Post by Shaun H
On Sat, 21 Dec 2013 13:57:52 +0800, thang ornerythinchus
Post by thang ornerythinchus
Here's an interesting story.
Looks as though NSA did a deal with RSA division. How naughty.
How about you guys? You're incorporated in Deutschland, so I wouldn't
think there could be any pressure placed on your products, but have
you ever had a polite level of interest shown by anyone in the smart
Don't guess you can say. Intriguing though isn't it?
cheers mate, would be nice to hear from you again :)
Yes I'm still here, but very rarely read this group now. Yes I've read
the article or at least a similar one regarding Snowdens relevations.
Yes I can say, and I say it honestly. Read on Sir. :-)
We don't use RSA for much, apart from software licensing so it isn't
really an issue. Even then we don't use the standard PRNG...
A program we use called Sharecrypt5 uses RSA, (with a different PRNG)
for admin->user control, to update user's key files, from
administrators but not for general encryption of the actual data.
We've never had any "official" interest in our products, or pressure
from governments save from occasional law enforcement requests for
help. We are always very honest with them here, and simply say there's
no back doors or anything, however much we sympathize with their needs
this is not, and never has been any kind of legal requirement, nor is
it likely to be in the future.
I think use of data encryption is so mainstream nowadays, it isn't
really such a big issue that there aren't back doors in products.
Hospitals, doctors, schools, law-enforcement, finance, etc. all use
these kind of products, many use ours, and they would be horrified to
discover a back way in. Indeed such a thing might even be illegal to
use for certain purposes in Europe at least, because the data wouldn't
be regarded as "properly" (in the legal sense) secure.
In order for it to be so, it would really have to be encrypted in a
way that we ourselves could not gain access, at least within any sort
of remotely practical time. The only people who are supposed to be
able to gain easy access are the owners of the data. Nobody else. If
they could, even via a hidden back door, then the product simply
isn't fit for purpose. Such a thing would evenutally be leaked I'm
sure of that.
Such product use is now legally required for storage of personal data
especially where machines are portable, and taken out into the field.
In the UK, the relevant laws are the Data Protection Act, and
Financial Services Authority regulations.
Nice to hear from you. I hope you are well and prospering in 2014 -
at the very least, as one of the pioneering cryptographers (up there
with Schneier and co, at the very least), you deserve to.
I like the inverted commas around "official" - as a euphemism, I think
we all (the few who still scan this group) know what it means esp. in
To the point:
Your commentary relates predominantly to what I call "easy
encryption". That is, standard container encryption with a key.
Practically anyone with an IQ over 70 can create a container and
encrypt it -most such encryption will, until the advent of quantum
computing proper, remain unbreakable (within reasonable computing
The other end of the spectrum, to which I was referring, is the
complex, plausible-deniability driven hidden OS type encryption. These
technologies, of which two stand out (DCPP and TC), are both driven by
AES256, are reasonably complex to implement properly and safely and
are those which aggravate the snooping authorities to the greatest
degree because there is not only little if any difference at raw level
between unformatted platters and hidden OS partition if the key to the
sacrificial OS is provided, but there is no leakage from the hidden OS
(and in the case of TC, rendering of all other drives "read only" -
I'm not certain what the analagous case is with DCPP). An encrypted
container sticks out like a sore thumb and is what is used typically
by say 95% of those in medicine, law, accounting, public services and
so on - the knowledge it is there is often good enough for the snoops.
The law takes over in many countries and there is a jail sentence for
failure to disclose the key(s).
There is no such equivalent knowledge available to the snoops in
respect of DCPP and TC. Those partitions are ascertainable, but the
contents are indistinguishable from a raw partition. At medium
sophistication, they do not know whether the sacrificed OS keys
represent the only encrypted component of the drive, or whether the
partitioning is a clue that there is another OS. Not enough to invoke
the law regarding disclosure of keys if there is no reasonable
evidence that there is indeed some encrypted component of the drive to
which such keys would relate. Only clearly evident containers have
been taken to court under the disclosure laws.
So, in my view the primary target of official approaches to encryption
organisations would be to somehow either backdoor FDE with hidden OS
(at the preboot stage) or somehow allow for identification that there
exists a hidden OS in the free space of the sacrificial. Both
approaches would be protected by law in the US - that is, there would
be an embargo on disclosure by the private organisation (so much for
The devs of TC protect themselves by being completely anonymous. No
one knows who the heck they are and probably never will. An approach
cannot be made to a shadow, which he/they are.
In your case, Securestar is incorporated in Deutschland, which has
much stronger digital privacy laws than the US and as far as I know,
no mandatory key disclosure laws. The totalitarian history of Germany
also means that there is a much stronger will to protect private data
- lest the drift back to Hitlerian ways of thought begin. In my view,
it is the best country in which to incorporate and operate an
encryption developement business. I therefore have no doubt that (a)
probably there has been no NSA level attempt at coercing a backdoor or
tag into your preboot authentication protocol; (b) if there has, it
would have been easily repulsed as the non-disclosure laws relating to
such contacts/requests/requirements do not obtain in Germany; and (c)
you personally have a reputation for integrity of the highest order
and, as the primary asset in Securestar, that integrity is
In my view however there is a problem with plausible deniability in
DCPP pre-authentication which doesn't appear to trouble TC - that is
(from memory - I haven't used DCPP now for at least 5 or 6 years or
more) that it was then at least discernable from the PB routine that
there were two pathways - one to the sacrificial OS and the other to
the hidden. This may have been fixed but from memory was present when
I last used DCPP and would be open to forensic proof that there was,
on balance, an encrypted system in the encrypted system. This can't
be ascertained in TC forensics.
As both systems are used in countries which do have mandatory key
disclosure laws, with jail sanctions, this is/was an important
You mentioned in your reply that "such a thing would be leaked". Well
no, Shaun, not when the full weight of the NSA or its equivalent in
most countries (GCHQ, ASIO etc) is brought to bear and the leaker
would probably disappear into a black hole for a very long time. The
"hidden devs"which many rail about have an excellent defence - they
are unknowable and their identitied have never been leaked. Are they
NSA? Who knows - if they are, then only national security would force
the backdoor open (not trivial FBI local enforcement issues) and the
entire tableau would be closed off, sealed and dropped into permanent
obscurity - Director's eyes only stuff. They probably aren't and
that's why I use TC - and I don't deal in national security matters,
I'm relatively happy with the status quo so for my purposes, TC is
suitable (business matters, patents, marketing, invoicing, etc).
All of this is a little more than academic for me after Snowden (lol,
in lieu of BC, AD etc - AS - "after Snowden") as I am a libertarian of
the highest order. Snowden set back the Orwellian march by decades.
By the way, it seems that in these times NNTP traffic is probably the
last reasonably secure means of communication on the planet. Pick an
NSP whose servers can sit out of the US, and is incorporated in
another country (astraweb comes to mind - EU servers and inc in HK)
and NNTP is fairly much ok. At least for these types of issues which
we are discussing.