim's "crypto anarchy" - > in many of these areas it seemed we had a certain amount of momentum which > has been lost. If "Cypherpunks write code", how much code has been written > lately? Now it seems like our motto is changing to "Cypherpunks write > letters", to their congressmen. ...stuff elided to save space.... > I claim that our best response to the threat posed by Clipper is a hearty > "screw you" and a rededication to the Cypherpunks goals. Let the powers that > be know that we are not intimidated or cowed by their threats. We must > continue to oppose Clipper, but at the same time we must make progress on > the crypto privacy front. Otherwise our opponents are winning, regardless of > the eventual political outcome. I think Hal is right, though the Clipper controversy has generated a lot of new interest in crypto issues and perhaps even in this list. My guess would be that many of today's readers are on this list now because of the rude awakening Clipper gave them. Having said this, I agree that our real strength lies in technical areas (I'm referring to folks like Hal, Eric Hughes, Miron Cuperman, all the others who're writing C and Perl code, and all those running remailers and the like). The anti-Clipper work is related, but probably isn't the core...fortunately, I doubt there's any conflict, as people will work on what interests them, so the Clipper stuff probably isn't affecting work on other core issues. Maybe at the next Cypherpunks physical meeting we can get some idea of what others are doing? For example, perhaps Hal Finney could communicate by phone for a few minutes? (We did this with the Boston and D.C. Cypherpunks at the emergency Clipper meeting and it worked well.) Others could also call in, or vice versa. Things like digital money will require a lot of effort, probably two or three times what PGP took (just a guess). Wide deployment is even more problematic. These are "social" issues, not just technical issues, of course, so progress is hard to predict. It may take a while. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From poier at sfu.ca Mon May 31 15:06:43 1993 From: poier at sfu.ca (Skye Merlin Poier) Date: Mon, 31 May 93 15:06:43 PDT Subject: Crypto anarchy in a VW? (not the bug) Message-ID: <9305312244.AA20903@malibu.sfu.ca> Has there been any discussion of anonimity / crypto anarchy in a virtual world such as the ones described in _Snow Crash_ or _Neuromancer_? When the nets to support these technologies come into place (and I have no doubt that they will), perhaps a form of anonimity could be written into the architechture, instead of having to add it on later as is the case now.... I would certainly be very interesting, especially with the work being done on creating alternate personas (or avatars, whatever). Also, a while back someone mentioned in passing buried cables.. this stirred up an old idea I had about server anonimity, that is that the actual physical location of a server would be very difficult to pin down... the only way to do this with any real degree of security would be to bounce signals off a satellite but this would be rather costly... Skye -- -----====> Skye Merlin Poier <====----- Undergrad in CMPT/MATH (Virtual Reality) |||| |||| email: poier at sfu.ca p-OO <--> OO-q THINK PGP Public Key available on finger \== ==/ From mccoy at ccwf.cc.utexas.edu Mon May 31 15:51:53 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 31 May 93 15:51:53 PDT Subject: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9305312244.AA20903@malibu.sfu.ca> Message-ID: <199305312329.AA10472@ccwf.cc.utexas.edu> Skye Merlin Poier writes: [...] > Also, a while back someone mentioned in passing buried cables.. this > stirred up an old idea I had about server anonimity, that is that the > actual physical location of a server would be very difficult to pin > down... the only way to do this with any real degree of security would be > to bounce signals off a satellite but this would be rather costly... Try this idea out: several machines agree to "host" a server. Each machine runs a virtual-server process that communicates with the other virtual-server programs. These programs then combine to run the actual server (a sort of shared virtual multi-processor). The server itself _has no physical existence_ and could operate as long as only one of the hosts is able to spare it some CPU and memory slices. The "server" would basically consist of it's instruction packets being bounced around the net. Secure crypto communication between the "processors" with some reflectors scattered around the