MI5

D.P.

D.P.

D.P.

Caporegime
Joined
18 Oct 2002
Posts
32,618
Seriously though anyone who is worried about their privacy just uses encryption anyhow, which totaly negates this.
Click to expand...

Apart form the fact that GTAC holds a copy of your private key allowing them to read all your encrypted data!

Best to pass on any important information in person, its the only secure method.
 

Una

Una

Una

Associate
Joined
26 Nov 2004
Posts
2,471
Location
Reading / Lake District
D.P. said:
Apart form the fact that GTAC holds a copy of your private key allowing them to read all your encrypted data!

Best to pass on any important information in person, its the only secure method.
Click to expand...

Erm no, I have written my own encyption algorithm in the past. I admit its not very strong, and wouldn't take that long to break. But the goverment certainly does not have a copy of the keys. RSA algorithm is public and has been peer reviewed by a lot of people. Its one of the ones I would trust to last a while.

This is why the USA goverment were very ****** with Zimmerman with PGP.

One-time pads coupled with stenography... for public key passing make it hard to see the key exchange either.

A public key encyption system, allows the public key to be shared without having prior access to the private key.
 
Last edited:

D.P.

D.P.

D.P.

Caporegime
Joined
18 Oct 2002
Posts
32,618
Una said:
Erm no, I have written my own encyption algorithm in the past. I admit its not very strong, and wouldn't take that long to break. But the goverment certainly does not have a copy of the keys. RSA algorithm is public and has been peer reviewed by a lot of people. Its one of the ones I would trust to last a while.

This is why the USA goverment were very ****** with Zimmerman with PGP.

One-time pads coupled with stenography... for public key passing make it hard to see the key exchange either.

A public key encyption system, allows the public key to be shared without having prior access to the private key.
Click to expand...

Of course if you use your own encryption algorithm they wont but most public available encryptiopn software commonly used has both backdoors and arrangements with security agencies. Even the webpage posted above mentions this:

http://cndyorks.gn.apc.org/mhs/
"Of course, the US is not the only country to electronically eavesdrop, in the UK the newly opened Government Technical Assistance Centre (GTAC ) is operating from inside MI5's headquarters at Thames House, Millbank. Here, codes used for private email or to protect files on personal computers are broken. It will also receive and hold private keys under the RIP (Regulation of Investigatory Powers) Act [ 17 ]."

Read an interesting article a year or so ago but can't find it now.
 

D.P.

D.P.

D.P.

Caporegime
Joined
18 Oct 2002
Posts
32,618
But RIP does differ to the idea of a governemtn private key escrow service, the idea is much the same.
 

Una

Una

Una

Associate
Joined
26 Nov 2004
Posts
2,471
Location
Reading / Lake District
PGP and RSA for example provide the source code. Its pretty easy to spot a backdoor when you got thousands of mathmo's/cryptanalysis looking at it. Most people who use cryptography know exactly the risks a poor algorithm can bring.
The general population as a whole does not use it :)

If you use something like Skipjack/Blowfish etc.. you get what deserve tbh. Security by by obscurity is always bad.

Yes keys have to be handed over if requested by the goverment. If you had nothing to hide, no problems. If you did you then do you really think your going to hand them over? :) End of the day with cryptopgraphy unless the algorithm is trivial (blowfish etc..), there would be better methods (breaking legs, keyloggers etc :)) to extract the keys hehe.

RIP act only really effects/inconveniences the normal users. The bad guys have the options of using IPSec/many other methods etc...
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom