From: lmccarth@cs.umass.edu
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: f064e858e3c0307a5f4505cb0f83dfa40059197d5a97fca841f4566895ac6949
Message ID: <199602190942.EAA30761@thor.cs.umass.edu>
Reply To: <199602190320.TAA15431@julie.teleport.com>
UTC Datetime: 1996-02-19 09:59:50 UTC
Raw Date: Mon, 19 Feb 1996 17:59:50 +0800
From: lmccarth@cs.umass.edu
Date: Mon, 19 Feb 1996 17:59:50 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Internet Privacy Guaranteed ad (POTP Jr.)
In-Reply-To: <199602190320.TAA15431@julie.teleport.com>
Message-ID: <199602190942.EAA30761@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain
"Internet.Privacy.Guaranteed (IPG)" writes:
> CRE Transforms,
> trademark IPG, are the only acknowledged unbreakable method
> of so transforming digitized information. There are no
> passwords, encryption keys, or anything like that to conjure
> up, remember, and perhaps forget.
Neat trick, unless they're using biometrics, which doesn't appear to be the
case :}
[...]
> Don't Waste your time !
I think they just said it best themselves, but I'll comment a bit more....
[...]
> Every informed expert of the
> technology will confirm, without reservation, that the IPG
> system is not breakable, as many already have!
All under NDA, I suppose. Note that they don't even name an "informed expert of
the technology"; at least the POTP people gave some names.
[...]
> A fully
> operational integrated multi-user system costs approximately
> $140.00 per user, ready to load and go, with thousands, or
> millions of Nvelopes and Nvelopeners. IPG also offers full
> turnkey leases at $15.00 per user, per network, per
> month, which includes all software, upgrades, administration,
> and unlimited Nvelopes and Nvelopeners.
>
> As a reference to its unbreakability, we refer you to an
> article by Paul Leyland on Internet at:
>
> http://dcs.ex.ac.uk/~aba/otp.html
Clearly they (claim to) offer some sort of system using One Time Pads.
Notice the price quote of "$15.00 per user, per network, per month" including
"unlimited Nvelopes and Nvelopeners". I suspect this means that they're
basically selling chunks of (pseudo- ?)random data for as much as $15/person
each month ! I guess it's nice work if you can get it. At that price, one
would hope that they're at least generating truly random bits from a hardware
source. But their skimpy details on their proprietary processes don't
inspire confidence....
> For more information visit our Web Site at:
>
> http://www.netprivacy.com/ipg
In case you didn't get enough hyperbole from the press release, they have
extra helpings on the Web. This site has numerous pages containing precious
little real information. I found a few tidbits in unlikely places, though:
In http://www.netprivacy.com/ipg/mlmplan.html, which incidentally promises
that they "can help you to make some big bucks through the PCX Nvelopes
Multi - Level - Marketing Plan", it says:
> With our manufacturing process it is relatively easy for us
> to manufacture a ready to go system, for 25 users, or for
> 2,500 users. All the user has to do is to prepare a
> DIR.LST, a Directory Listing of the users. We use that as
> the template and manufacture the system.
This is actually a little scary. According to one of their other web pages,
the DIR.LST file is a numbered list of user names and email addresses. So it
appears that a customer hands over a list of names and addresses, and IPG
assigns a set of one-time pads (or something) to each pair of users on the
list. (Holy combinatorial explosion.) And now IPG knows the one-time pads that
will be used between any pair of email addresses on the list it has !
The EES is starting to look attractive by comparison.
> It becomes a load
> and go installation at each of the user sites.
Gee, why are we all so worried about key management ? It's just a load and
go installation at each of the user sites ! ;)
> We will even prepare, or help prepare, the DIR.LST for users.
>
> While we have the software and manufacturing facility to do
> that quickly, it is not easily transportable, to say the
> least, and certain aspects of it, we consider highly proprietary.
"not easily transportable, to say the least" ???
Any ideas to what this might refer ?
OK, I saved (IMHO) the best for last. I suppose this could be taken as a claim
about their proprietary, immobile RNG methods:
(from http://www.netprivacy.com/ipg/comp.html)
> How do we Achieve such High Standards?
> First Class Quality Control!
>
> We achieve unusually high standards of excellence because
> of the manufacturing process. Over 30%, sometimes as high as
> 50% or more of our Nvelopes, Nvelopeners, are discarded
> because they cannot meet our rigid standards. Also our
> Nvelopes and Nvelopeners are subjected to a battery of
> performance tests to insure that when used, they will meet the
> high standards that you would expect.
<sigh> It's a jungle out there....
-Lewis "You're always disappointed, nothing seems to keep you high -- drive
your bargains, push your papers, win your medals, fuck your strangers;
don't it leave you on the empty side ?" (Joni Mitchell, 1972)
Return to February 1996
Return to “Wink Junior <winkjr@teleport.com>”