1997-03-20 - PGP Security

Header Data

From: lucifer@dhp.com (lucifer Anonymous Remailer)
To: cypherpunks@toad.com
Message Hash: a7dbeb44295cd21b38bc84e1705309754bf0238619d9b673e930576894b69f96
Message ID: <199703201102.GAA30790@dhp.com>
Reply To: N/A
UTC Datetime: 1997-03-20 11:02:52 UTC
Raw Date: Thu, 20 Mar 1997 03:02:52 -0800 (PST)

Raw message

From: lucifer@dhp.com (lucifer Anonymous Remailer)
Date: Thu, 20 Mar 1997 03:02:52 -0800 (PST)
To: cypherpunks@toad.com
Subject: PGP Security
Message-ID: <199703201102.GAA30790@dhp.com>
MIME-Version: 1.0
Content-Type: text/plain


  I am passing along the following message, not because of my belief in
the accuracy or veracity of its contents, but merely because of the 
fact that it seems to have kept getting eaten up by various email
systems in the attempts to send it to its original destination.
  The first time it was sent via a remailer, it was bounced for ill-
defined reasons. The second time it was sent, the remailer was shut
down, and remains shut down.
  Efforts to send it through a second remailer also failed, with no
notice from the server of any problems being received. Other email
sent through the remailer at the same time encountered no difficulties.
  I am only noting the facts, here, not proferring any personal judge-
ments on the matter, although I have formed my own opinion as to the
meaning of these facts, particularly since I, myself, came by this 
post during the process of email interception.

> X-Anon-Password: XXXXXXXXXX
> X-Anon-To: XXXXXXXXXXX
> X-Anon-Name: XXXXXXXXXXXX

XXXXXXXXX,
 I thought I would reply privately to you, since you seem to
at least have a willingness to allow the possibility of compromises
to the security of the encryption methodologies behind PGP programs,
among others.

  To begin with, I'm not sure whether you realize it, or not, but the
Navy's spook tenacles run deeper, and extend further, than those of any
of the more notable or visibly involved agencies who lurk in the
background of security and privacy issues.
  One of the reasons for this is that their physical existence could be
said to mirror the Internet in many respects. The very nature of their
'global' home (the sea), has always permitted them access to people and
regions which are denied to others. Also, they are often in the position
to be involved in what looks to be merely the 'transporting' of people
and information.
  Whether providing escort services or getting drunk in foreign bars,
the expertise of naval intelligence has always lain in the area of
observation, first and foremost.

  By far the greatest tool of intelligence agencies on the Internet,
has been traffic analysis. Their techniques are sufficiently sophist-
icated that I would not be surprised to find out that they can tell
more about us from our Internet activity than can be learned from the
satellites capable of reading the newspaper over our shoulder as we
sit in the park.
  Traffic analysis involves all measurable quantum of information, the
chief concerns being the patterns and timing of data transfer, from
which everything ranging from content and motivation can be deduced.

  If you wish to think in terms of back-doors, then you would be well
advised to go beyond the concepts of 'passwords' and 'holes' and try
to think in terms of patterns and timing, and other such 'structures'
which are peripheral to concerns regarding 'code' and 'mathematics.'
  i.e. As well as considering the 'content' of what a program returned,
you must also consider 'when' the program returned the result, and
the patterns in the timing, as well as the content.
  An analogy could be made to a person who, being interrogated, answers
all questions with a predictable rhythm and then 'pauses,' however
slightly, in answering a certain question. You can see that what is
revealed by the 'content' of the answer can be greatly insignificant
compared to what is revealed by the 'delay' in answering.

  To expand your concept of 'back-doors' and 'holes,' you have to ask
questions such as:
  "Does it take a program or hardware longer to return a result of '0',
than to return a result of '1'?"
  "What factors can be introduced into the hardware and/or software
that can influence the patterns and/or timing of various processes
and the results they return?"
  "Can key searches be made more efficient by analyzing such things
as rhythm, syntax, etc? What 'details' or 'qualities' of an individual,
group, or 'arena of concern' can be analyzed for the purpose of being
able to group them into structures which can be searched for?"
  "How can 'assigning' a value to certain sequences of numbers be used
as a pattern to 'filter' the input data into a form which is easier to
analyze?"

  You are aware of 'tricks and techniques' that apply to mathematics
and are widely known.
  i.e. The process of shifting and adding numbers when multiplying by
the number '11'.
  However, what about those quantum of information which are of no
consequence to those seeking for the 'final result' of that multi-
plication? Can the peripheral effects of mathematic calculations
be used to analyze what has taken place, to narrow the scope of
inquiry?
  My nephew describes numbers as getting 'wider' as they get larger,
and he does quick checks of his result through his 'feel' for how
much 'wider' a number should be when he is done, even in complicated
equations which he ill-understands.
  (He reminds me of Steven Wright, who claims that someone told him
that his socks didn't match, and he replied, "Sure, they do. I go
by thickness.")

  I am currently working on a project which involves merging chaos
theory with traffic analysis and other processes to analyze the
effects that algorithms display when processed through the filters
of varying hardware and software structures and methodologies.
  The RSA algorithm and accompanying RSAREF subroutines were our
first focus, for the very reason that there were certain factions
behind the scenes of the Zimmerman/RSA agreement who seemed to
have an inordinate amount of interest in the subroutines being
chained to the algorithm (for reasons that have nothing to do
with patent protection).

  Those whose expertise goes far beyond my own in this area look at
the initial results of the analysis as confirming that their is a
'relationship' between the RSA algorithm and the RSAREF subroutines
which will enable them to break the system down into workable
units for fairly quick analysis.
  What is interesting is that the results from small probes into
other encryption systems show the same potential for exploitation
using varying analysis methodologies and processes.
  (One fairly well-known encryption routine is almost lame enough
to reveal its secrets to anyone with a pencil and a stopwatch, as
well as the file size and time it takes to encrypt.)

  While I would rather you didn't publicize the preceding information,
as a general rule, I think that is something that should be shared with
anyone who is seriously focusing their efforts on better methods of
encryption and analysis of encryption methodologies.
  I am aware of two other groups who are working along the same lines,
although with a narrower range of variables than ourselves, and I am
certain that there must be more than a few other entities out there
who are also pursuing this line of research.

  I would appreciate any comments you may have on the above, as well as
any suggestions you may have. (Despite having a post-graduate degree
in an area which required a thorough grounding in mathematics I may
have to refer any highly technical suggestions to those in the group
who dream in numbers, sunset to sunrise.)






Thread