Slashdot Mirror
Encryption Market Opening Up
MeriaDuck writes "Found this article on Cryptome,
the Clinton administration plans to announce next week that it
will permit U.S. software companies to sell their most sophisticated encryption systems to countries in the European Union without any licensing or review." Well its a start anyway.
Read carefully before cheering this one on guys, it's not as good as it sounds.
This new action actually makes it much harder for Free/OSS software to contain the same strong encryption that it blindly allows for commercial software.
This completely reverts the prior exception made for source code. It's really not good, and it's not supprising that Microsoft was the primary supporter of this new policy.
I'm looking forward to the day in the not-too-distant future when anoynmity can be easily made illegal on the 'net. How? Because when public key cryptography is widely embraced, a requirement can be put in place that all transmissions be signed. Any unsigned traffic can be silently dropped at routing points, the way that packets in 192.168.x.x (see RFC 1918) are blocked.
It will clear away a lot of the bullshit about privacy, eliminate much of the romantic anarchist drivel, and allow us all to get on with establishing our real authenticated identities online.
Until then, of course, it's fun to diddle around with Anonymous Coward on this site.
Everything Siggy posts is redundant because we all know it's going to be karma-slut bullshit.
It was a good moderation.
Alex Bischoff
---
Alex Bischoff
HTML/CSS coder for hire
Encrypted poorly, however. GSM encryption was broken in 1998, quite easily. It seems the spooks got to the protocol designers. Check here for details. Further, the encryption is over-the-air only. Once on the land lines, the conversation can be tapped the usual way.
Don't let the word "encryption" lull you into a false sense of security.
...phil
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
Cypherpunks and others predicted many years ago
that the government would slowly relinquish
control over crypto as more and more of a commercial market developed.
PGP was never much more than a curiosity -- no
one used it for large-scale commerce systems,
and most of the users could be pointed to by
the government as privacy nuts or criminals.
SSL, despite inherent weaknesses, has made
crypto essential in e-commerce. The e-commerce
lobby (sites, vendors, end-users) exposed the
masses to crypto, and now depends upon crypto.
When users started demanding 40 or 128bit crypto
to keep their credit card numbers secure, that's
when crypto became widely deployed.
The next step is building crypto into the very
fabric of the Internet, in IPsec, and then making
that a "checklist item" for purchasing decisions.
Once people are only willing to buy products with
security designed in, the government will have
little choice but to allow its widespread use and
export.
(I'm waiting for encrypted cellphones, like
those being designed by Starium, to
be available...)
pardon for not knowing the link offhand, but there was a case where the FBI was able to recover data that had been rewriten over approximately 100 times using such a tool. I remember reading a paper on this (I think it was at Counterpane Labs, but I could be wrong). I'll hunt for the URL and repost.
Finally American companies can compete in outside Markets for encryption software. I hope it is not too late for these companies to get a foot hold in the marketplace only time will tell.
For people who are serious about using encryption, the question is not whether in the future they will be able to use a method of encryption that can beat the methods of decryption then available, it is how long their secrets, transmitted today, will remain secret.
Some forms of encryption are good for discouraging casual novices. Some take a little time and are fine for short-lived secrets. Some will cause the NSA to blink. Some will last for a good while.
But the standard public-key encryption mechanism in use today will not survive the potential of quantum computers. So, for instance, digitally signed documents have a lifetime of a few decades before the signatures can be forged.
This is fine for credit card purchases. It may not be fine for some kinds of legal contracts.
Cheers,
Ben
My usual seat in the cluetrain is at A HREF="http://pub4.ezboard.com/biwethey.ht
What I'm waiting for is them to open up restrictions enough to let these guys get their patches added to the main linux kernel tree. I think it's a shame that linux is lagging behind OpenBSD due to our country's legal hangups over crypto. This is good news.. I just hope it's enough.
From the article:
"Software experts said that although many new encryption systems cannot be broken, their U.S. makers are cooperating with federal law enforcement and intelligence agencies. Somewhere in the future, they said, are so-called quantum computers a billion times more powerful than existing home computers. These would be able to break the most sophisticated encryption systems available today."
