Battle of the Clipper Chip - the New York Times
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Protocol Failure in the Escrowed Encryption Standard
Protocol Failure in the Escrowed Encryption Standard Matt Blaze AT&T Bell Laboratories [email protected] August 20, 1994 Abstract The proposal, called the Escrowed Encryption Stan- dard (EES) [NIST94], includes several unusual fea- The Escrowed Encryption Standard (EES) de¯nes tures that have been the subject of considerable de- a US Government family of cryptographic processors, bate and controversy. The EES cipher algorithm, popularly known as \Clipper" chips, intended to pro- called \Skipjack", is itself classi¯ed, and implemen- tect unclassi¯ed government and private-sector com- tations of the cipher are available to the private sec- munications and data. A basic feature of key setup be- tor only within tamper-resistant modules supplied by tween pairs of EES processors involves the exchange of government-approved vendors. Software implementa- a \Law Enforcement Access Field" (LEAF) that con- tions of the cipher will not be possible. Although Skip- tains an encrypted copy of the current session key. The jack, which was designed by the US National Security LEAF is intended to facilitate government access to Agency (NSA), was reviewed by a small panel of civil- the cleartext of data encrypted under the system. Sev- ian experts who were granted access to the algorithm, eral aspects of the design of the EES, which employs a the cipher cannot be subjected to the degree of civilian classi¯ed cipher algorithm and tamper-resistant hard- scrutiny ordinarily given to new encryption systems. ware, attempt to make it infeasible to deploy the sys- By far the most controversial aspect of the EES tem without transmitting the LEAF. -
Crypto Wars of the 1990S
Danielle Kehl, Andi Wilson, and Kevin Bankston DOOMED TO REPEAT HISTORY? LESSONS FROM THE CRYPTO WARS OF THE 1990S CYBERSECURITY June 2015 | INITIATIVE © 2015 NEW AMERICA This report carries a Creative Commons license, which permits non-commercial re-use of New America content when proper attribution is provided. This means you are free to copy, display and distribute New America’s work, or in- clude our content in derivative works, under the following conditions: ATTRIBUTION. NONCOMMERCIAL. SHARE ALIKE. You must clearly attribute the work You may not use this work for If you alter, transform, or build to New America, and provide a link commercial purposes without upon this work, you may distribute back to www.newamerica.org. explicit prior permission from the resulting work only under a New America. license identical to this one. For the full legal code of this Creative Commons license, please visit creativecommons.org. If you have any questions about citing or reusing New America content, please contact us. AUTHORS Danielle Kehl, Senior Policy Analyst, Open Technology Institute Andi Wilson, Program Associate, Open Technology Institute Kevin Bankston, Director, Open Technology Institute ABOUT THE OPEN TECHNOLOGY INSTITUTE ACKNOWLEDGEMENTS The Open Technology Institute at New America is committed to freedom The authors would like to thank and social justice in the digital age. To achieve these goals, it intervenes Hal Abelson, Steven Bellovin, Jerry in traditional policy debates, builds technology, and deploys tools with Berman, Matt Blaze, Alan David- communities. OTI brings together a unique mix of technologists, policy son, Joseph Hall, Lance Hoffman, experts, lawyers, community organizers, and urban planners to examine the Seth Schoen, and Danny Weitzner impacts of technology and policy on people, commerce, and communities. -
A History of End-To-End Encryption and the Death of PGP
