This is why DES-OFB is out and AES is IN w/ The Feds!

[ASTROMODAT]

P25 with DES-OFB is what Philly is using, and like this guy says, DES-OFB is yesterday's low protection technology. This is why the Fed folks are switching to AES big time. Turns out that AES is 40% less costly than DES-OFB, so it's obvious that the Big M is looking to get folks on the right track (e.g., get those Homeland Security bucks!).

Enjoy!

Enough already! Just fix the radio system

In 1999 the City of Philadelphia thought it would be a good idea to spend $50 million of your money on a radio system that (at the time) was unable to be monitored by the general public.
This system, a digital municipal trunked radio program, was fairly new to the public safety community. Some had employed these in other areas, so it was not like Philadelphia was going to be the guinea pig. But, when some municipalities raised complaints, city officials should have been listening.
Instead, it appears they listed to the slick sales pitch. On paper, the system, manufactured and designed by Mororola, looks good. The radios are sturdy; they can be accidentally dropped or briefly submerged in water and they still will perform. But, the facts are that dropped calls, dead batteries and lack of service have marred this system.
To be fair, Motorola is not 100 percent liable. Verizon and city officials share the blame. Still, numerous reports on this radio system as far back as 1999 predicted problems. Who, other than City Councilman Frank Rizzo and some media types, were listening?
First, the city can do better on the battery issue. This may seem like a trivial matter, but it isn't. They are currently using an expensive brand name battery. I am not familiar with their purchasing, but I shop at a wholesale distributor. I use the same radio and buy two batteries for the price of one brand name cell.
Second, make sure Verizon and other technicians have access to the places they need to have access to. One of the issues stemming from the last snafu with the system were charges that Verizon technicians could not gain entry into the building that houses the radio system. Do proper maintenance on the system. It's like paying $335,000 for a Rolls Royce and not wanting to spend $25 to change the oil.
Third, let's end once and for all the half-truths and outright lies about the old system. One of the primary reasons the city decided to spend money on this system was to thwart scanner-listeners. And, after the $54 million check was cashed, so to speak, the argument was lost because digital scanners came out the week the city switched.
Fourth, eliminate encryption for the fire department. Frankly, it is dangerous and unnecessary. And, no, the federal government, despite the climate after 9/11, has not mandated it. The fire department is a guinea pig used for testing of this system.
Now, please understand: I wholeheartedly agree some communication should not be broadcast over the air. Cell phones or perhaps one encrypted channel perhaps in a battalion chief's vehicle is all that would be needed.
Did you know that the extra money spent for encryption was not originally in the budget? I'll bet you would be tickled pink to know the type of encryption that cost you so much money is deemed unfit for top secret communications by the FBI, Secret Service and the entire federal government.
Why? Because a missed transmission is crucial. It can mean the difference between life and death. The city scrapped the old system they had. It is now being used by the prison system and SEPTA. However, all is not lost. The city can license additional 800 MHZ frequencies and use them in conventional, analog mode as a back up in case the system fails again. It's vital under Homeland Security.
These channels can also be used for routine transmissions between units. In fact, the city has several already in place but they are never used. They are great for communicating with Montgomery County or New Jersey officials should the need arise. Why not equip each patrol vehicle with a UHF radio to communicate with other municipalities such as Bucks County, or helicopter services and the like?.
Interference on the fire system is common. Last week the FCC announced rebanding or re-farming of the 800 MHZ band. I would strongly urge the city not to be the first to do this. Wait a while, see who jumps first and if it solves their problems. Rebanding might not be the solution. We should not let the police and city employees be the guinea pigs for this.
Let's not hop on this bandwagon as fast as we did with the 800 MHZ system.
We might fall off and no one would hear us.

[Cam]

From everything I read and from talking to people who use the system, most would be happy with an old callbox system or tin cans and string over the current system.

Encryption on a municipal really doesn't make a lot of sence. What is the point? Sure some people may hear it but who cares? If it is something that can't be said in the clear then it is most likely something that shouldn't be said over the radio system anyway. Just think about how many people would still hear it.

[mr.syntrx]

P25 with DES-OFB is what Philly is using, and like this guy says, DES-OFB is yesterday's low protection technology. This is why the Fed folks are switching to AES big time. Turns out that AES is 40% less costly than DES-OFB, so it's obvious that the Big M is looking to get folks on the right track (e.g., get those Homeland Security bucks!).

Enjoy!

DES has been known to be insecure (that is, proven to be so) since at least 1998.

[wb4bsd]

No encryption forsale on the market today is authorized to be used for transmitting any type of DOD classified CONFIDENTIAL data, Confidential is the lowest classified classification the military has and the highest of course would be Top Secret and of course there are varriants to that. To transmitt even confidential data you must go through the NSA for approval to use it. An example of this type encryption would be the type the military uses in their STU-III telephones. As high as AES encryption is, i dont think it is even cleared for transimission of what the DOD would consider classified data (voice or data that is). The most classified thing a local law enforcement agency would need to transmit would be maybe a social security number or an FBI number a person was given that is a prior fellon and of course drug deals and things like that.

If i am wrong on any of this please correct me as i am going off of what i was told when i was researching the level of encryption my Command was going to use when we get our new UHF trunk system installed and our radio transmissions are governed not only by the Dept of the Navy, but also the Dept of Energy and the Nuclear Reg Comm.

Have a nice day

[ASTROMODAT]

Motorola has encryption systems that meet both Type I and Type II standards, but these radios are within the confines of the Government Sales Group. These radios include the XTS-5000 and XTL-5000 equipped with encryption modules that are not available through their normal two-way land mobile sector. These radios are not available to loacl PDs, and the like.

You may want to consider inviting Motorola to come out and give your group a presentation covering their two-way radio lineup, with various encryption types for US Gov't applications. Tell them what level of DOD classification that you need to meet, and they will come prepared with solutions.

[Pj]

I would imagine that DVP/DES is more than suffiecient to thwart the average Joe Hacker on the average public safety system.

It took what, 3 days with a few supercomputers to crack a single DES key?

I don't know too many underground supercomputer hacker groups myself...but you never know.

[RESCUE161]

I would imagine that DVP/DES is more than suffiecient to thwart the average Joe Hacker on the average public safety system.

It took what, 3 days with a few supercomputers to crack a single DES key?

I don't know too many underground supercomputer hacker groups myself...but you never know.

Was that 3 days trying to decode an intermittent rf signal, or a streaming (on all the time) signal?

[batdude]

i believe that was a text document encrypted with des that was cracked.



the decoding of an encrypted voice stream would, IMHO, but TONS more difficult....as the "answer" is subjective - human voice... not written words!


with all due respect to everyone's opinions out there, i don't think the NSA is going to be recording and cracking ANY of our comms any time soon.

[mr.syntrx]

I would imagine that DVP/DES is more than suffiecient to thwart the average Joe Hacker on the average public safety system.

It took what, 3 days with a few supercomputers to crack a single DES key?

No. It was done by a specially designed machine that could likely be built for under $100,000 in today's dollars. The original machine was developed and constructed for about $220,000 in 1997-1998, but most of those costs were one-time R&D expenses, and the cost of IC fabrication has come down significantly since then.

This sort of cash is beyond the reach of Joe Hacker, but it's well within the budget of organised crime.

[RESCUE161]

I'm still with Batdude on this and I have been all along. If someone is willing to spend $100,000.00 on a computer to crack my DES comms in "3 days" (yeah right), then let them listen to me...

I can rekey all of my radios every day - no problem.

I want to see proof of a cracked DES RF TRANSMISSION, not a file that is accessed through the internet.

[ASTROMODAT]

We keep seeing these folktales on this board about $100,000 equivalent machines that can crack DES. With all due respect, I don't believe it for one second. Why not post the proof here that documents any such case. I won't be holding my breath.

[mr.syntrx]

Better believe it (and take a look at the photos of the machine, too.)

http://www.eff.org/Privacy/Crypto/Crypt ... ESCracker/

It was very widely publicised in the tech media back when it occurred.

[ASTROMODAT]

Interesting! Even so, this article says it took 100,000 PC's working on the Internet for 22 hours. I have no idea how that compares to a situation where someone is transmitting in real time voice. According to this article, the 100,000 people working together in parallel over the Internet were analyzing the same fixed page of DES encrypted text. When someone is talking with DES encryption, for all I know, that would be like handing 100,000 people a new DES encrypted test message every few microseconds. Given it took 100,000 computers 22 hours to crack one fixed and finite page of text, then maybe it would take 100,000 people 12 million years to crack the code for voice, by which time everyone is dead, and all is irrelevant. Who knows...

I think wowbagger weighed in on this subject a few times, and I seem to recall that his comments put this little test in a practical environment (e.g., they still can't crack DES encrypted voice transmissions). But, I don't know, so maybe there is a cryptologist on the board that can shed some light on this?

One thing for sure is that someone must be worried about the integrity of DES since the Fed users are so adamant about switching from DES to AES. Motorola is pushing AES really hard, and it lists at around $450 per module versus $750 for DES-OFB on a new P25 radio. Also, DES can still be managed with PID's, with CKR being an optional approach. AES can be run with CKR only (no more PID's with AES!).

[MattSR]

the decoding of an encrypted voice stream would, IMHO, but TONS more difficult....as the "answer" is subjective - human voice... not written words!

I have to respectfully diagree with you here batdude - All you would need to look for is the P25 frame header. once this sucessfully decodes, you \know you have the right key...

[mr.syntrx]

Interesting! Even so, this article says it took 100,000 PC's working on the Internet for 22 hours. I have no idea how that compares to a situation where someone is transmitting in real time voice. According to this article, the 100,000 people working together in parallel over the Internet were analyzing the same fixed page of DES encrypted text. When someone is talking with DES encryption, for all I know, that would be like handing 100,000 people a new DES encrypted test message every few microseconds. Given it took 100,000 computers 22 hours to crack one fixed and finite page of text, then maybe it would take 100,000 people 12 million years to crack the code for voice, by which time everyone is dead, and all is irrelevant. Who knows...

The DES cracking machine by itself knocked the key over in 3 days, but it did it in 22 hours in conjunction with the 100,000 PCs on distributed.net. The design of the DES cracking machine is such that it can be scaled up easily, and each cracking IC on the system could be made significantly faster in 2005 than it could in 1998, for the same money. A modernised model of this machine would likely do it a hell of a lot faster.

I think wowbagger weighed in on this subject a few times, and I seem to recall that his comments put this little test in a practical environment (e.g., they still can't crack DES encrypted voice transmissions).

I don't know if that has been tried on this machine, especially because the use of DES in two-way radio is really quite insignificant in the grand scheme of things.

DES is DES, whether you use it against CVSD voice, text, video or anything else. The only thing that changes is how you tell whether you have correctly cracked something.

But, I don't know, so maybe there is a cryptologist on the board that can shed some light on this?

One thing for sure is that someone must be worried about the integrity of DES since the Fed users are so adamant about switching from DES to AES. Motorola is pushing AES really hard, and it lists at around $450 per module versus $750 for DES-OFB on a new P25 radio. Also, DES can still be managed with PID's, with CKR being an optional approach. AES can be run with CKR only (no more PID's with AES!).

Not too long ago, the US Government was very adamant that DES was safe. They said it would take x million times the age of the universe to crack DES, blah blah blah. Even after the EFF built this machine, the posturing continued for quite a while until AES was finalised.

AES is certainly preferable to DES. Anyone who proposes the use of single DES for anything at all in the IT industry gets laughed at - as far as computing folk are concerned, DES is insecure, and should be shunned. The same attitude towards it doesn't seem to exist in the mobile radio industry.

AES is probably cheaper from Motorola because it's more efficient in software than DES. Rather than having to pay for a custom fabbed IC as you would for DES, you can put a cheap microprocessor on that crypto module instead.

[wavetar]

My thoughts on this subject have changed from a few years ago. Even though I haven't heard of it being done yet, there's no doubt in my mind that computational power in just the next couple of years would allow someone of even moderate means to decode DES encrypted radio traffic. Check out the new 'Cell' processor architechture as an example. At a bare minimum, it has 10 times the computational power of the current highest end x86 processor.

http://www.blachford.info/computer/Cells/Cell0.html

As Matt pointed out, you can just use something which doesn't change, such as the P25 header, to base the decoding on.

DES had a great run, it took over 30 years for the world to catch up to it, but it's day in the sun has come & gone. No doubt in half that time frame, cracking AES will change from unthinkable to possible as well.

Todd

[ASTROMODAT]

Keep in mind that Type I is already here, and Gov't customers can get this on the XTL and XTS radios today. This makes AES look like child's play. Problem is, Uncle Sam won't let you use it. So, as I see it, it ain't a matter of technology so much as it is a matter of the Gov't drawing a line in the sand and not letting civilian types have access to the really good stuff. That's a policy issue, as opposed to a technology issue.

I wonder if the Appleheads will be out there cracking DES with their Quad processor Power Macs, supposedly due out very soon.

[mr.syntrx]

Well, I've got access to a brand new 16-way Sun UltraSPARC-powered box at work, and I won't be cracking any DES with that anytime soon. A general purpose microprocessor does that particular job very, very inefficiently.

As for strong encryption available to the public... the popular RSA cipher supports 16384-bit keys, and you can get 1024 bits with DSA - both of these ciphers are freely available to the public. There's a lot more to whether a particular cipher is secure than just the length of its keyspace, though. I really have to say that 16384-bit RSA in my Spectra would be pretty cool

Uncle Sam doesn't particularly like people having strong crypto. Take look at the heat Phil Zimmerman received when he released PGP.

[ASTROMODAT]

This stuff is getting very academic. The only encryption types we can use are limited to DES or AES (unless you go back in time to ancient stuff like DVP, etc.). Hams are not allowed to use any sort of encryption.

[mr.syntrx]

We can have "ADP" (40-bit RC4, if I remember correctly.)

[ASTROMODAT]

Correct on ADP, although it is a lot weaker than even single DES.

By the way, I wonder if anyone can comment on the security level of triple DES versus AES? Triple DES has become extremely popular, such as with AT&T Fixed Wireless systems, but it's been around forever, so I assume AES is more secure?

[mr.syntrx]

Yes, ADP's 40 bit keyspace is so very small that it can be searched with very modest resources. It is done so regularly it ain't funny.

With 3DES, as I understand it, you've essentially got a keyspace of 112 bits, because two 56-bit keys are used. You encrypt your plaintext using one key, encrypt the result using a second key, and finally decrypt this result using the first key. The difference between 112 bits and 128 bits is quite significant - a 128 bit keyspace is 65536 times as large as a 112 bit keyspace.

I can't really comment on any other differences, except maybe a certain issue with blocksizes that may or may not be significant - I'm no mathematician.

[GodWhacker]

Enough already! Just fix the radio system

In 1999 the City of Philadelphia thought it would be a good idea to spend $50 million of your money on a radio system that (at the time) was unable to be monitored by the general public...

Sorry to break from the encryption tech talk, but I'd like to know where this article came from. It may have been there and I missed it, in which case I apologize.

[radio-link]

the decoding of an encrypted voice stream would, IMHO, but TONS more difficult....as the "answer" is subjective - human voice... not written words!

