7.11.1. Other Ciphers and Tools
- RIPEM
- PEM
- MD5
+ SFS (Secure FileSystem) 1.0
- "SFS (Secure FileSystem) is a set of programs which
create and manage a number of encrypted disk volumes, and
runs under both DOS and Windows. Each volume appears as
a normal DOS drive, but all data stored on it is encryped
at the individual-sector level....SFS 1.1 is a
maintenance release which fixes a few minor problems in
1.0, and adds a number of features suggested by users.
More details on changes are given in in the README file."
[Peter Gutmann, sci.crypt, 1994-08-25]
- not the same thing as CFS!
- 512-bit key using a MDC/SHS hash. (Fast)
- only works on a386 or better (says V. Bontchev)
- source code not available?
- implemented as a device driver (rather than a TSR, like
SecureDrive)
- "is vulnerable to a special form of attack, which was
mentioned once here in sci.crypt and is described in
detaills in the SFS documentation. Take a loot at the
section "Encryption Considerations"." [Vesselin Bontchev,
sci.crypt, 1994-07-01]
- Comparing SFS to SecureDrive: "Both packages are
approximately equal in terms of user interface, but SFS
seems to be quite a bit faster. And comments from
various people (previous message thread) seems to
indicate that it is more "secure" as well." [Bill Couture
<coutu001@gold.tc.umn.edu> , sci.crypt, 1994-0703]
+ SecureDrive
- encrypts a disk (always be very careful!)
- SecureDrive 1.3D, 128-bit IDEA cypher is based on an MD5
hash of the passphrase
- implemented as a TSR (rather than a device driver, like
CFS)
- source code available
+ Some problems reported (your mileage may vary)
- "I have been having quite a bit of difficulty with my
encrypted drive mangling files. After getting secure
drive 1.3d installed on my hard drive, I find that
various files are being corrupted and many times after
accessing the drive a bunch of crosslinked files are
present." [Vaccinia@uncvx1.oit.unc.edu, 1994-07-01]
- Others report being happy with, under both DOS and
Windows
- no OS/2 or Mac versions reported; some say an OS/2 device
driver will have to be used (such as Stacker for OS/2
uses)
+ SecureDevice
- "If you can't find it elsewhere, I have it at
ftp://ftp.ee.und.ac.za/pub/crypto/secdev13.arj, but
that's at the end of a saturated 64kbps link." [Alan
Barrett, 1994-07-01]
7.11.2. MDC and SHS (same as SHA?)
- "The MDC cyphers are believed to be as strong as it is
difficult to invert the cryptographic hash function they
are using. SHS was designed by the NSA and is believed to
be secure. There might be other ways to attack the MDC
cyphers, but nobody who is allowed to speak knows such
methods." [Vesselin Bontchev, sci.crypt, 1994-07-01]
+ Secure Hash Standard's algorithm is public, and hence can
be analyzed and tested for weaknesses (in strong contrast
with Skipjack).
- may replace MD5 in future versions of PGP (a rumor)
- Speed of MDC: "It's a speed tradeoff. MDC is a few times
faster than IDEA, so SFS is a few times faster than
SecureDrive. But MDC is less proven." [Colin Plumb,
sci.crypt, 1994-07-04]
+ Rumors of problems with SHA
- "The other big news is a security problem with the Secure
Hash Algorithm (SHA), discussed in the Apr 94 DDJ. The
cryptographers at NSA have found a problem with the
algorithm. They won't tell anyone what it is, or even
how serious it is, but they promise a fix soon. Everyone
is waiting with baited breath." [Bruce Schneier, reprot
on Eurocrypt '94, 1994-07-01]
7.11.3. Stego programs
+ DOS
- S-Tools (or Stools?). DOS? Encrypts in .gif and .wav
(SoundBlaster format) files. Can set to not indicate
encrypted files are inside.