net to provide easy access points for those wanting to use the services and you have a service that doesn;t really exist, at least not as far as current legal definitions go... :) jim From honey at citi.umich.edu Mon May 31 19:40:24 1993 From: honey at citi.umich.edu (peter honeyman) Date: Mon, 31 May 93 19:40:24 PDT Subject: divers In-Reply-To: <9305312059.AA24756@spiff.gnu.ai.mit.edu> Message-ID: <9306010240.AA14354@toad.com> > overLONG posts. Wilde once wrote a friend words to the effect that > '..I do not have time to write you a short letter.' Take the time > to be concise. yo, je n'ai fait celle-ci plus longue parceque je n'ai pas eu le loisir de la faire plus courte, blaise pascal. wilde, ptui. peter From honey at citi.umich.edu Mon May 31 20:10:26 1993 From: honey at citi.umich.edu (peter honeyman) Date: Mon, 31 May 93 20:10:26 PDT Subject: Clipperpunks Write Code? In-Reply-To: <9305312100.AA22836@netcom3.netcom.com> Message-ID: <9306010310.AA14901@toad.com> > If "Cypherpunks write code", how much code has been written > lately? this is not a major hack, but a fun one. i've never been big on the details of pgp's trust model, with "trusted", "sort of trusted", etc. the keys i trust most are those i have signed. by extension, what i want to know is the "signature distance" of a given key. so here's my hack, a shell script that uses pgp and pathalias to compute signature distance. here's a sample: reno:; ./pgpwho hughes at soda honey peter honeyman Phil Karn Tom Jennings Eric Hughes actually, it's much more verbose than that, but that will change. so far, i find the script useful. here it is. peter =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= #!/bin/sh # usage: pgpwho [ who [ me ] ] # @(#)pgpwho 1.1 93/05/31 # public domain. send comments to honey at citi.umich.edu. case $# in 0) argwho= arglocal=;; 1) argwho=$1 arglocal=;; 2) arglocal=$2 if [ "$1" != "-" ]; then argwho=$1 else argwho= fi;; *) echo usage: pgpwho [ who [ me ] ] exit 1;; esac find kvv pain reach -size 0 -exec rm -f '{}' ';' >/dev/null 2>&1 if [ ! -r kvv ]; then kvv= else kvv=`find kvv -newer $PGPPATH/pubring.pgp -print` fi case "$kvv" in kvv) echo "kvv is up to date";; *) echo "dumping keys (pgp -kvv) ..." pgp -kvv > kvv;; esac if [ ! -r pain ]; then pain= else pain=`find pain -newer kvv -print` fi case "$pain" in pain) echo "pain is up to date";; *) echo "massaging kvv into pain (pathalias input) ..." cat kvv | awk ' $1 == "pub" { num = split($2, bitskeyid, "/"); if (num != 2) { print "???", $0 next; } nkeys++; keyid = bitskeyid[2] user = ""; for (j = 4; j <= NF; j++) user = user " " $j userid[keyid] = user; } $1 == "sig" { if ($2 != keyid) print $2, keyid, "(1)" } END { for (i in userid) print "#", i, userid[i]; } ' > pain;; esac while :; do if [ -z "$arglocal" ]; then echo -n "what is your pgp id? " read arglocal fi grep -i "^pub.*$arglocal" kvv | tee tmp case `wc -l < tmp|sed 's/ //g'` in 0) echo $arglocal not found, try again;; 1) break;; *) echo too many matches for id $arglocal, please narrow it down;; esac arglocal= done local=`awk '{print $2}' tmp | sed 's/.*\///'` while :; do if [ -z "$argwho" ]; then echo -n "who? " read argwho fi grep -i "^pub.*$argwho" kvv | tee tmp case `wc -l < tmp|sed 's/ //g'` in 0) echo $argwho not found, try again;; 1) break;; *) echo too many matches for $argwho, please narrow it down;; esac argwho= done who=`grep "^pub" tmp | awk '{print $2}' | sed 's/.*\///'` if [ ! -r reach ]; then reach= else reach=`find reach -newer pain -print` fi case "$reach" in reach) echo "reach is up to date";; *) echo "running pathalias ..." pathalias -l $local -c pain 2>xxx-errs | tee xxx | awk '$1 < 10000 {print}' > reach;; esac echo "searching for $who ..." grep " $who " reach | sed -e 's/.* //' -e 's/%s//' -e 's/!/ /g' > tmp case `wc -l < tmp|sed 's/ //g'` in 0) echo no signature path to $who exit 1;; 1) ;; *) echo weird error exit -1;; esac set `cat tmp` grep "^# $local" pain | sed -e 's/..........//' for i in $*; do grep "^# $i" pain | sed -e 's/..........