Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp6813539ybn; Mon, 30 Sep 2019 04:18:15 -0700 (PDT) X-Google-Smtp-Source: APXvYqzhjE8GVoYKeW6F1y6WxWAyTaWZxigmFFcytFnWPpJAo1EqpYUPUi1trcXrlRbPoyK8SuY1 X-Received: by 2002:a50:d49c:: with SMTP id s28mr19161533edi.101.1569842294937; Mon, 30 Sep 2019 04:18:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569842294; cv=none; d=google.com; s=arc-20160816; b=L374KCpcJz4lSvHWUjVkSrLEgjtyQOl5QXqjCMHiIAHqzFM3TFSCYEy3e92/Bu5nvS 4y8ejOKarMYmHuvvYreJeiWJ/B7iY+csvAeuqfMw3tjOQ+P71UEkM8MsC3nDI23T2ncq /M20vRU0fuoIq0TXYk2uqDK0MR975Q1rJE4I7nIil11rcyIzxwqR+bxPZ1sd9pBjLMrO Bo944Vo9ejI/UX5Vj0SBRjCGLCvTquB9AH7PlR/Imbuxv+jYvjBe4O+wI57cw/LVgiHo HP5Ny4x30F9lMSiPTepljvVqgNwAaQn7gYKKxdbTmaSpxvvR1sj0yNG9ukBSMNT2ybAl 9VxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=JpDZCkYKV4d3hGGM6Rs6axRC7FJzhKLVqOI37XHn9f8=; b=ttoBSr/3DS6UYlokShVBo0nS9XDGYQ/j+Os+WDF2DeZPLj/emclNrZV2NaOXGdxLmz YiTdRmSvX74egI66mE5Yg3Jo8WLhj63Ff+8bQWjgEHxSL941O77JsXCP7oNx1I4IuCBI fG8IKnE69GPfQFxL+HDFMXdI0zGAk0SSP03+T/RBQABAbnZiN3mXZW/J8Y0w8Nu2y2pU Ijg+NiBNzPvMI5lED6derFtX7PPP/sN+s3sKD2KSOrctmziaX0nMVfkEqM9RvM1KzU1u MKksnT7b0XU8qmo5Q92hfW//TV81Z5yTrWPPF92GFB0WuIjoDN+dnRwyl3QP/g8mO4S8 Aljg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d15si6553839edb.7.2019.09.30.04.17.44; Mon, 30 Sep 2019 04:18:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730931AbfI3LO2 (ORCPT + 99 others); Mon, 30 Sep 2019 07:14:28 -0400 Received: from ns.iliad.fr ([212.27.33.1]:36304 "EHLO ns.iliad.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729870AbfI3LO1 (ORCPT ); Mon, 30 Sep 2019 07:14:27 -0400 Received: from ns.iliad.fr (localhost [127.0.0.1]) by ns.iliad.fr (Postfix) with ESMTP id DDB6620274; Mon, 30 Sep 2019 13:14:25 +0200 (CEST) Received: from [192.168.108.37] (freebox.vlq16.iliad.fr [213.36.7.13]) by ns.iliad.fr (Postfix) with ESMTP id A199D20187; Mon, 30 Sep 2019 13:14:25 +0200 (CEST) Subject: Re: France didn't want GSM encryption To: Linus Torvalds , Pascal Van Leeuwen Cc: Linux Crypto Mailing List , Linux ARM References: <20190925161255.1871-1-ard.biesheuvel@linaro.org> <20190925161255.1871-19-ard.biesheuvel@linaro.org> From: Marc Gonzalez Message-ID: <3e5347a2-9aa7-bffb-2343-42eda87a6c83@free.fr> Date: Mon, 30 Sep 2019 13:14:24 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP ; ns.iliad.fr ; Mon Sep 30 13:14:25 2019 +0200 (CEST) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org [ Trimming recipients list ] On 27/09/2019 18:23, Linus Torvalds wrote: > It's not the crypto engine that is part of the untrusted hardware. > It's the box itself, and the manufacturer, and you having to trust > that the manufacturer didn't set up some magic knocking sequence to > disable the encryption. > > Maybe the company that makes them is trying to do a good job. But > maybe they are based in a country that has laws that require > backdoors. > > Say, France. There's a long long history of that kind of thing. > > It's all to "fight terrorism", but hey, a little industrial espionage > is good too, isn't it? So let's just disable GSM encryption based on > geographic locale and local regulation, shall we. > > Yeah, yeah, GSM encryption wasn't all that strong to begin with, but > it was apparently strong enough that France didn't want it. Two statements above have raised at least one of my eyebrows. 1) France has laws that require backdoors. 2) France did not want GSM encryption. The following article claims that it was the British who demanded that A5/1 be weakened (not the algorithm, just the key size; which is what the USgov did in the 90s). https://www.aftenposten.no/verden/i/Olkl/Sources-We-were-pressured-to-weaken-the-mobile-security-in-the-80s Additional references for myself https://lwn.net/Articles/368861/ https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States https://gsmmap.org/assets/pdfs/gsmmap.org-country_report-France-2017-06.pdf https://gsmmap.org/assets/pdfs/gsmmap.org-country_report-France-2018-06.pdf https://gsmmap.org/assets/pdfs/gsmmap.org-country_report-France-2019-08.pdf As for your first claim, can you provide more information, so that I could locate the law(s) in question? (Year the law was discussed, for example.) I've seen a few propositions ("projet de loi") but none(?) have made it into actual law, as far as I'm aware. https://www.nextinpact.com/news/98039-loi-numerique-nkm-veut-backdoor-dans-chaque-materiel.htm https://www.nextinpact.com/news/107546-lamendement-anti-huawei-porte-pour-backdoors-renseignement-francais.htm Regards.