Speech may be even easier to crack than some text or random stuff like binary data - there is only one case where large portions of silence occur in the audio stream after decryption attempts, and this is in case you have the right key. In all other cases it is just white noise, easy to automatically detect.

[kb3jkp]

I'll bet you would be tickled pink to know the type of encryption that cost you so much money is deemed unfit for top secret communications by the FBI, Secret Service and the entire federal government.

it was my understanding that AES was "holy" for gov't agencies and that they themselves do not use it... but "holy" in the fact that the algorithm used to generate the key is too predictable.....

although its been a while since I've done work on crypto... back messing with STU's ....

[radio-link]

[quote="kb3jkpit was my understanding that AES was "holy" for gov't agencies and that they themselves do not use it... but "holy" in the fact that the algorithm used to generate the key is too predictable.....

although its been a while since I've done work on crypto... back messing with STU's ....[/quote]

Without being too deep in this stuff, I assume AES holds a backdoor wide open - this is OK for my AESed private WLAN, but I would not like this for critical radio comms.

[mr.syntrx]

The specs for AES (both FIPS 197 and the original Rijndael cipher submission) are completely open for public scruitiny. The algorithm was not developed by the US government - it was developed by Joan Daemen and Vincent Rijmen, a pair of independent researchers from Belgium. It is very highly unlikely that AES has been backdoored by anyone, let alone Uncle Sam.

So far, there is no credible evidence to suggest the existance of a back door in AES. It would be a Bad Thing(tm) for the reputations of NIST and the developers, just for a start, if such a thing were to be discovered.

[mtr12222]

I have first hand knowledge that at least 3, three letter agencies are still using DES/DES-OFB and MDC OTAR. AES is a blip on the radar but won't be in place for a long time.

[2wayfreq]

So it kinda boils down to DES-XL OFB/AES is old hat already and what they have for the Govt is like 5 times better? Thats cool. At least messing with DES-XL for private chit chat is probably not a big deal then.

[apco25]

remember, all this low level encryption stuff is just that... LOW LEVEL.

The stuff the mil guys play with is far beyond DVP, DES, XL - OFB variants or the AES.

[Wowbagger]

Speech may be even easier to crack than some text or random stuff like binary data - there is only one case where large portions of silence occur in the audio stream after decryption attempts, and this is in case you have the right key. In all other cases it is just white noise, easy to automatically detect.

Not quite. You don't just digitize the voice and then encrypt it, you have a compression stage first. *ANY* form of compression works by removing the redundancy of the signal, or "increasing the signal entropy" as it is expressed in signal processing. Increasing the entropy of a signal increases the randomness - the output of an ideal compressor is indistinguishable from random noise by normal means.

So what you do in (for example APCO-25) is:
Digitize the voice.
Compress it with the vocoder (greatly increasing the entropy of the signal).
Encrypt the data.
Compute forward error correction codes.
Modulate.

Demodulate.
Apply forward error correction.
Decrypt
Decompress signal with vocoder.
Convert to analog, amplify, and apply to speaker.

So you don't have "long periods of silence" you can check against. Also, the algorithm in any truly secure system is such that the encryption of block N+1 depends upon being able to correctly decode block N - so if you don't get N right you won't get N+1 right.

Without being too deep in this stuff, I assume AES holds a backdoor wide open - this is OK for my AESed private WLAN, but I would not like this for critical radio comms.

You would assume wrongly. The FBI, the Secret Service, and several other such agencies use AES on their radios (I know, as they use our gear to test them).

As was noted in other posts, the AES algorithm was not developed by the US government but by mathematicians in other countries. Furthermore, the AES algorithm is freely available to anybody who wants to examine it (I have several copies of it on my machine as it is part of the source code from which the 2975 firmware is built) - this is NOT a black box that users have no visibility into.

You are possibly confusing AES with Clipper, which was a "black box" that the Clinton administration tried to foist upon the community. There WAS no visibility into the Clipper algorithm - it was a sealed and tamper-proofed chip, and it was KNOWN to have a back door the size of a house in it.

[mr.syntrx]

The Skipjack algorithm used by Clipper has since been mostly declassified, but the mile-wide back door (LEAF, Law Enforcement Access Field) is still, of course, under wraps.

[ASTROMODAT]

True, unles you have access to Crimson keys, in which case you can start embedding cryptojix algos, which (in the right hands) can be extremely effective.

[Fuel4300]

As was noted in other posts, the AES algorithm was not developed by the US government but by mathematicians in other countries. Furthermore, the AES algorithm is freely available to anybody who wants to examine it (I have several copies of it on my machine as it is part of the source code from which the 2975 firmware is built) - this is NOT a black box that users have no visibility into.

In fact, the AES algorithm was the topic of a computer engineering undergrad senior project at my college this semester. It was quite interesting but if its being disected by college students, as you said, it certainly is not a black box.

Mike

[Cipher77]

Without being too deep in this stuff, I assume AES holds a backdoor wide open - this is OK for my AESed private WLAN, but I would not like this for critical radio comms. You would assume wrongly. The FBI, the Secret Service, and several other such agencies use AES on their radios (I know, as they use our gear to test them).

