O=MiniTruth CN=Big Brother :: The NSA Backdoor in Lotus Notes

by Volker Weber

Before the US crypto export regulations were finally disolved the export version of Lotus Notes used to include a key escrow / backdoor feature called differential cryptography. The idea was that they got permission to export 64 bit crypto if 24 of those bits were encrypted for the NSA's public key. The NSA would then only have the small matter of brute-forcing the remaining 40 bits to get the plaintext, and everyone else would get a not-that-great 64 bit key space (which probably already back then NSA would have had the compute power to brute force also, only at higher cost).

More >

[Thanks, Giorgio]

Comments

Let‘s put it in another perspective: these days we offered an encryption out-of-the box that was so powerful it had to be controlled by the NSA. Still it was powerful against other countries outside the 5 eyes or industrial espionage. And by the way: I‘ve explained the ‚workload reduction factor‘ feature in every course I‘ve held, as it was clearly documented. Second thing: Notes in France could only be sold with a totally crippled encryption mandated by french law. So 3 versions: France, US and rest-of-world.

Stefan Hefter, 2019-12-30

To the extent I follow the debate, the ongoing controversy on encryption is limited to E2E messaging and data on personal devices. Is it sound to assume that this is because cloud-stored data and communications can be tapped without much ado anyway? Ie „competent authorities“ can easily listen to Skype calls or do nice searches on O365 Sharepoint data? If so, the situation today might be worse than in those days, where access was transparent (Stefan: „I‘ve explained...“) and information could be ringfenced more easily.

Peter Daum, 2019-12-31

Post a comment

Store next two fields in a cookie for you?




Use your full name and a working email address. Unless you want your comment to be removed. No kidding.

Recent comments

Manfred Wiktorin on Digitalisierung ist schwierig at 23:03
Markus Weimer on Digitalisierung ist schwierig at 22:33
Bodo Menke on Digitalisierung ist schwierig at 22:27
Volker Barth on Yahoo, Altavista, Google. Next? at 20:18
Volker Weber on From my inbox at 18:47
Mark Haust on From my inbox at 18:34
Patrick Bohr on Yahoo, Altavista, Google. Next? at 12:42
Patrick Bohr on Yahoo, Altavista, Google. Next? at 12:41
Volker Weber on From my inbox at 10:26
Volker Weber on From my inbox at 10:25
Frank Quednau on From my inbox at 10:04
Nina Wittich on Yahoo, Altavista, Google. Next? at 12:07
Nina Wittich on Surface Laptop 3 :: Ein blinde Empfehlung at 10:45
Volker Weber on From my inbox at 10:34
Frank Quednau on From my inbox at 09:58
Thomas Cloer on Yahoo, Altavista, Google. Next? at 22:03
Götz Görisch on Android One ist überbewertet at 20:52
Jochen Kattoll on Yahoo, Altavista, Google. Next? at 16:59
Manuel Fischer on Android One ist überbewertet at 13:59
Stefan Pfeiffer on Yahoo, Altavista, Google. Next? at 13:06
Thomas Cloer on Yahoo, Altavista, Google. Next? at 10:12
Ragnar Schierholz on Chredge is here at 10:06
Roland Dressler on Surface Laptop 3 :: Ein blinde Empfehlung at 10:06
Lars Berntrop-Bos on Android One ist überbewertet at 09:52
Lars Berntrop-Bos on Android One ist überbewertet at 09:14

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 03:59

visitors.gif

buy me coffee

Paypal vowe