25/05/2020 A history of end-to-end encryption and the death of PGP Hey! I'm David, a security engineer at the Blockchain team of Facebook (https://facebook.com/), previously a security consultant for the Cryptography Services of NCC Group (https://www.nccgroup.com). I'm also the author of the Real World Cryptography book (https://www.manning.com/books/real-world- cryptography?a_aid=Realworldcrypto&a_bid=ad500e09). This is my blog about cryptography and security and other related topics that I Ûnd interesting. A history of end-to-end encryption and If you don't know where to start, you might want to check these popular the death of PGP articles: posted January 2020 - How did length extension attacks made it 1981 - RFC 788 - Simple Mail Transfer Protocol into SHA-2? (/article/417/how-did-length- extension-attacks-made-it-into-sha-2/) (https://tools.ietf.org/html/rfc788) (SMTP) is published, - Speed and Cryptography the standard for email is born. (/article/468/speed-and-cryptography/) - What is the BLS signature scheme? (/article/472/what-is-the-bls-signature- This is were everything starts, we now have an open peer-to-peer scheme/) protocol that everyone on the internet can use to communicate. - Zero'ing memory, compiler optimizations and memset_s (/article/419/zeroing-memory- compiler-optimizations-and-memset_s/) 1991 - The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations The US government introduces the 1991 Senate Bill 266, (/article/461/the-9-lives-of-bleichenbachers- which attempts to allow "the Government to obtain the cat-new-cache-attacks-on-tls- plain text contents of voice, data, and other implementations/) - How to Backdoor Di¸e-Hellman: quick communications when appropriately authorized by law" explanation (/article/360/how-to-backdoor- from "providers of electronic communications services di¸e-hellman-quick-explanation/) and manufacturers of electronic communications - Tamarin Prover Introduction (/article/404/tamarin-prover-introduction/) service equipment". -
Zfone: a New Approach for Securing Voip Communication
Zfone: A New Approach for Securing VoIP Communication Samuel Sotillo [email protected] ICTN 4040 Spring 2006 Abstract This paper reviews some security challenges currently faced by VoIP systems as well as their potential solutions. Particularly, it focuses on Zfone, a vendor-neutral security solution developed by PGP’s creator, Phil Zimmermann. Zfone is based on the Z Real-time Transport Protocol (ZRTP), which is an extension of the Real-time Transport Protocol (RTP). ZRTP offers a very simple and robust approach to providing protection against the most common type of VoIP threats. Basically, the protocol offers a mechanism to guarantee high entropy in a Diffie- Hellman key exchange by using a session key that is computed through the hashing several secrets, including a short authentication string that is read aloud by callers. The common shared secret is calculated and used only for one session at a time. However, the protocol allows for a part of the shared secret to be cached for future sessions. The mechanism provides for protection for man-in-the-middle, call hijack, spoofing, and other common types of attacks. Also, this paper explores the fact that VoIP security is a very complicated issue and that the technology is far from being inherently insecure as many people usually claim. Introduction Voice over IP (VoIP) is transforming the telecommunication industry. It offers multiple opportunities such as lower call fees, convergence of voice and data networks, simplification of deployment, and greater integration with multiple applications that offer enhanced multimedia functionality [1]. However, notwithstanding all these technological and economic opportunities, VoIP also brings up new challenges. -
Transnationality, Morality, and Politics of Computing Expertise
UNIVERSITY OF CALIFORNIA Los Angeles Transnationality, Morality, and Politics of Co!"#ting Ex"ertise A dissertation s#%!i&ed in partial satis action o t'e re(#ire!ents for t'e degree )octor o P'iloso"'y in Anthro"ology %y L#is Feli"e Rosado M#rillo *+,- . Co"yright by L#is Feli"e Rosado M#rillo 2+,- A/STRACT OF T0E DISSERTATION Transnationality, Morality, and Politics o Co!"#ting E$"ertise %y L#is Feli"e Rosado M#rillo )octor o P'iloso"'y in Anthro"ology Uni1ersity o Cali ornia, Los Angeles, 2+,- Pro essor C'risto"'er M2 Kelty, C'air In this dissertation I e$amine t'e alterglo%alization o co!"#ter e$"ertise 5it' a oc#s on t'e creation o "olitical, econo!ic, !oral, and tec'nical ties among co!"#ter tec'nologists 5'o are identi6ed %y "eers and sel 7identi y as 8co!"