Haven't the anonymous software experts thought that their quantum computers will also allow for the existence of encryption systems far more sophisticated than those in existence today? Or do they think we have already reached "the end of cryptograhpy" (in the same sense we had reached "the end of phisics" in 1890)?
You are obviously correct, but about a different aspect of the problem. In the context of the article, the unnamed "software experts" were talking about the threat of encryption use by criminals, terrorists, etc. In this context, the time frame allowed is usually pretty small, days, weeks on the outer reach. There is very little use for the information about some bombing plans or drug shipment after the fact.
Well the executive branch may feel ok about easing up on the stupid crypto-export policies this particular week, but the IRS doesn't want 'em to now.
http://www.wired.com/news/p olitics/0,1283,37573,00.html
Each time one branch of the US govt wants to loosen up on the crypto regs, another branch starts complaining. Last time it was Janet Reno, and then Louis Freeh. Now the IRS.
Don't make the assumption that these people are stupid, they aren't. They are smarter than 95% of the public.
They are perfectly aware that the North Koreans, and whoever else is the bad guy of the month, can download and use strong cryptography from the Internet. They aren't worried about geeks running some obscure operating system like Linux or OpenBSD.
What they have successfully accomplished is preventing strong cryptography from becoming a transparent, easy-to-use component of commodity software like Outlook Express and Windows 98. They have also been extremely successful at keeping strong cryptography out of the standards for wireless telephones.
Ask yourself, what percentage of my email and telephone calls use strong cryptography?
Mea navis aericumbens anguillis abundat
It seems to me that this would somehow indicate the start of an entirely new polictical structure within world affairs. It appears as those this is one of the first drastic foriegn policy changes occuring to the United States brought on by another World body. Just another sign that the United States is no longer the biggest player in this game of chess. The EU will simply replace the position the US had and also push foriegn policy to other countries, with their citizens in mind, not their citizens and everyone else. Oh well.
void clue();
No, I'm not kidding. However the purpose is because I expect the US government to continue to have some kind of bureaucracy involved in the exporting process. That's the nature of the beast. Ideally there should be none at all. Realistically I expect there to be some, and my suggestion is what form that should be. Sorry, I should have made that clearer.
Of course you're right, it can easily be circumvented. The point I was making was that if the government is going to require we do something to prevent export to those countries, they should allow us to do it in a way that does not impose on those who are not in those countries. For example I just recently downloaded SecureCRT and had to fill in a form attesting that I was located in the United States. I want to get rid of that process altogether. The government may not want to get rid of all processes, hence my suggested alternative.
In the long run, I expect that pro-business George W. Bush will become the next president, and these export restrictions will eventually evaporate. Even still, there will probably be some kind of restriction to those "hated" nations. I have no idea what they might be.
now we need to go OSS in diesel cars
Louis Freeh was never able to show that if the Unite States blocked all its encryption products from export, that this would result in terrorists being unable to get that encryption. His agenda was pure fantasy.
And these things are entirely possible to no less a degree even with a total ban on all export restrictions. But take a look and his reference to "fairly unsophisticated operators". That description sure sounds to me like it also fits script kiddies. With his logic, we should suspend free speech to stop such crime. Better yet, suspend the whole US Constitution. That is what many in the upper levels of law enforcement actually want.
Or, make new encryption systems which would have no hope of ever being broken.
If he acquired this technology by means of encryption exported from the USA, then it might give the FBI some level of credibility here. If he did, but could have just as easily acquired it from somewhere else, that credibility is just shot back down. In fact, he was actually in the United States, and could have easily acquired the technology domestically. The only argument the FBI could logically derive from these events is that all encryption must be suppressed by all governments, and a massive world wide search conducted to expunge every bit of it from every corporation and individual on the planet. And we know how easily they could accomplish that. They probably know, too, so I wonder what their real agenda was, other than to just stir up emotions.
It remains to be seen just what level of bureaucracy will be imposed on this export. The article says "sell". Does that mean we don't get to give it away (in reference to what is already legally free)? Just how much will we be required to put people through to let them download strong encryption software? Will we be able to contribute source code to crypto projects located outside the US?