//' done rm -f tmp exit From mimir at u.washington.edu Mon May 31 20:23:47 1993 From: mimir at u.washington.edu (Al Billings) Date: Mon, 31 May 93 20:23:47 PDT Subject: your mail In-Reply-To: <9305311902.AA28956@relay2.UU.NET> Message-ID: The FCC modem-thing is a rumor that appears about every six months. The original case was years ago and has not been on the books since. Ignore it. From ryan at rtfm.mlb.fl.us Mon May 31 20:51:16 1993 From: ryan at rtfm.mlb.fl.us (RYAN Alan Porter) Date: Mon, 31 May 93 20:51:16 PDT Subject: Crypto anarchy in a VW? (not the bug) In-Reply-To: <9305312244.AA20903@malibu.sfu.ca> Message-ID: On Mon, 31 May 1993, Skye Merlin Poier wrote: > Has there been any discussion of anonimity / crypto anarchy in a virtual world > such as the ones described in _Snow Crash_ or _Neuromancer_? When the nets to > support these technologies come into place (and I have no doubt that they will), > perhaps a form of anonimity could be written into the architechture, instead of > having to add it on later as is the case now.... I would certainly be very > interesting, especially with the work being done on creating alternate personas > (or avatars, whatever). I am glad to see some consideration of possible hypothetical future scenarios here; it is important to have an eye for the future of things. I think that building privacy into the architecture would be inherently dangerous, however, it is a perfect way for the people building the system to oppress the users, all the while convincing them that the system is secure. Clipper is a perfect example of this, anonymity is supposedly being built into the system with the Clipper chip. The trouble, of course, being the inherent INsecurity--but consider how much more dangerous it would be if the insecurities were not even known, yet we were expected to rely on the fact that 'privacy and anonymity are built into the architecture'? No, this is the perfect beginning for a system where the populace is monitored with the argument that "if you had nothing to hide, you would not be going out of your way to hide it, besides, the system has INHERENT, BUILT-IN SECURITY...." The only way to ensure your privacy is to seize it yourself. > Also, a while back someone mentioned in passing buried cables.. this stirred up > an old idea I had about server anonimity, that is that the actual physical > location of a server would be very difficult to pin down... the only way to do > this with any real degree of security would be to bounce signals off a satellite > but this would be rather costly... There are a lot of ways to get a signal around the world without using a satellite, ask any amateur radio enthusiast. Besides, the more diverse the signal transmission methods are, the more difficult the signals will be to both trace and interfere with. I have always been kind of fascinated with the idea of a truly decentralized system, much like the internet is today, where each node had responsibilities to connect to the nodes around it, but the actual interconnection was entirely up to the nodes involved, so that there could be no standard, homogenous method of tracing connections. A pair of nodes could be connected by direct connection, hidden wires, satellite connection, voice grade wires, ionosphere bounce, lunar bounce, repeated packets, lasers, microwaves, IR, whatever... This would provide a tight net that would be almost impossible to control with heavyhanded regulations and oppression. If each node on the net had a seperate public key and all traffic between nodes was decrypted coming in and encrypted going out to the next node, aspiring Big Brothers would have even more of a headache. Why is there not more work being done on encrypting all internode traffic streams? It doesn't seem too hard. An aside: has anyone dealt with the concept of on-the-fly encryption for mass storage, kind of like the way the PCs can be 'stacked' or 'doubled' or whatever with on-the-fly compression? I was thinking about trying to write some drivers for this for a 486 but I have never tried to write a device driver before and was wondering if anyone might have any suggestions. I was thinking of something along the lines of: your entire drive is encrypted with your public key. That way people can send you files and deposit files and all of that jazz no problem. When you boot up the system each time it asks you to insert a floppy with your private key on it. You would keep this floppy on you as if it were an actual, physical key. (perhaps in the future PCMIA cards or something more durable and portable can be used) It asks for your password to verify your key and loads that key somewhere into memory. It then uses they key for the rest of the session to decrypt everything coming from the specified mass storage devices and encrypt everything going to them transparantly. This seems like a great idea to me, my two problems that I was hoping someone might be able to help me with are: 1) these public key algorithms that we are working on are slow as balls, any idea if this would be feasable, given how PC users like to equate hard drive speed with penis size? 2) it seems that