#ter 'ac9ers2: ;e goal is to in1estigate 'o5 or!s o collaborati1e 5or9 are created on a local le1el alongside glo%al "ractices and disco#rses on co!"#ter 'ac9ing, linking local sites 5it' an e!ergent transnational do!ain o tec'nical e$c'ange and "olitical action. In order to ad1ance an #nderstanding o the e$"erience and "ractice o 'ac9ing %eyond its !ain axes o acti1ity in <estern Euro"e and the United States, I descri%e and analy4e "ro=ects and career trajectories o program!ers, engineers, and hac9er acti1ists w'o are ii !e!%ers o an international networ9 o co!!#nity s"aces called 8'ac9ers"aces: in the Paci6c region. -
Pgpfone Pretty Good Privacy Phone Owner’S Manual Version 1.0 Beta 7 -- 8 July 1996
Phil’s Pretty Good Software Presents... PGPfone Pretty Good Privacy Phone Owner’s Manual Version 1.0 beta 7 -- 8 July 1996 Philip R. Zimmermann PGPfone Owner’s Manual PGPfone Owner’s Manual is written by Philip R. Zimmermann, and is (c) Copyright 1995-1996 Pretty Good Privacy Inc. All rights reserved. Pretty Good Privacy™, PGP®, Pretty Good Privacy Phone™, and PGPfone™ are all trademarks of Pretty Good Privacy Inc. Export of this software may be restricted by the U.S. government. PGPfone software is (c) Copyright 1995-1996 Pretty Good Privacy Inc. All rights reserved. Phil’s Pretty Good engineering team: PGPfone for the Apple Macintosh and Windows written mainly by Will Price. Phil Zimmermann: Overall application design, cryptographic and key management protocols, call setup negotiation, and, of course, the manual. Will Price: Overall application design. He persuaded the rest of the team to abandon the original DOS command-line approach and designed a multithreaded event-driven GUI architecture. Also greatly improved call setup protocols. Chris Hall: Did early work on call setup protocols and cryptographic and key management protocols, and did the first port to Windows. Colin Plumb: Cryptographic and key management protocols, call setup negotiation, and the fast multiprecision integer math package. Jeff Sorensen: Speech compression. Will Kinney: Optimization of GSM speech compression code. Kelly MacInnis: Early debugging of the Win95 version. Patrick Juola: Computational linguistic research for biometric word list. -2- PGPfone Owner’s -
The People Who Invented the Internet Source: Wikipedia's History of the Internet
The People Who Invented the Internet Source: Wikipedia's History of the Internet PDF generated using the open source mwlib toolkit. See http://code.pediapress.com/ for more information. PDF generated at: Sat, 22 Sep 2012 02:49:54 UTC Contents Articles History of the Internet 1 Barry Appelman 26 Paul Baran 28 Vint Cerf 33 Danny Cohen (engineer) 41 David D. Clark 44 Steve Crocker 45 Donald Davies 47 Douglas Engelbart 49 Charles M. Herzfeld 56 Internet Engineering Task Force 58 Bob Kahn 61 Peter T. Kirstein 65 Leonard Kleinrock 66 John Klensin 70 J. C. R. Licklider 71 Jon Postel 77 Louis Pouzin 80 Lawrence Roberts (scientist) 81 John Romkey 84 Ivan Sutherland 85 Robert Taylor (computer scientist) 89 Ray Tomlinson 92 Oleg Vishnepolsky 94 Phil Zimmermann 96 References Article Sources and Contributors 99 Image Sources, Licenses and Contributors 102 Article Licenses License 103 History of the Internet 1 History of the Internet The history of the Internet began with the development of electronic computers in the 1950s. This began with point-to-point communication between mainframe computers and terminals, expanded to point-to-point connections between computers and then early research into packet switching. Packet switched networks such as ARPANET, Mark I at NPL in the UK, CYCLADES, Merit Network, Tymnet, and Telenet, were developed in the late 1960s and early 1970s using a variety of protocols. The ARPANET in particular led to the development of protocols for internetworking, where multiple separate networks could be joined together into a network of networks. In 1982 the Internet Protocol Suite (TCP/IP) was standardized and the concept of a world-wide network of fully interconnected TCP/IP networks called the Internet was introduced. -
Encryption Friction
