O=MiniTruth CN=Big Brother :: The NSA Backdoor in Lotus Notes

by Volker Weber

Before the US crypto export regulations were finally disolved the export version of Lotus Notes used to include a key escrow / backdoor feature called differential cryptography. The idea was that they got permission to export 64 bit crypto if 24 of those bits were encrypted for the NSA's public key. The NSA would then only have the small matter of brute-forcing the remaining 40 bits to get the plaintext, and everyone else would get a not-that-great 64 bit key space (which probably already back then NSA would have had the compute power to brute force also, only at higher cost).

More >

[Thanks, Giorgio]

Comments

Let‘s put it in another perspective: these days we offered an encryption out-of-the box that was so powerful it had to be controlled by the NSA. Still it was powerful against other countries outside the 5 eyes or industrial espionage. And by the way: I‘ve explained the ‚workload reduction factor‘ feature in every course I‘ve held, as it was clearly documented. Second thing: Notes in France could only be sold with a totally crippled encryption mandated by french law. So 3 versions: France, US and rest-of-world.

Stefan Hefter, 2019-12-30

To the extent I follow the debate, the ongoing controversy on encryption is limited to E2E messaging and data on personal devices. Is it sound to assume that this is because cloud-stored data and communications can be tapped without much ado anyway? Ie „competent authorities“ can easily listen to Skype calls or do nice searches on O365 Sharepoint data? If so, the situation today might be worse than in those days, where access was transparent (Stefan: „I‘ve explained...“) and information could be ringfenced more easily.

Peter Daum, 2019-12-31

Old vowe.net archive pages

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Paypal vowe