having your private key hanging around somewhere in memory the whole session would be horribly insecure, and would make it very easy for someone to walk up to a running PC and run some program that would snatch it from memory (assuming something like this catches on and there are some standard programs out there that poeple become familiar with) so how could I protect the key from getting filched from a running system aside from the standard 'password protect your screen saver' and other insecure hacks like that? > > Skye > -- > -----====> Skye Merlin Poier <====----- > Undergrad in CMPT/MATH (Virtual Reality) |||| |||| > email: poier at sfu.ca p-OO <--> OO-q THINK > PGP Public Key available on finger \== ==/ > Hugs and kisses, -Ryan the Barcode Guy From wcs at anchor.ho.att.com Mon May 31 20:54:58 1993 From: wcs at anchor.ho.att.com (wcs at anchor.ho.att.com) Date: Mon, 31 May 93 20:54:58 PDT Subject: Electronic Contracts Message-ID: <9306010433.AA27082@anchor.ho.att.com> Don't know if there have been specific tests of it in courts, but, yes, signing contracts is definitely something people want digital signatures for. Also, anything else that requires a signature, we'd like to be able to sign digitally, so we can do it online instead of hauling paper around. That's not just a cypherpunk thing, it's what a large fraction of the business community would like to be able to do - it speeds business cycles, cuts ordering time, and means we don't have to keep all this paper around, especially in storage; while the paperless office won't be reality for a while, it would really be nice if we could store the important stuff digitally, where it's easy to retrieve later, and save paper for transient uses like convenient reading, unlike the current situation where digital is for convenience but the important stuff is paper that has to be stored somewhere MIME-Insert-Video-Clip: Indiana Jones, Government Warehouse Scene..... A certain amount of this has been done with the various telex networks; I get the impression from somewhere that a telex can be a legal document for things like sending purchase orders, just like paper can; it will be interesting to see if fax acquires the same status, but forging a fax is terribly easy, just as email is. Bill Stewart From root at extropia.wimsey.com Mon May 31 22:09:02 1993 From: root at extropia.wimsey.com (Anonymous) Date: Mon, 31 May 93 22:09:02 PDT Subject: No Subject Message-ID: <199306010527.AA00963@xtropia> -----BEGIN PGP SIGNED MESSAGE----- As shown in Karl Barrus's very useful monthly postings, several people are running remailers that include encryption. This gives users the ability to send messages for which the destination is not visible even to someone monitoring their outgoing messages. By chaining through two or more remailers, no one site can see the mapping between source and destination. There is a big potential security weakness with most of these systems that people should be aware of. In order to run the decryption program (currently PGP) automatically, the pass phrase must be provided for the remailer's secret key. This means that the pass phrase has to exist, in the clear, in the scripts which implement the remailer. Anyone who has root privileges on the machine which is running the remailer therefore can get access both to the remailer's secret key file, and to the pass phrase that unlocks it. Even momentary acquisition of this power is enough to capture the secret key. Unfortunately, many of the encrypted remailers are running on multi-user systems over which we have only limited control. I believe that Miron's "Extropia" remailer is running on his personal system, so he should be relatively immune to this attack. But I think the others are all vulnerable. People should be aware of this when using the remailers. (This limitation is one reason I made my remailer keys only 512 bits; I felt there was little point in going to 1024 bits since the security of the remailer key can be broken so easily.) Until more of us are able to acquire personal Unix boxes it might be wise to include the Extropia remailer as part of a remailing chain for messages whose security we care about. Perhaps Karl could add a notation in his remailer lists about which machines are public and which are private. Hal -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLAqxy6gTA69YIUw3AQG8TgP/eZNHVKw39VQWFK9reR9dFu36yIZtQQ/f wDKfvAPgkzCHxTIv3xrATCpVXd5CCbhWFLgi0/HSD2CV8uwVp5HOenjYnUu0AAZR kV2JYNJ2F2pAajnYnI5hkvDvnm9SUOC4JtNM7lLlNeJVf5hXsMw1YYkEDQfDPafr Yjs8AFodQUw= =5V+X -----END PGP SIGNATURE-----