[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FW: Utimacos Safeguard Easy broken by danish police in t




------- Forwarded message follows -------
From:           	"Caspar Bowden" <cb@fipr.org>
To:             	"Ukcrypto" <ukcrypto@chiark.greenend.org.uk>
Subject:        	FW: Utimacos Safeguard Easy broken by danish police in tax evation case
Date sent:      	Wed, 8 Aug 2001 01:05:38 +0100
Send reply to:  	ukcrypto@chiark.greenend.org.uk

Cross-post from  cryptography@wasabisystems.com list

-----Original Message-----
From: owner-cryptography@wasabisystems.com
[mailto:owner-cryptography@wasabisystems.com] On Behalf Of Bo Elkjær
Sent: 07 August 2001 21:51 To: cryptography@wasabisystems.com Subject:
Utimacos Safeguard Easy broken by danish police in tax evation case


The german encryption program Safeguard Easy has been broken by the
danish police. Today the police from the city Holstebro in Jutland
presented evidence in court, that was provided after breaking the
encryption on five out of sixteen computers that where seized april 25
this year.

All 16 computers were protected with Safeguard Easy from the german
encryption provider Utimaco. It is not known whether DES, 128-bit
IDEA, Blowfish or Stealth was used as algorithm on the computers. All
four algorithms are built in Safeguard Easy. Details are sparse. It is
not known how the encryption was broken, whether it was brute forced
or flaws in the program was exploited.

The computers where seized from the humanitarian (leftwing) foundation
Tvind (Humana) in connection with a case about tax evation. Among the
evidence provided from the encrypted computers were emails sent among
the leaders of the foundation, Poul Jorgensen and Mogens Amdi Petersen
describing transfers of large sums of money.

Apparantly, but not confirmed, british Scotland Yard has been involved
in breaking the encryption. The danish police doesn't have the
capacity to break encryption by themselves. Neither has the danish
civilian intelligence service. Routine is that cases concerning
encryption is handed over to the danish defence intelligence service
DDIS. This procedure has been described earlier this year by the
danish minister of justice in connection with another case. DDIS
denies involvement with the Tvind case.

Employees and leaders at Tvind has denied handing over their passwords
to the computers. One even wrote a public letter mocking the chief of
police in Holstebro, describing how he changed his password weekly,
and stating that he'd probably even forgotten his password by now. At
a time, the police concidered putting employees in custody until
passwords were handed over.

Thats all for now

Bo Elkjaer, Denmark



---------------------------------------------------------------------
The Cryptography Mailing List Unsubscribe by sending "unsubscribe
cryptography" to majordomo@wasabisystems.com




------- End of forwarded message -------