I suggest that the State Department provide a list of IP addresses which they want download refused for, and no more than that. It should be possible to get the addresses connecting "Cuba, Iran, Iraq, North Korea and others considered America's foes". This is sufficiently practical to manage and can be smoothly automated. Any more than that and I will certainly see it as excessive government interference in the private sector.
now we need to go OSS in diesel cars
OpenBSD now has encryped swap space. The keys are randomly generated by the kernel and stored only in memory, so nothing in swap is accessible after a reboot. The same could be done (might be already) for other files (e.g. an O_CRYPT). Secure deletion is easy: fopen, flock, fstat (|| fseek, ftell, fseek), { fwrite, fseek } (until satisfied), unlink, flock, fclose. Relatively portable, too. It's a shame the GNU rm(1) doesn't have this option; perhaps I'll see if they're interested in the possibility.
Gates' Law: Every 18 months, the speed of software halves.
fact is we don't want your crappy encryption software - ours is better than yours anyway.
Who needs to sell encryption technology when we have OpenBSD?
...Crypto AG fiasco in which the Swiss(?) firm...
Yepp, Swiss indeed.
I strongly believe that trying to be clever is detrimental to your health. -- Linus Torvalds
-- Colin
They're still going to prohibit exporting encryption software to a number of countries. What's the point of that? Surely they've realised now that EVERONE has access to encryption anyway.
Even if we pretend for a moment that Cubans, say are drooling at the thought of getting their hands on that wonderful American crypto software, they can obviously buy it via Europe.
Even having realised they've lost they still want to play the same stupid game. These regulations are totally ineffective, it's going to be a complete waste of resources to even pretend to police them.
...still Britain doesn't have the same long tradition of sabotaging their own domestically produced crypto products, as well as international ones, that the U.S. does
Oh yeah? What about the invention of public key/private key encryption at Bletchley Park which the UK government decided to sweep under the carpet for a few decades?
We've all heard of the nastiness with people snooping around our hard drives.. Since automated bootup's are important, I don't think it's practical to require a password JUST to decrypt stuff to start up the machine. Even if users can use encrypted loopback filesystems to encrypt stuff, there are other places where stuff can hide.
Here's what I'd like for linux:
Encrypted swap file. It doesn't get cleaned out regularily, there's no easy way TO clean it out, and it's something you can easily miss. As an alternative, clean it on boot and slowly overwrite unused pages. (Say, nuke one free page every X seconds.) Or encrypt and overwrite, to make things harder to backtrace.
Secure delete. Have the ability to secure-delete files, on a per-file or per-partitian basis. (I'd nominate '/var' for this.) Or, have a way to slowly run through free harddrive space and nuke anything sitting there. Best yet, have both.
Secure storage of old logfiles. Logfiles can be a goldmine, squid, httpd, mail, process accounting, lastlog, etc. You want to save them around, but you don't want anyone nosey to be able to look at them. How about secure deleting them and then running them through a user-chosen PGP key for storage, or making several different archival backups on different PGP key's. That way, I can keep the last week's logs on my pgp key, and secure-delete them after a week, while keeping the archival logs on a PGP key that isn't even physically located near the computer. (In a bank, or a friends house.)
Encrypted
None of these require a non-automatic bootup.
For semi-important stuff that you don't want people to look at easily (shell history, other history, email), you can store it in an automatically-generated encrypted file. Each file is encrypted with a seperate key. The inode stores the file-key XOR'ed with a user-key, a group-key, a root-key and an 'any-key'. Having a root-key on every file means that the contents can be compromised if root's password is compromised. This isn't much of a problem because any really important files can be in an encrypted partitian. Leaving it out doesn't buy you much either.
The group-key is stored in
This type of encryption is a good choice for something like ~/.bash_history, or ~/.ssh, or ~/.pgp. The 'any-key' is a the plaintext key, it exists if the file is readable to the public, It also must exist for any encrypted file that's required for bootup. (such file may be phsyically encrypted, but must be logically plaintext). All files are subject to normal access permission, and the above keys are altered appropriately and automatically on a chmod.