ENCRYPTION FRICTION Christopher Babiarz INTRODUCTION The Supreme Court decision in Riley v. California reflects the fact that the Court is increasingly sensitive to the implications of new technologies in the lives of individuals and their subsequent impacts on reasonable expectations of privacy.1 This increased judicial awareness for the pervasive role that technology plays in our modern privacy suggests that in the future the Court would be more inclined to protect individual privacy rights and less inclined to force technology manufacturers to only provide broken encryption to users so that the government can enjoy unfettered access to protected data.2 Although encryption admittedly presents unique challenges to government interests in law enforcement and terrorism prevention, the proposed government solution undercuts and outweighs fundamental aspects of modern privacy.3 Given the Court’s demonstration of an increased awareness for modern privacy concerns, efforts by the government to undermine encryption should be dismissed by the Court in favor of individual privacy rights. Following an introduction to encryption generally, this paper begins with the rekindling of a privacy issue that Michael Froomkin wrote about in the mid-1990’s.4 The lack of a solidified judicial stance on this issue sets the stage for the modern encryption battle between the FBI and Apple, and the recent Supreme Court decision in Riley v. California illustrates a likelihood that the current Court is ready to finally take a position on this old debate.5 This paper argues that the Court should be 1 Riley v. California, 134 S. Ct. 2473 (2014). 2 Id. at 2484. -
0137135599 Sample.Pdf
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Government Sales (800) 382-3419 [email protected] For sales outside the United States, please contact: International Sales [email protected] Visit us on the Web: www.informit.com/aw Library of Congress Cataloging-in-Publication Data: Abelson, Harold. Blown to bits : your life, liberty, and happiness after the digital explosion / Hal Abelson, Ken Ledeen, Harry Lewis. p. cm. ISBN 0-13-713559-9 (hardback : alk. paper) 1. Computers and civilization. 2. Information technology—Technological innovations. 3. Digital media. I. Ledeen, Ken, 1946- II. Lewis, Harry R. III. Title. QA76.9.C66A245 2008 303.48’33—dc22 2008005910 Copyright © 2008 Hal Abelson, Ken Ledeen, and Harry Lewis All rights reserved. -
The Clipper Chip Proposal: Deciphering the Unfounded Fears That Are Wrongfully Derailing Its Implementation, 29 J
UIC Law Review Volume 29 Issue 2 Article 8 Winter 1996 The Clipper Chip Proposal: Deciphering the Unfounded Fears That Are Wrongfully Derailing Its Implementation, 29 J. Marshall L. Rev. 475 (1996) Howard S. Dakoff Follow this and additional works at: https://repository.law.uic.edu/lawreview Part of the Constitutional Law Commons, Criminal Law Commons, Criminal Procedure Commons, Evidence Commons, Fourth Amendment Commons, and the Legislation Commons Recommended Citation Howard S. Dakoff, The Clipper Chip Proposal: Deciphering the Unfounded Fears That Are Wrongfully Derailing Its Implementation, 29 J. Marshall L. Rev. 475 (1996) https://repository.law.uic.edu/lawreview/vol29/iss2/8 This Comments is brought to you for free and open access by UIC Law Open Access Repository. It has been accepted for inclusion in UIC Law Review by an authorized administrator of UIC Law Open Access Repository. For more information, please contact [email protected]. NOTES THE CLIPPER CHIP PROPOSAL: DECIPHERING THE UNFOUNDED FEARS THAT ARE WRONGFULLY DERAILING ITS IMPLEMENTATION INTRODUCTION Improvements in technology have reduced law enforcement's ability to conduct electronic surveillance of criminal activity.' Rather than rely on telephones to communicate with their accom- plices, criminals may increasingly use computers to perpetrate crimes.2 In response to these problems, law enforcement authori- ties have pushed for the implementation of new methods to im- prove the ability of law enforcement agencies to intercept criminal transmissions, while concurrently increasing the privacy of in- dividual citizens.3 The "Clipper Chip" was developed to address this objec- tive.4 This device is intended to alleviate law enforcement's re- duced ability to conduct electronic surveillance by allowing gov- ernment authorities, using proper methods, to intercept criminal transmissions.5 As planned, the Clipper Chip will achieve this by providing a mechanism for government authorities to decode en- crypted communications using so-called "key escrow" technology.6 1. -
