FC: Danish police break "Safeguard" encryption program in tax case

[Declan McCullagh <declan () well com>]

[From the cryptography mailing list. --Declan]

**********

From: =?iso-8859-1?Q?Bo_Elkj=E6r?= <bo.elkjaer () eb dk>
Subject: Utimacos Safeguard Easy broken by danish police in tax evation ca
        se
Date: Tue, 7 Aug 2001 22:51:08 +0200 

The german encryption program Safeguard Easy has been broken by the danish
police. Today the police from the city Holstebro in Jutland presented
evidence in court, that was provided after breaking the encryption on five
out of sixteen computers that where seized april 25 this year.

All 16 computers were protected with Safeguard Easy from the german
encryption provider Utimaco. It is not known whether DES, 128-bit IDEA,
Blowfish or Stealth was used as algorithm on the computers. All four
algorithms are built in Safeguard Easy. Details are sparse. It is not known
how the encryption was broken, whether it was brute forced or flaws in the
program was exploited.

The computers where seized from the humanitarian (leftwing) foundation Tvind
(Humana) in connection with a case about tax evation. Among the evidence
provided from the encrypted computers were emails sent among the leaders of
the foundation, Poul Jorgensen and Mogens Amdi Petersen describing transfers
of large sums of money.

Apparantly, but not confirmed, british Scotland Yard has been involved in
breaking the encryption. The danish police doesn't have the capacity to
break encryption by themselves. Neither has the danish civilian intelligence
service. Routine is that cases concerning encryption is handed over to the
danish defence intelligence service DDIS. This procedure has been described
earlier this year by the danish minister of justice in connection with
another case. DDIS denies involvement with the Tvind case.

Employees and leaders at Tvind has denied handing over their passwords to
the computers. One even wrote a public letter mocking the chief of police in
Holstebro, describing how he changed his password weekly, and stating that
he'd probably even forgotten his password by now. At a time, the police
concidered putting employees in custody until passwords were handed over.

Thats all for now

Bo Elkjaer, Denmark

********

Date: Tue, 7 Aug 2001 16:25:03 -0700 (PDT)
From: "Jay D. Dyson" <jdyson () treachery net>
Subject: Re: Utimacos Safeguard Easy broken by danish police in tax evation ca se

-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 7 Aug 2001, [iso-8859-1] Bo Elkj=E6r wrote:=20

> All 16 computers were protected with Safeguard Easy from the german
> encryption provider Utimaco. It is not known whether DES, 128-bit IDEA,
> Blowfish or Stealth was used as algorithm on the computers. All four
> algorithms are built in Safeguard Easy. Details are sparse. It is not
> known how the encryption was broken, whether it was brute forced or
> flaws in the program was exploited.

=09If the OS used was Windows, it's quite likely that the plaintext
and/or passphrases were recovered in the Windows swap file.  Barring OS
considerations, it's also possible that the police put a keystroke logger
on the system, just as the FBI here in the States did with an organized
crime suspect.=20

=09My gut sense is that, since only five of sixteen systems were
"cracked," it seems likely that it was the swap file that let the cat out
of the bag.  Even so, a flaw in the cryptosystem should be investigated
and proven or ruled out.

=09Let us not also forget that people can be pressured to divulge
passphrases.  Rubber-hose cryptanalysis isn't just a humorous concept.

- -Jay

  (    (                                                         _______
  ))   ))   .-"There's always time for a good cup of coffee."-.   >=3D=3D=
=3D=3D<--.
C|~~|C|~~| (>------ Jay D. Dyson - jdyson () treachery net ------<) |    =3D |=
-'
 `--' `--'  `-Speak softly and carry a thermonuclear warhead.-'  `------'

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iQCVAwUBO3BqwrlDRyqRQ2a9AQFgLQP/cUACUkIv9xZI77Nh6nbwHlYi4bpDX94K
wBJ22Gt6eAecC0NT4LpE5uKn/6AR8+KUD6jXSoefKsQQa+THCz+hrPMmowqzgtQ1
FQLvOK+7VBGckPztqOD6zimW0IPTYDzI5/uP8j6OxNyQJo2gX/y7uiIOCwZML9/i
bHPhCzAdRGc=3D
=3D57oN
-----END PGP SIGNATURE-----

*********



-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------