As was noted in other posts, the AES algorithm was not developed by the US government but by mathematicians in other countries. Furthermore, the AES algorithm is freely available to anybody who wants to examine it (I have several copies of it on my machine as it is part of the source code from which the 2975 firmware is built) - this is NOT a black box that users have no visibility into.

You are possibly confusing AES with Clipper, which was a "black box" that the Clinton administration tried to foist upon the community. There WAS no visibility into the Clipper algorithm - it was a sealed and tamper-proofed chip, and it was KNOWN to have a back door the size of a house in it.

As far as FBI USSS etc. using AES.......Even if they say they are using it, they probably were told that it's "AES" because anyone without a "secret" clearance isn't even supposed to know the code name of the cipher. All COMSEC crypto are known as "Type I, II, III" and All are classified. I know for a fact that the FBI as of 4 years ago WAS NOT using DES Securenet. What was thought to be DES (same keyloader - different hybrid), is actually classified hardware with a classified crypto hybrid.

So far, there is no credible evidence to suggest the existance of a back door in AES. It would be a Bad Thing(tm) for the reputations of NIST and the developers, just for a start, if such a thing were to be discovered.

If ANYONE thinks that the NSA would allow any encryption that was available to anyone other than the NSA itself without a "back door" you probably believe in Santa Clause too. This includes ALL NON COMSEC crypto DVP, DES, DVI, AES, etc. ALL and I mean ALL crypto/communications gear purchased or used by any Govt. branch must have classification and approval from the NSA and must meet their standards for different types of classification of comms (ie. confidential, secret, top secret etc.) period!!!

remember, all this low level encryption stuff is just that... LOW LEVEL.

The stuff the mil guys play with is far beyond DVP, DES, XL - OFB variants or the AES.

apco25 has a real good concept of the reality of the Govt. crypto world......DES, DVP, DVI and AES (Yes, I said A.E.S.) is ALL lumped into the same security classification - none, as far as Moto & the NSA is concerned. It is (as apco25 has said) "low level stuff". They start classifying crypto at the COMSEC level as Type I, II, III. All the NSA standards for DES, AES etc. states that only "confidential" info can be conveyed using that type of crypto technology.


Belee dat!!

[Wowbagger]

As far as FBI USSS etc. using AES.......Even if they say they are using it, they probably were told that it's "AES" because anyone without a "secret" clearance isn't even supposed to know the code name of the cipher. All COMSEC crypto are known as "Type I, II, III" and All are classified. I know for a fact that the FBI as of 4 years ago WAS NOT using DES Securenet. What was thought to be DES (same keyloader - different hybrid), is actually classified hardware with a classified crypto hybrid.

Except that if you don't have the algorithm, you cannot test the radio. They test their radios with 2975's, which I designed. The 2975 does NOT have a crypto module in it - the crypto is done by code on one of the DSPs - code that is built from source every time a release is built. Code that I have on my hard drive right now. Code that is the AES algorithm. Q.E.D.


The AES algorithm has been examined by cryptographers and mathematicians world wide, any of whom would stand to greatly benefit from finding a vulnerabilty in the AES algorithm.

[mr.syntrx]

If ANYONE thinks that the NSA would allow any encryption that was available to anyone other than the NSA itself without a "back door" you probably believe in Santa Clause too. This includes ALL NON COMSEC crypto DVP, DES, DVI, AES, etc. ALL and I mean ALL crypto/communications gear purchased or used by any Govt. branch must have classification and approval from the NSA and must meet their standards for different types of classification of comms (ie. confidential, secret, top secret etc.) period!!!

How do you propose keeping a back door secret in a completely open algorithm?

There is far, far stronger crypto in public hands than AES. I use 4096-bit DSA every day - there will not be enough computing power in the forseeable future to brute force that key before the sun burns out.

[Cipher77]

Except that if you don't have the algorithm, you cannot test the radio. They test their radios with 2975's, which I designed. The 2975 does NOT have a crypto module in it - the crypto is done by code on one of the DSPs - code that is built from source every time a release is built. Code that I have on my hard drive right now. Code that is the AES algorithm. Q.E.D.


The AES algorithm has been examined by cryptographers and mathematicians world wide, any of whom would stand to greatly benefit from finding a vulnerabilty in the AES algorithm.

The FEDS (ie. any dept. of treasury organizations: FBI, USSS, USMS, USCS, DEA, BATF etc.) aren't using the same crypto that you or I have the ability to buy - period!! They can only be authorized to use what the NSA standard allows for higher than "confidential" radio traffic (ie COMSEC caliber crypto). FBI, USSS etc. obviously deal in matters of national security which automatically warrant a higher than "confidential" classification. Now, if your talking about security at the VA hospital or GSA etc. this doesn't warrant higher than "confidential" classification. This would be a perfect application where AES could be utilized.

And as far as your quote, "The AES algorithm has been examined by cryptographers and mathematicians world wide, any of whom would stand to greatly benefit from finding a vulnerabilty in the AES algorithm"

First off, WHY in the HELL would the NSA want to gamble on National Security with some crypto algo that was developed by citizens of ANOTHER COUNTRY and distributed world wide!?!?!?

