[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: does Web TV use forward secret cipher-suites? (Re: Web TV with 128b exported)

To: [email protected]
Subject: Re: does Web TV use forward secret cipher-suites? (Re: Web TV with 128b exported)
From: Information Security <[email protected]>
Date: Thu, 8 Oct 1998 17:35:12 -0400 (EDT)
Sender: [email protected]


   >   From: Adam Back <[email protected]>
   >
   >   This is as others have noted cisco's doorbelling approach to GAK --
   >   having routers and automated systems doing decryption, and allowing
   >   LEA either direct access (possibly in this case), or access via
   >   complicit operators.
   >
   >   One question which might help determins just how bad this Web TV thing
   >   is, is does it use the forward secret ciphersuites.
   >
   >   If it did use FS ciphersuites, if the LEA starts reading traffic after
   >   some point (by asking the WebTV operators to do so, or by using a
   >   special LEA operator mode), he can't get all old traffic.
   >
   >   The EDH (ephemeral DH) modes are forward secret because a new DH key
   >   is generated for each session.
   >
   >   Some of the RSA modes are forward secret, but only on export grade RSA
   >   key sizes (512 bit).
   >
   >   As it got export permission, I fear the worst.  Perhaps even special
   >   LEA operator access.

Normally, an announcement of 128-bit crypto capabilities for a
home computer would mean the user has control of said crypto.

The WebTV computer:   http://developer.webtv.net/docs/sysgde/Default.htm

   o WebTV supports connectivity to the ISP of your choice.

   o Internet access (PPP, PAP)

   o HTML 1.0; HTML 2.0; HTML 3.2; frames compatibility; JavaScript 1.2

   o Image: GIF89a animation; JPEG; Progressive JPEG; PNG; TIFF-G3 fax in e-mail;
     X bitmap; Macromedia[tm] Flash 1.0

   o Audio: AU; . WAV; Real Audio 1.0; 2.0; 3.0; AIFF; Shockwave[tm] Audio; GSM;
     MPEG-1 Audio; MPEG-2 Audio; MPEG Layer 3; MOD; General MIDI; MIDI Karaoke;
     Quicktime audio; Zip decompression

   o Video: PEG-1 Video; MPEG-3 Video; VideoFlash[tm]

   o Processor: 112/167 Mhz R4640 processor

   o Security: SSL version 2 and 3; 40bit and 128bit RC4 encryption;
     root certificates for GTE, RSA Data Security (VeriSign), Thawte,
     and VeriSign Class 3 digital certificates

Can WebTV send end-to-end encrypted email to any other Net user?

Nope.

The press release claiming WebTV has 128-bit security
is another low in advertising obtuseness.
---guy

Prev by Date: IP: White House Accused of Data Theft
Next by Date: Re: propose: `cypherpunks license' (Re: Wanted: Twofish source code)
Prev by thread: IP: White House Accused of Data Theft
Next by thread: Re: Something else about 'freedom'... (fwd)
Index(es):
- Date
- Thread