- Windows
+ Macintosh
- Stego
+ sound programs
- marielsn@Hawaii.Edu (Nathan Mariels) has written a
program which "takes a file and encrypts it with IDEA
using a MD5 hash of the password typed in by the user.
It then stores the file in the lowest bit (or bits,
user selectable) of a sound file."
7.11.4. "What about "Pretty Good Voice Privacy" or "Voice PGP" and
Other Speech Programs?"
+ Several groups, including one led by Phil Zimmermann, are
said to be working on something like this. Most are using
commercially- and widely-available sound input boards, a la
"SoundBlaster" boards.
- proprietary hardware or DSPs is often a lose, as people
won't be able to easily acquire the hardware; a software-
only solution (possibly relying on built-in hardware, or
readily-available add-in boards, like SoundBlasters) is
preferable.
+ Many important reasons to do such a project:
- proliferate more crypto tools and systems
- get it out ahead of "Digital Telephony II" and Clipper-
type systems; make the tools so ubiquitous that outlawing
them is too difficult
- people understand voice communcations in a more natural
way than e-,mail, so people who don't use PGP may
nevertheless use a voice encryption system
+ Eric Blossom has his own effort, and has demonstrated
hardware at Cypherpunks meetings:
- "At this moment our primary efforts are on developing a
family of extensible protocols for both encryption and
voice across point to point links. We indend to use
existing standards where ever possible.
"We are currently planning on building on top of the RFCs
for PPP (see RFCs 1549, 1548, and 1334). The basic idea
is to add a new Link Control Protocol (or possibly a
Network Control Protocol) that will negotiate base and
modulus and perform DH key exchange. Some forms of
Authentication are already supported by RFCs. We're
looking at others." [Eric Blossom, 1994-04-14]
+ Building on top of multimedia capabilities of Macintoshes
and Windows may be an easier approach
- nearly all Macs and Windows machines will be
multimedia/audiovisual-capable soon
- "I realize that it is quite possible to design a secure
phone
with a Vocoder, a modem and some cpu power to do the
encryption, but I think that an easier solution may be on
the horizon. ....I believe that Microsoft and many others
are exploring hooking phones to PCs so people can do
things like ship pictures of their weekend fun to
friends. When PC's can easily access phone
communications, then developing encrypted conversations
should be as easy as programming for Windows :-)."
[Peter Wayner, 1993--07-08]
7.11.5. Random Number Generators
- A huge area...
+ Chaotic systems, pendula
- may be unexpected periodicities (phase space maps show
basins of attraction, even though behavior is seemingly
random)
7.11.6. "What's the situation on the dispute between NIST and RSADSI
over the DSS?"
- NIST claims it doesn't infringe patents
- RSADSI bought the Schnorr patent and claims DSS infringes
it
- NIST makes no guarantees, nor does it indemnify users
[Reginald Braithwaite-Lee, talk.politics.crypto, 1994-07-
04]
7.11.7. "Are there any programs like telnet or "talk" that use pgp?"
- "Don't know about Telnet, but I'd like to see "talk"
secured like that... It exists. (PGP-ized ytalk, that is.)
Have a look at ftp.informatik.uni-
hamburg.de:/pub/virus/crypto/pgp/tools/pgptalk.2.0.tar.gz"
[Vesselin Bontchev, alt.security.pgp, 1994-07-4]
7.11.8. Digital Timestamping
+ There are two flavors:
- toy or play versions
- real or comercial version(s)
+ For a play version, send a message to
"timestamp@lorax.mv.com" and it will be timestamped and
returned. Clearly this is not proof of much, has not been
tested in court, and relies solely on the reputation of the
timestamper. (A fatal flaw: is trivial to reset system
clocks on computes and thereby alter dates.)
- "hearsay" equivalent: time stamps by servers that are
*not* using the "widely witnessed event" approach of
Haber and Stornetta
- The version of Haber and Stornetta is of course much more
impressive, as it relies on something more powerful than
mere trust that they have set the system clocks on their
computers correctly!
By Tim May, see README
HTML by Jonathan Rochkind