Second off, WHY would the NSA want to make AES their standard and the SAME strength crypto that other counrties governments have?!?!?! Prime example: DES (to the best of my knowledge - I think.....) is STILL a NON exportable item. You need a Munitions license in order to export it. DES is 25 year old technology!!!! The whole world for the most part has NEVER seen DES (at least it's RF cryptogaphic equivalent)!!! AGAIN, why would the NSA want something that the whole world has access too as well as everyday citizens?!?!?!

Don't ever under estimate the powers or the capabilities of the NSA. IF we actually knew a fraction of their capabilities you (and me both) would probably crap our pants

I'm not trying to sound like an a55, but my resources that I've known over the last 15 years tell me different (what they can legally at least). These friends worked at the Secure Design Center in the Infrastructure and Design building in Schaumburg, and have had - at one time - worked on top secret projects involving Type I crypto for the WHCC and the DOD

As for your quote, "There is far, far stronger crypto in public hands than AES. I use 4096-bit DSA every day - there will not be enough computing power in the forseeable future to brute force that key before the sun burns out." Again, Don't EVER under estimate the powers or the capabilities of the NSA. It's only available to you because they (NSA) said so. They have only deemed it safe to national security to be used in the private sector. TRUST ME!!! & I would bet my next paycheck that they have either cracked it or have the back door to it.

Just because all of these geeks at MIT (that make all of us look like retards) and such haven't developed the technology to crack a 4096bit crypto algo yet, who is to say that the NSA doesn't have geeks working for them that make the MIT geeks look like retards in comparison. We have no idea what their capabilities are and that is for a good reason (I hope). We cannot gauge their capabilities with our (meaning everone but the NSA and the Govt.) Capabilities. That is why you think that "there will not be enough computing power in the forseeable future to brute force that key before the sun burns out."

People need to start thinking outside the box.

cheers

[mr.syntrx]

Except that if you don't have the algorithm, you cannot test the radio. They test their radios with 2975's, which I designed. The 2975 does NOT have a crypto module in it - the crypto is done by code on one of the DSPs - code that is built from source every time a release is built. Code that I have on my hard drive right now. Code that is the AES algorithm. Q.E.D.

The AES algorithm has been examined by cryptographers and mathematicians world wide, any of whom would stand to greatly benefit from finding a vulnerabilty in the AES algorithm.

The FEDS (ie. any dept. of treasury organizations: FBI, USSS, USMS, USCS, DEA, BATF etc.) aren't using the same crypto that you or I have the ability to buy - period!!

A far more credible person than yourself just said that they are, and I, for one, believe him.

They can only be authorized to use what the NSA standard allows for higher than "confidential" radio traffic (ie COMSEC caliber crypto). FBI, USSS etc. obviously deal in matters of national security which automatically warrant a higher than "confidential" classification. Now, if your talking about security at the VA hospital or GSA etc. this doesn't warrant higher than "confidential" classification. This would be a perfect application where AES could be utilized.

And as far as your quote, "The AES algorithm has been examined by cryptographers and mathematicians world wide, any of whom would stand to greatly benefit from finding a vulnerabilty in the AES algorithm"

First off, WHY in the HELL would the NSA want to gamble on National Security with some crypto algo that was developed by citizens of ANOTHER COUNTRY and distributed world wide!?!?!?

Every good cryptographer knows that the secrecy of an algorithm is not to be relied upon for the purposes of security, and I'm 100% sure that the NSA knows tha, too. Security is dependent on KEYS being kept secret. The fact that they keep the algorithms under wraps anyway is pretty irrelevant.

Second off, WHY would the NSA want to make AES their standard and the SAME strength crypto that other counrties governments have?!?!?! Prime example: DES (to the best of my knowledge - I think.....) is STILL a NON exportable item. You need a Munitions license in order to export it. DES is 25 year old technology!!!! The whole world for the most part has NEVER seen DES (at least it's RF cryptogaphic equivalent)!!!

DES has been exportable for many years now. Get with the times.

AGAIN, why would the NSA want something that the whole world has access too as well as everyday citizens?!?!?!

Don't ever under estimate the powers or the capabilities of the NSA. IF we actually knew a fraction of their capabilities you (and me both) would probably crap our pants

Mindless stuff.

I'm not trying to sound like an a55, but my resources that I've known over the last 15 years tell me different (what they can legally at least). These friends worked at the Secure Design Center in the Infrastructure and Design building in Schaumburg, and have had - at one time - worked on top secret projects involving Type I crypto for the WHCC and the DOD

Everyone knows that. It has never been a secret.

As for your quote, "There is far, far stronger crypto in public hands than AES. I use 4096-bit DSA every day - there will not be enough computing power in the forseeable future to brute force that key before the sun burns out." Again, Don't EVER under estimate the powers or the capabilities of the NSA. It's only available to you because they (NSA) said so.

No. The publication of cryptographic algorithms is protected by the First Amendment of the US Constitution. See Bernstein vs USDOJ (1999). Only the use of algorithms developed by Uncle Sam like FASCINATOR are restricted.

You are also clearly not aware of the fact that the NSA's authority ends at the borders of the United States of America.

