1996-02-21 - Re: Internet Privacy Guaranteed ad (POTP Jr.)

Header Data

From: IPG Sales <ipgsales@cyberstation.net>
To: Derek Atkins <warlord@MIT.EDU>
Message Hash: bd594f89c89ad38ee932e9ea6b5cfb338c8dcf3cf0ecaced878240ecb53c6e30
Message ID: <Pine.BSD/.3.91.960220140515.9829M-100000@citrine.cyberstation.net>
Reply To: <199602200306.WAA11013@toxicwaste.media.mit.edu>
UTC Datetime: 1996-02-21 08:00:11 UTC
Raw Date: Wed, 21 Feb 1996 16:00:11 +0800

Raw message

From: IPG Sales <ipgsales@cyberstation.net>
Date: Wed, 21 Feb 1996 16:00:11 +0800
To: Derek Atkins <warlord@MIT.EDU>
Subject: Re: Internet Privacy Guaranteed ad (POTP Jr.)
In-Reply-To: <199602200306.WAA11013@toxicwaste.media.mit.edu>
Message-ID: <Pine.BSD/.3.91.960220140515.9829M-100000@citrine.cyberstation.net>
MIME-Version: 1.0
Content-Type: text/plain

Derek - 

As stated previously, we accept the challenge that you make - 
However, we do believe that it should be a two way street -

If you are able to break the system, and everyone knows what we mean by 
break, then we will publicly admit that we are snake oil salesmen, and 
all the other things that Perry Metzger and others called us. We will go 
out of business, and tuck our tail and run. We will inform all major 
publications, WIRED, PC WEEK, PC  Magazine, PC World, Infoworld and the 
like that our mundane system was cracked by the cypherpunks. 

you, they,  will be free, to publish any material, any and all 
materials, will become the property of Cypherpunks if they break 
the system, inculding all of our source code - everything and they may do 
with it as they see fit.

On the other hand:

If the cypherpunks fail to break the system, they 
will  acknowledge that, not that it is unbreakable, but that they 
tried to break the system and were unable to do so, Furthermore, 
they will so notify all the major publications, and news sources that 
they tried break the system and failed - not that it is unbreakable 
but simply that they could not break it. Further, that all materials 
supplied to Cypherpunks will be returned to us, and will not be 
published without our explicit written permission, unless the 
Cypherpunks later break the system. 


That if you have not broken the system by August 1, 1996 the 
expiration date of the demo system to be provided to you, then we are
free to advertise that Cypherpunks have been trying to break our system and 
have been unable to so to that date, Further the cypherpunks will publicly 
acknowledge same as indicated previously. You can still try to break 
the system and publish the results, and obtain all of our souce code, 
materials and whatsoever when you do. However, you must do so with a 
purchased system and not a free demo system.

You can have infinity to try to break the system, but you cannot have 
that long to publicly admit that you have been unable to break it to 
date. I believe 5+ months is long enough to prove how easy it is to 
break, don't you.


If Cypherpunks are unable to break the system, then those who 
participated in the attempt will upbrade those cypherpunks, I at this 
stage prefer to call them cyphermouths, who have leaped before they 
looked, from a list supplied by us, based on received e-mail, in effect 
tell them to find out what they are talking about -before they start 
spouting off. 


We will not publish the algorithms on an Internet URL, for reasons 
that you, yourself, will soon come to understand. But we will provide it to a 
a very large selected set, you or your designee can do the selection, so 
long as all thosee selection are within the United States, of 
cypherpunks as follows:

 1. We will provide a 12 user integrated demo system, each outfitted with 
    240 Nvelopes, and Nvelopeners, read OTPs. These will not be the 
    5600 bit systems, discusssed in the many e-mail messages that have 
    been flowing back and forth, but will be our new 12288 bit systems, 
    which we have been working on since yesterday, since everyone seemed 
    to focus in on the 5600 bit OTPs - the algorithms themselves do not 
    change, only parametric values, but it will take a couple of days to 
    double check everything. 

    These are in effect single user systems, but for your purposes, 
    you may treat them as a site system. You may distribute them to 
    any twelve sites in the United States - You may not knowingly 
    deliver then into the hands of citizens of a country other than 
    the United States, not even Canadians. Nor may you make copies of 
    them and send them to anyone other than the 12 selected sites. Each 
    of the sites may of course communicate back and forth using the 
    system - be sure and don't include anything private because it is 
    so easy to break.  

    At each site, an unlimited number of people may work on cracking the 
    system, without limitation, but they must agree to the terms 
    set out herein in this offer.  Such participants may travel to a site 
    and work on it, but all work must be done at a site, not off 
    premises, at home or whatever -  the site may be operated 168 hours
    a week if desired, but no offsite work. 

   After the 20 User pair Nvelopes are exhausted, the DEMO system will be 
   set to recycle through the Nvelopes/Nvelopeners automatically,  this 
   means, as you might expect, that there is a finite chance, very 
   remote but possible, that you may get one or more exact OTP repeats  
   which means that you will be able to XOR out the OTP used, not the 
   orginal but the one actually used - that doers not count as breaking 
   the system, because it exists only as a convenience to continue 
   testing the system without interruption. For production systems, this 
   does not happen, cannot happen, unless you bugger your own, or allow 
   someone else to,system.     

   Also both performance and interface critisms are off limits during the 
   five months, unless you break the system of course - by then you may 
   crtique the performance, if you do it under lab conditions - a 
   defragmented disk with at least 10 times data free, ie. compare 
   apples to apples, not apples to oranges. We have been focusing on the 
   OTP aspects of the system, to the detriment of performance and 
   interface. For a first release though, we believe you will find them 
   acceptable - we will have a full windows 95 interface and 
   increased performance, hopefully by the time you break the 
   system, within the next few months. 

2. We will also supply 12 complete sets of the algorithms used, and 
   orally clarify any questions or ambiguities that may arise. However, 
   we will not submit to being unundated by a barrage of repetitious 
   questions - no more than three cypherpunks may be appointed as 
   questioners of IPG sales, and we are to be notified in writing,
   of who those appointees are. Inquiries from others will be directed to 
   one those three.

   The algorithms must be worked on at sight, other than some innoculous 
   trail and error processes and procedures which may be worked on at 
   home - no publication of same until you break the system.

Okay, enough badgering of each other - we deliberately did so yesterday, 
as some of you did, but now is the time for the cypherpunks, and for 
a few of what I will call cyphermouths, to put up or shut up. 
Assuming that you accept, we will supply any designee with the 12 sets, of 
materials, by UPS Next Day Air, and you may distrbute them as desired,  
subject to the above restrictions - we want to fight one problem at a 

I somehow hope that you are able to include my good friend, "joke for 
him I am sure but serious from me", Perry in one of the twelve sites, 
so he can show us how stupid we are. Two of the best computer 
system engineers that I have ever known had the last name Metzger, Bob 
and Charles, who was blind - anyway good luck Perry, you are going to 
need it. We await your reply - assuming you accept, we will deliver the 
materials, one of the first three days of next week.

"He who laces himself into the straight jacket of what he knows and 
understands, imprisions his mind" - Willian Friedman memoirs - spoken 
to JVN, and Norbert Weiner, of MIT, at Princeton -