As we still want to retain automatic boot, some files must remain physically unencrypted, or logically unencrypted. (encrypted with a key, but a key that's stored unencrypted on the drive.) log files in
Unless I'm mistaken, the above, or a variant of the above won't prevent automatic booting. Also, it doesn't require anything extra from user-level code and it'll keep even very nosey people away.
Finally, you have encrypted filesystems. Real encrypted filesystems that are mounted manually by the user. These could be immune from everything but a hardware sniffer, or a root sniffer.
Personally, I can't wait to see some or all of these.. First priorty for me is encrypted swap file, secure deletion, and secure storeage of old logfiles. There is already a (hackish) implementation of encrypted filesystems. With that, you can hack an encrypted
Perhaps because you want some of the extra features only found in the commercial binaries? I like PGPDisk, and find it useful for large numbers of files. And really, it's the only option for my chosen platform (Macs) because I lack the programming skills to make the free code work on my platform, so I'm stuck with their version.
______________________
"A person is smart. People are dumb, panicky, dangerous animals and you know it!"
Unfortunately, 6.02 does not work with MacOS 9. You have to upgrade to 6.5.2 for a compatible version, and the freeware does not come with PGPDisk.
______________________
"A person is smart. People are dumb, panicky, dangerous animals and you know it!"
Kevin Mitnic(sp?)
The Govt. probably decrypted it, found it contained nothing or could not find anything useful, and now to make everyone think they cannot decrypt stuff is keeping the machine on some flimsy idea of protecting the public...
This assumes the govt has some intelegence, er ummm, never mind. What he said.
This is a bit off topic, but is it just me, or do our law enforcement officials seem to be getting a lot lazier lately?
Every five seconds they are coming out with "easier" ways to find criminals and put them in jail. What happened to the old days with Columbo, where they actually did some investigating to solve a crime?
The way I see it now is that the FBI just sits back and lets some snoopy program they wrote bring the criminals to them, which in my view is a tad bit unfair to us the tax payers. They write some program that not only does all the work for them, but even violates our privacy.
Here is what I propose... as the FBI comes out with more and more restrictions and snooping programs, we take away more and more funding from them, since they won't need it to operate, since they have computers doing all the work. That way anytime somebody says "I don't like [insert name here]" they can just get a warrant, which will be approved in 30 seconds with some new eWarrant.gov web page since that would be "easier", and then just send a few agents to the house and arrest them.
On a seperate note, doesn't anyone realize it's all about measures and counter-measures? We will always find a way to bypass their bull shit spying. But on the other hand they will always find a way to get past whatever we put up.
SuPz.orG
It was Mitnick. Of course he is not getting the computer back (if you're involved in a computer related crime your equipment can be confiscated permanently) but the he still was asked to turn over the encryption keys so that they could decrypt the data..
What is your problem? This post was not redundant. Not interesting maybe but not redundant. What the hell are your problems? You know sometimes I'm glad for the bitchslap.
Do you really think the NSA/FBI/CIA would trade the knowledge that they can break the most sophisticated encryption schemes for a few court cases?
Remember how the British let the germans bomb London in order to keep this kind of knowlege from the enemy?
No...I cannot expect the NSA/FBI/CIA to give such knowledge away just so Janet Reno can put another notch on her belt.
Do a search on pgpi.org for free versions of PGP for the Mac which contain PGPdisk. PGPdisk was included in the free/international versions up to, I believe, 6.02. Personally, I use the Windows version of 6.02ckt which contains PGPdisk even though it's free--and the newer versions add no actual functionality over the 6.02 series, either; in fact, PGP hasn't changed all that much since 5.5 or so. I have a friend who also uses Macs, and we encrypt all our e-mails to one another, and I pointed him to pgpi.org where he got just what I was talking about: Mac binaries with PGPdisk included.
"The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*
There's zero chance that I'd trust the U.S. companies to have not made deals with the NSA/FBI/CIA triad, especially if they've been exporting crypto even before the relaxation of export restrictions. It was common practice for the NSA to send a man around to U.S. crypto vendors hinting that if they'd make a few changes to the code here, or alter the S-Box there, they'd get an export license for their 128-bit etc. product.