The people who say what crypto I can and can't have say the following:

"There are no restrictions on the use of cryptography within Australia, or on the import of cryptography into Australia."

They have only deemed it safe to national security to be used in the private sector. TRUST ME!!! & I would bet my next paycheck that they have either cracked it or have the back door to it.

You're making things up again.

Just because all of these geeks at MIT (that make all of us look like retards) and such haven't developed the technology to crack a 4096bit crypto algo yet, who is to say that the NSA doesn't have geeks working for them that make the MIT geeks look like retards in comparison. We have no idea what their capabilities are and that is for a good reason (I hope). We cannot gauge their capabilities with our (meaning everone but the NSA and the Govt.) Capabilities. That is why you think that "there will not be enough computing power in the forseeable future to brute force that key before the sun burns out."

People need to start thinking outside the box.

cheers

And you need to stop making things up.

[Cipher77]

I only have 2 things to say

1) Your gullable as hell.

2) Just remember "The earth is round"

[Cipher77]

Sorry, my bad!!!

I didn't realize that you're from another country. I thought that you were in the U.S.

As for Fascinator (previously COMSEC Type1 crypto) There are several more that I know of that are currently in use however will not divulge the names of them or the inner-workings of them.

cheers

[Cipher77]

Obviously there is a miscommunication:

"No. The publication of cryptographic algorithms is protected by the First Amendment of the US Constitution. See Bernstein vs USDOJ (1999). Only the use of algorithms developed by Uncle Sam like FASCINATOR are restricted. "


This is the crypto that I'm talking about!!! The name of the crypto that you had mentioned is TYPE I or II COMSEC (Communications Security Division of the National Security Agency). They make the rules, crypto and standards for the U.S. Govt.
This is the crypto that the Federal agencies under the DoD or the Department of the Treasury (FBI, USSS) that deal with issues of national security use NOT AES!!!

[cgroftmc]

The term COMSEC (Communications Security) is not a term used to identify a division at the NSA that may or may not exist. Do you really know what you are talking about??

Craig

[tvsjr]

The term COMSEC (Communications Security) is not a term used to identify a division at the NSA that may or may not exist. Do you really know what you are talking about??

Craig

I doubt it... he's a troll. I have first-hand knowledge that several of his facts are wrong.

[Cipher77]

The term COMSEC (Communications Security) is not a term used to identify a division at the NSA that may or may not exist. Do you really know what you are talking about??

Craig

IF you're so intelligent, why don't you know how to at least research what you are talking about before you post. Unlike you, I can back up what I say with proof:

taken from the NSA.gov website:

http://www.nsa.gov/publications/publi00017.pdf

Securing Record Communications: The TSEC/KW-26 Melville Klein Preface One of the missions of the National Security Agency (NSA) is to protect classified information whether in storage, processing, or transit. Collectively, information system security (INFOSEC) is the development and application of hardware, software, and doctrine. The “in transit” element, called communications security (COMSEC), assures that the underlying information is protected from external exploitation, disruption, or misrepresentation and is available only to authorized recipients. This brochure tells the cradle-to-grave story of highly successful cryptographic equipment for teletypewriter (TTY) communications, the TSEC/KW-26 and the people who developed, produced, and fielded it. (The italicized words are defined in the appended glossary.)

[Cipher77]

The term COMSEC (Communications Security) is not a term used to identify a division at the NSA that may or may not exist. Do you really know what you are talking about??

Craig

I doubt it... he's a troll. I have first-hand knowledge that several of his facts are wrong.

Ok, what is your first hand knowledge and on what facts of mine are wrong. Also proove my facts wrong, if you cannot, it's just your opinion. Everyone has one, just not all of them are fact.

I'm obviously a troll that has some experience and knowledge regarding the things that I post. I saw something that wasn't (in my experiences) entirely correct, so I put in my 2 cents and get a plethora of resistance. Why be closed minded? take all info into account and make an educated descision. That's what I do when I read all of the posts here. I've learned a great deal of info from everyone here & was hoping to contribute rather than sponge info.

[cgroftmc]

The term COMSEC (Communications Security) is not a term used to identify a division at the NSA that may or may not exist. Do you really know what you are talking about??

Craig

IF you're so intelligent, why don't you know how to at least research what you are talking about before you post. Unlike you, I can back up what I say with proof:

taken from the NSA.gov website:

http://www.nsa.gov/publications/publi00017.pdf

Securing Record Communications: The TSEC/KW-26 Melville Klein Preface One of the missions of the National Security Agency (NSA) is to protect classified information whether in storage, processing, or transit. Collectively, information system security (INFOSEC) is the development and application of hardware, software, and doctrine. The “in transit” element, called communications security (COMSEC), assures that the underlying information is protected from external exploitation, disruption, or misrepresentation and is available only to authorized recipients. This brochure tells the cradle-to-grave story of highly successful cryptographic equipment for teletypewriter (TTY) communications, the TSEC/KW-26 and the people who developed, produced, and fielded it. (The italicized words are defined in the appended glossary.)

Your poof post only proves that you cant read. COMSEC means communications security. Nothing more nothing less. I'll ask the question again do you really know what you are talking about, or are you one of the google smart trolls that thinks he does?

[bellersley]

If I may.

