O=MiniTruth CN=Big Brother :: The NSA Backdoor in Lotus Notes

by Volker Weber

Before the US crypto export regulations were finally disolved the export version of Lotus Notes used to include a key escrow / backdoor feature called differential cryptography. The idea was that they got permission to export 64 bit crypto if 24 of those bits were encrypted for the NSA's public key. The NSA would then only have the small matter of brute-forcing the remaining 40 bits to get the plaintext, and everyone else would get a not-that-great 64 bit key space (which probably already back then NSA would have had the compute power to brute force also, only at higher cost).

More >

[Thanks, Giorgio]

Comments

Let‘s put it in another perspective: these days we offered an encryption out-of-the box that was so powerful it had to be controlled by the NSA. Still it was powerful against other countries outside the 5 eyes or industrial espionage. And by the way: I‘ve explained the ‚workload reduction factor‘ feature in every course I‘ve held, as it was clearly documented. Second thing: Notes in France could only be sold with a totally crippled encryption mandated by french law. So 3 versions: France, US and rest-of-world.

Stefan Hefter, 2019-12-30

To the extent I follow the debate, the ongoing controversy on encryption is limited to E2E messaging and data on personal devices. Is it sound to assume that this is because cloud-stored data and communications can be tapped without much ado anyway? Ie „competent authorities“ can easily listen to Skype calls or do nice searches on O365 Sharepoint data? If so, the situation today might be worse than in those days, where access was transparent (Stefan: „I‘ve explained...“) and information could be ringfenced more easily.

Peter Daum, 2019-12-31

Post a comment

Store next two fields in a cookie for you?




Use your full name and a working email address. Unless you want your comment to be removed. No kidding.

Recent comments

Peter Meuser on Username und Passwort sind letztes Jahrtausend at 07:54
Peter Meuser on Username und Passwort sind letztes Jahrtausend at 07:48
Torben Volkmann on Username und Passwort sind letztes Jahrtausend at 23:10
Christian Heindel on mmhmm at 21:48
Bruce Elgort on mmhmm at 17:42
Bernd Schuster on From my inbox at 16:02
Gabriel Schneider on From my inbox at 15:44
Marco Schirmer on mmhmm at 14:52
Mathias Ziolo on From my inbox at 14:44
Stephan Herz on mmhmm at 10:40
Marko Schulz on mmhmm at 10:22
Ian Bradbury on mmhmm at 09:50
Ragnar Schierholz on mmhmm at 09:27
Tobias Vogel on ThinkVision M14t :: Ein mobiler Monitor rüstet Touch und Stift nach at 08:54
Tobias Vogel on mmhmm at 08:51
Peter Meuser on Username und Passwort sind letztes Jahrtausend at 22:29
Volker Weber on Passwort-Regeln :: Ich bin etwas überrascht at 22:11
Bernd Waterkamp on Passwort-Regeln :: Ich bin etwas überrascht at 21:53
Torben Volkmann on Username und Passwort sind letztes Jahrtausend at 20:42
Markus Dierker on ThinkVision M14t :: Ein mobiler Monitor rüstet Touch und Stift nach at 20:25
Sven Richert on Passwort-Regeln :: Ich bin etwas überrascht at 19:42
Volker Weber on FRITZ!OS 7.20 ist da :: FRITZ!Box 7590 at 09:28
Johannes Matzke on FRITZ!OS 7.20 ist da :: FRITZ!Box 7590 at 06:53
Ian Bradbury on The corona virus may be airborne at 21:51
Samuel Orsenne on Eve Tagesangebote at 21:05

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 09:50

visitors.gif

Paypal vowe