Granted, there are a few noteworthy cases of the U.S. tainting foreign crypto vendors, like the Crypto AG fiasco in which the Swiss(?) firm inserted a back door which allowed the U.S. access to messages encrypted with their very, very expensive hardware crypto devices. But I'd still trust a European vendor over an American one, though these days the important thing is having access to the source code.
For example, why use a PGP binary provided by Network Associates when you could either download the full-strength PGPi version from overseas, or better yet if you actually know your code you could dload the source and compile it yourself. Getting a binary from an American company just adds one more layer of uncertainty to the mix.
My favorite product for disk encryption is a perfect example. There are many American companies which offer encryption utilities, but why use one of those when I can download Scramdisk from www.scramdisk.clara.net along with the source code? It isn't GPL, but the source is still available for inspection and for personal use. Scramdisk comes from Britain, whose own crypto regulations are getting insane, but still Britain doesn't have the same long tradition of sabotaging their own domestically produced crypto products, as well as international ones, that the U.S. does.
Buying U.S. crypto, unless you have access to the source code and the skills to verify it, is just asking for trouble.
"The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*
Oh yeah, tricky stuff like "My passphrase is 'I killed Jane Doe' so I can't be forced to divulge it" won't fly in court. Judges don't think that kind of thing is cute at all. If you refuse to obey a Judge's order, you can be held in Contempt of Court indefinitely. However, after a few years the Judge might release you if he believes there isn't a reasonable chance of you coughing up the keys. If the alternative is a mandatory-minimum 25 year or more sentence resulting from the newly discovered evidence, it might be a worthwhile strategy.
It's important to use perfect forward secrecy whenever possible. In perfect forward secrecy, the private/public key pair is not used to encrypt the session key, but only to authenticate it. The session key is then emphemeral and never stored. That means later recovery of the private key will not allow the attacker to decrypt previously recorded communication (only conduct future man-in-the-middle attacks and other authentication based attacks). Of course, this is not terribly useful for stored data. That's why you should store your sensitive data in your brain, or Sealand, where it is out of reach of the court.
Burris
OK, lets all repeat together: "This makes a difference". These folks must have a yellow line down the middle of the floor so that they can find the rest rooms at high noon. The "black hats" who want to encrypt things for bad purposes have already downloaded, obtained, etc. all the software they could ever want.. When will the US govt, the Austrailian govt, and all the rest of them realize that the net makes prohibitions of this sort totally ludicrous? Information used to be vaguely containable since you could physically intercept it and/or the means of trnasmission were fairly bulky. These days that is pretty much out of the question. Ah, my tax dollars at "work".
The regulations were loosened enough for Linux to include crypto a while ago. Mozilla already has crypto for example. What's holding things back is Linus AFAIK.
About the three guys (I think it was three..) Who got tattoos of some relatively confidential encryption codes. They weren't allowed to leave the country.
I dont know their names, but I think it was about 2 years ago. Anyway, just thought that was amusing/interesting, and is a pretty good example of why I hate America. Not that I needed any more.
"I don't want the world, I just want your half"
I am amazed that you still didnt get it. I think it is fairly simple: The NSA is doing extensive espionage through projects like echolon. This is uses up a lot of computing power, since you have spoken words (from tapping any telephone they can get their hands on through satelite communication, underwater cables -> submarines, or old cold war facilities all over Europe). The data is used in American interest (security and, of course economical). The US government agencies have a long history of working in the interest of American businesses (think Guatemala, American Fruit and the CIA).
So tapping and screening email with very advanced and sophisticated software taking certain priorities for certain adresses is a thing that is very easy and done, of course, by the NSA in American interest (again both security and economical).
Now most of the standard email software (think MS, think Outlook, think Eudora, Netware...) comes from the US. Without an export ban encryption would have been a standard feature included in any mail programm by now. This would pose a very big problem for that kind of extensive searching. Since the whole American Industry benefits from encryption not being a standard tool, the feds just made a simple equation: Hurt the software industry a little and let the domestic encryption industry fall behind, but let the rest of the industry benefit from extensive industrial espionage (which is very important in High Tech, but also in all other sectors). As long as there are at least some people out there not encrypting what they think is not really valuable the equation goes against lifting any ban. I guess by now there are enough foreign agencies doing the same thing and therefore balancing the (Israel for example) equation and even though encrytion hasent gone mouseclick yet enough people use it for anything that might be considered to be of any value that making encrytion software standard is the right choice. I dont think this sounds paranoid, but feel free to make up your own mind about it. Since most of you are working for the High Tech industry that all might not be relevant any more since competitors from outside the US probabely use very strong encryption or dont send anything over the Internet any more.