I took Computer Science in School, I have a personal interest in cryptography, although sometimes the math can get me. Anyways. I don't claim to be an expert, nor do I have any "insider" information.

However, you claim that people only have access to what the NSA "wants" us to have. With mass-communications media like the Internet, I have access to things from all over the world. What would stop me from downloading an encryption algorithm? Who's to say some encryption algorithm from Germany (as an example) has been "approved" by the NSA?

Sure, we can sit here and speculate that the NSA has more technology than we would ever want to know - but what if they don't? What if the simple fact is that AES DOESN'T have a back door, and CAN'T be monitored by the NSA? If you have kept with the times in the last 15 years or so, you should know that often, reality is VASTLY different from what people percieve it to be.

Maybe the NSA has a secret decoder ring that can decrypt anything they throw it at. Or maybe they're reading this thread thinking "Geeze...we really are behind the times". Simple fact is that we don't know, and those who do know, will never tell. Instead of posting "insider" information that can't ever be proven even if it is true, why not stick to the facts that can be proven. It makes you look like less of a "troll" or what have you.
[/quote]

[mr.syntrx]

Obviously there is a miscommunication:

"No. The publication of cryptographic algorithms is protected by the First Amendment of the US Constitution. See Bernstein vs USDOJ (1999). Only the use of algorithms developed by Uncle Sam like FASCINATOR are restricted. "


This is the crypto that I'm talking about!!! The name of the crypto that you had mentioned is TYPE I or II COMSEC (Communications Security Division of the National Security Agency). They make the rules, crypto and standards for the U.S. Govt.
This is the crypto that the Federal agencies under the DoD or the Department of the Treasury (FBI, USSS) that deal with issues of national security use NOT AES!!!

No there isn't. You explicitly spouted the following nonsense about the DSA:

"It's only available to you because they (NSA) said so."

I will say it again: The development, use and study of cryptographic algorithm is protected by the First Amendment. This means the NSA has no say at all in what Joe Public can and can't use, as long as Joe doesn't use one of the man's ciphers without permission.

Securing Record Communications: The TSEC/KW-26 Melville Klein Preface One of the missions of the National Security Agency (NSA) is to protect classified information whether in storage, processing, or transit. Collectively, information system security (INFOSEC) is the development and application of hardware, software, and doctrine. The “in transit” element, called communications security (COMSEC), assures that the underlying information is protected from external exploitation, disruption, or misrepresentation and is available only to authorized recipients. This brochure tells the cradle-to-grave story of highly successful cryptographic equipment for teletypewriter (TTY) communications, the TSEC/KW-26 and the people who developed, produced, and fielded it. (The italicized words are defined in the appended glossary.)

In no way does this provide any indication that the NSA has an organisational unit called "COMSEC". I'm at a loss as to why you posted it.


Go away, troll.

[Cipher77]

If I may.

I took Computer Science in School, I have a personal interest in cryptography, although sometimes the math can get me. Anyways. I don't claim to be an expert, nor do I have any "insider" information.

However, you claim that people only have access to what the NSA "wants" us to have. With mass-communications media like the Internet, I have access to things from all over the world. What would stop me from downloading an encryption algorithm? Who's to say some encryption algorithm from Germany (as an example) has been "approved" by the NSA?

Sure, we can sit here and speculate that the NSA has more technology than we would ever want to know - but what if they don't? What if the simple fact is that AES DOESN'T have a back door, and CAN'T be monitored by the NSA? If you have kept with the times in the last 15 years or so, you should know that often, reality is VASTLY different from what people percieve it to be.

Maybe the NSA has a secret decoder ring that can decrypt anything they throw it at. Or maybe they're reading this thread thinking "Geeze...we really are behind the times". Simple fact is that we don't know, and those who do know, will never tell. Instead of posting "insider" information that can't ever be proven even if it is true, why not stick to the facts that can be proven. It makes you look like less of a "troll" or what have you.

[/quote]

Hi Bellersley!!

First off, I would like to thank you for your gentlemenly-like, ascertive approach to this post (unlike the others that enjoy the sophomoric approach that they have taken).

Fact or not that's what I know & people can take it or leave it as far as I am concerned. I just wish that people would know a little bit about what they are talking about before they start making acusations. At least I am able to proove some things that I have talked about (COMSEC for instance).

As far as your quote, "However, you claim that people only have access to what the NSA "wants" us to have. With mass-communications media like the Internet, I have access to things from all over the world. What would stop me from downloading an encryption algorithm? Who's to say some encryption algorithm from Germany (as an example) has been "approved" by the NSA?

Go ahead and download it & try utilizing it in some form of application. Then sit back & see how long it will take before the "red flags" go up in Fort Meade. Maybe something will happen, maybe not. I'm sure if they are familiar with it, you'll just be put on a list of people to "watch".

All I am saying is that the world is more than what meet the eye & that the earth is round. If Columbus had listened to everyone telling him that the earth was flat, he would of never sailed over here. He had a good idea & was able to think outside the box. He wasn't "one of the sheep" (as most people in this country are -- believing everything that is told to them) but rather the sheperd


Thanx Bellersley,

It was a pleasure replying to your post.

Cheers.