Colm Mac Carthaigh wrote:
>> while it's true that a mathematical "short-cut" may be known to the
> NSA, their actions seem to indicate that it's unlikely.
Theoretically they would be unlikely to give any indication because they
would want people to continue using a compromised system.
> They seem to be covertly installing keystroke-loggers (of the hardware
> kind) and make no secret about their desire for only lower keylengths
> to be allowed in general. They also had the zany idea that thy get copies
> of keys.
>> While this could be part of a misinformation campaign it seems
> unlikely.
The hardware side of things requires a smaller investment of resources.
> > Why not use standoff devices that just sniff the tempest radiation? :-)
> >
> > > It's currently pretty easy to encrypt securely, even from the NSA.
Wow you can read an encrypted screen? ;-) Seriously though you can also
use tempest shielding. Eventually you'd end up with a Faraday cage. It
would be easy to hit the computer itself and install the logger. Then
the comms would be the next point (phoneline), then the ISP. The
Carnivore thing seems to be installed at the ISP side though the phone
system the data is perhaps more readily usable.
> > Possibly. Though Enigma, JN25, Purple, DES and a lot of other encryption
> > systems were supposed to be unbreakable. There would have to be some
> > selection process for deciding what problems and identifying nets of
> > 'connected' people is how it would logically be done.
>> I'm not entirely sure what you're saying here
All the algos above were supposed to be unbreakable. However the
selection process also known as traffic analyss identifies a net of
people communicating with each other. Thus if suss0 is communicating
with suss1,2,3,4,5 and the level of communications rises from the normal
level, something is happening. That is if suss[0-5] each use a fixed
e-mail address in this extremely simple example. A lot of the breaks in
the World War II algos (Enigma/JN25/Purple) were helped by a message
being sent in a weaker code that had been compromised then being sent
through the stronger algorithm.
Regards...jmcc
--
********************************************
John McCormac * Hack Watch News
jmcc at hackwatch.com * 22 Viewmount,
Voice: +353-51-873640 * Waterford,
BBS&Fax: +353-51-850143 * Ireland
http://www.hackwatch.com/~kooltek
********************************************
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6
mQCNAzAYPNsAAAEEAPGTHaNyitUTNAwF8BU6mF5PcbLQXdeuHf3xT6UOL+/Od+z+
ZOCAx8Ka9LJBjuQYw8hlqvTV5kceLlrP2HPqmk7YPOw1fQWlpTJof+ZMCxEVd1Qz
TRet2vS/kiRQRYvKOaxoJhqIzUr1g3ovBnIdpKeo4KKULz9XKuxCgZsuLKkVAAUX
tCJKb2huIE1jQ29ybWFjIDxqbWNjQGhhY2t3YXRjaC5jb20+tBJqbWNjQGhhY2t3
YXRjaC5jb20=
=sTfy
-----END PGP PUBLIC KEY BLOCK-----
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