A Clash of Interests Over the Electronic Encryption Standard
American University Washington College of Law Digital Commons @ American University Washington College of Law Articles in Law Reviews & Other Academic Journals Scholarship & Research 1995 A Puzzle Even the Codebreakers Have Trouble Solving: A Clash of Interests over the Electronic Encryption Standard Sean Flynn Follow this and additional works at: https://digitalcommons.wcl.american.edu/facsch_lawrev Part of the Communications Law Commons, Computer Law Commons, International Trade Law Commons, Internet Law Commons, and the Science and Technology Law Commons A PUZZLE EVEN THE CODEBREAKERS HAVE TROUBLE SOLVING: A CLASH OF INTERESTS OVER THE ELECTRONIC ENCRYPTION STANDARD SEAN M. FLYNN* I. INTRODUCTION On February 9, 1994, when the National Institute of Standards and Technology (NIST) announced the federal Escrowed Encryption Stan- dard (EES),' the simmering debate over encryption policy in the United States boiled over. Public interest groups argued that the standard would jeopardize an individual's right to privacy. U.S. multinationals voiced concerns that the government would undercut private encryption technology and limit their choice of encryption products for sensitive transmissions. Computer software groups claimed that EES lacked commercial appeal and would adversely affect their ability to compete. Pitted against these concerns were those of the law enforcement and national security communities, which countered that the interests of national security required the adoption of EES. A quick study2 of EES reveals little that would explain this uproar. The NIST issued EES as an encryption methodology for use in its government information processing 3 pursuant to the Computer Secu- rity Act of 1987. 4 The EES is intended to supersede the existing government standard, Data Encryption Standard (DES), which has been in use since 1977 and is very popular. -
Crypto Anarchy, Cyberstates, and Pirate Utopias Edited by Peter Ludlow
Ludlow cover 7/7/01 2:08 PM Page 1 Crypto Anarchy, Cyberstates, and Pirate Utopias Crypto Anarchy, Crypto Anarchy, Cyberstates, and Pirate Utopias edited by Peter Ludlow In Crypto Anarchy, Cyberstates, and Pirate Utopias, Peter Ludlow extends the approach he used so successfully in High Noon on the Electronic Frontier, offering a collection of writings that reflect the eclectic nature of the online world, as well as its tremendous energy and creativity. This time the subject is the emergence of governance structures within online communities and the visions of political sovereignty shaping some of those communities. Ludlow views virtual communities as laboratories for conducting experiments in the Peter Ludlow construction of new societies and governance structures. While many online experiments will fail, Ludlow argues that given the synergy of the online world, new and superior governance structures may emerge. Indeed, utopian visions are not out of place, provided that we understand the new utopias to edited by be fleeting localized “islands in the Net” and not permanent institutions. The book is organized in five sections. The first section considers the sovereignty of the Internet. The second section asks how widespread access to resources such as Pretty Good Privacy and anonymous remailers allows the possibility of “Crypto Anarchy”—essentially carving out space for activities that lie outside the purview of nation-states and other traditional powers. The Crypto Anarchy, Cyberstates, third section shows how the growth of e-commerce is raising questions of legal jurisdiction and taxation for which the geographic boundaries of nation- states are obsolete. The fourth section looks at specific experimental governance and Pirate Utopias structures evolved by online communities.