"Harmful" is just their excuse for keeping it, while they try to force the guy to disclose the key. They claim they can't turn it over until they examine it for things like nuclear bomb secrets or some such rubbish. What they're really after is incriminating evidence that would support their prosecution of the guy for whatever suspected crime caused them to seize it in the first place. I've now forgotten what that was, but my best guess is cracking other computer systems.
Perhaps they've cracked it but they can't use it unless the guy gives the code.
You mean they already know what's on it, that's it's incriminating, but don't want to reveal that they have the ability to crack the code? Maybe, but it seems far-fetched. If that were true, they'd know the guy could never turn the key over to them, and that their using the computer as leverage would be ineffective. In which case, their only options are either to forget about using the computer contents or reveal that they've broken the code. The fact that they're not letting the matter drop makes me believe that they haven't cracked the code and desperately want what's on that computer.
I don't think it was Mitnik, since conditions of his parole says he can't touch a computer for years to come, and this guy is someone they're after right now. If it was his computer, he couldn't have it anyway.
The Gov. can already break all these encryptions
Not true. There's an ongoing case (sorry, forget who) where the U.S. government won't return a computer they seized because the guy encrypted his hard disk and won't give them the key. They want to make sure it doesn't contain 'harmful' material. As I recall, one of the arguments his attorney was going to make was that forcing him to divulge this info in order to recover his property would violate his constitutional protection against self-incrimination. Don't know if this will fly, but my point is, if they can decrypt everything, why haven't they in his case? They clearly think he's hiding something prosecutable, so they have a great incentive to bring all their powers to bear.
It's akin to selling nuclear weapons to Hussein ("Buy five, get the sixth free"). Let them build their own encryption schemes if they want. (Or let them figure out how to use PGP with 4000-bit keys).
Besides, any college comp-sci student can put together their own encryption scheme. Hell, my project this semester was to put together a 256-bit scheme of DES (piece of cake...) Are we saying that there aren't hackers out there in other countries that can't do that? They have to buy our schemes?
Hogwash.
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
Wait, we can't allow encryption to fall into the hands of non-white people! Oh wait, europeans are white... so maybe it's okay.
... (feel free to add more here)
In the future, the USA will probably not be the best country on the planet. And at that time people will be saying:
- Americans used to think that only they had a right to encryption. What arrogant bastards.
- Americans arrogantly continued to use the illogical lbs-feet-fahrenheit system while the rest of the world went metric. What arrogant bastards.
- Americans
Tech folk who vote for Republicans or laze out on voting have only themselves to blame. I wish they would just stop whining about it as this topic is starting to become very tiresome.
it was Mitnik.
Fear the government that fears your guns. Fear the government that fears your computers. Remove them from my email.
Yes and don't forget Linus "bolshie" Torvalds, Richard Stalinman and Alan "close personal friend of Arthur Scargill" Cox.
you should kill osm off. make up a new character. the whole supposed natalie portman obsession thing is getting really old. i don't know, osm seems too real, not rediculuous enough anymore.
---
Posting at -1 means never losing karma.
Can you metamoderate?
Congratulations, good sir. You are first. I will do the honor of posting a +1 below your post so that for a brief time those who come after me may see you in your finest hour.
---
Posting at -1 means never losing karma.
Can you metamoderate?
FAWKING NSA!!
---
Posting at -1 means never losing karma.
Can you metamoderate?
Crays? Try a 256-qubit NMR processor coupled with an unbelievably gigantic cylinder consisting of ~250 million reversible microcontrollers. Yeah, they have it. Trust me.
---
Posting at -1 means never losing karma.
Can you metamoderate?
...that the NSA has backdoors into any MS encryption products anyways.
---
Posting at -1 means never losing karma.
Can you metamoderate?