Thursday, July 11, 2013

Cleaning up my crypto

Given the current state of things, I'm cleaning up and updating my crypto regime.

I don't know how many times I've said it, but anything sent in plain text over a wireless network, or across the internet; no matter what your endpoint, last mile, or client to server security might be; is effectively publicly readable information.

Never mind the NSA, half the time script kiddies can read this stuff without too much effort.

It's not so much the data in flight you need to worry about (though that's not exactly invulnerable either), it's what happens to that data once it actually hits a server. It's the data at rest, wherever and however it may be at rest, for however long it may be.

How secure is that server? Is that data stored in plain text? Is it in databases and spools and caches in the clear? Is the data sent from server to server in the clear? Are the backups of all those systems secure?

And for that matter, how secure is your OWN internal network? Your machine may be clean and virus free, and uncompromised... but is your wireless router? Is every computer inside your network just as clean? Are they listening to your communications, or browsing your fileshares?

If you want to protect confidential or higher information, or communicate with any degree of confidentiality; you MUST use strong encryption, preferably both in flight and at rest.

Now, security geeks, cypherpunks, and other professional and enthusiastic amateur paranoids, have known and internalized these things for years; but the general public STILL doesn't really understand them even today.

Maybe the NSA thing will wake some folks up...

Part of the problem though, is that encryption is inconvenient and irritating. Even for a professional like me, there's still a number of things I'd like to use strong encryption for or with; where there either aren't any usable options, or those that are available are a major pain.

It's better today than it used to be however; and at this point I'm going to take advantage of that fact to clean up and simplify.

A few years ago, I was stuck using several different solutions, even just in my personal life, because there weren't well supported cross platform open source implementations and solutions, for the various things I need crypto for. As of now, that's no longer true with some minor exceptions (secure encrypted instant messaging, and encrypted voice communications for example).

I'm now standardizing on GnuPG (or any open source OpenPGP implementation, as they should all be interoperable) and TrueCrypt; because they work well, are well supported, and do what I need them to do, on the platforms I need them.

I've mostly used those two solutions for a while, but had a few others lying around. As of now, I'm 100% on GnuPG and TrueCrypt unless they are unsupported in the application I need encryption for.

Yes, I know, open source purists don't like TrueCrypt because of its licensing terms (it's source available, but not fully redistributable), but as of right now, it's the best cross platform solution I've found for what it does.

I'm also moving my defaults to 4096 bit keys, AES256 and SHA512 (well... they have been for a while now, but I still had some other stuff lying around).

There are more secure algorithms, particularly more secure hashing algorithms out there, but these are the most secure that are widely supported by multiple platforms and devices.

At this point, 1024 bit keys are factorable, within a few hours to a few days, using COTS equipment and software. Simply speaking, 1024 bit keys are no longer secure; and have been deprecated or outright revoked and banned, by most reputable authorities.

In theory 2048 bit keys are not factorable within a "reasonable computational horizon", but we thought the same thing about 1024 bit keys up until the early 2000s. The current "official" government estimate, is that, if computing power increases at approximately the same rate it has averaged over the past ten years, 2048 bit keys will be viable til 2030.

... but until 2003, we thought 1024 bit keys would be viable til at least 2050; and until 2010, we thought they'd be good 'til 2020.

The disadvantage to going to a longer key of course is computational. Longer keys mean more resource use in encipher/decipher... but these days, our devices have CPU to spare.

Most software and devices support 4096 bit keys now, so I decided just to skip 2048 and go to 4096. If I find I have to work with a device/platform/software that only supports 2048, I'll generate a subkey.

Some would ask "why are you exposing your solutions publicly, doesn't that make compromising you easier?"

Well, it could... but I don't believe in security through obscurity.

Any encryption solution is going to have weaknesses, and it is relatively trivial to figure out what tools you are using to encrypt. If you're going to be using crypto with the outside world, you HAVE to expose this (generally speaking)... So really there's little point in trying to hide it. Conversely, listing my solutions, will make it easier for others to use crypto with me.

Now, to the irritating details...

Revocation of all previous keys

As of July 1st, I've issued revocations for the keychains I still have the keypairs for. There are a number of keypairs out there that I don't have the private key of anymore for various reasons.

All keys, signatures, keychains etc... issued or reported for the following identities, addresses, or KeyIDs before July 1st 2013 are invalid:

----- UID/email/KeyID -----

Christopher Jason Byrne IV
Christopher J. Byrne IV
Christopher Byrne
Chris Byrne
Christopher Jason Dinsmore
Christopher J. Dinsmore
Christopher Dinsmore
Chris Dinsmore

chris@chrisbyrne.com
cbyrneiv@gmail.com
cbyrneiv@hotmail.com
cbyrneiv@yahoo.com
cbyrneiv@aol.com
chris@byrne.net
jobs@chrisbyrne.com
cbyrneiv@securedefense.net
christopher.byrne@wellsfargo.com
christopher.byrne@hp.com
christ.byrne@avistacorp.com
cbyrne@insl.ie
cbyrne@dataedge.ie
christopher.byrne@lmco.com
byrnec@lmco.com
dinsmoc@mediaone.net
dinsmoc@yahoo.com
dinsmoc@aol.com
dinsmoc@pr.erau.edu
dinsmoc@erau.edu

0E818683
DDA5B467
9CCD73A0
F1467FEE
3EC03718
CB0C43FB
67A82CF2
04ADC0C6
89A7A21D
24B839DD

----- UID/email/KeyID -----

My current valid key is available via public keyservers

keyID: 85BF0B25
Issue date: July 2nd 2013
NAME/UID: Christopher Byrne < cbyrneiv@gmail.com >
NAME/UID: Christopher Byrne < cbyrneiv@hotmail.com >
NAME/UID: Christopher Byrne < chris@chrisbyrne.com >

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)

mQINBFHScT0BEAD3KOfgiz8rquiqSFR+muTOBThixWaawMcNVKOJ8LclbINUUGb4
5d3EEX4u8vlVRZLFOwc3B6mJGlDfCSd0JnX7kk/K67EQ2uh9dQCx+Odb+Brhxb6V
YYBZMbCB0BFlk5jpPhO/Me06FV8L2u0s0Q6O37ELQm8Z+bEBNBFK6rIX6MaWmKpl
vUMcNJB+rjeFzV4XkjJo9+T/g5qsgifR6YieHgO2Dzpf3RrWw/LZZzOy+TuLYhi9
df8OwT5KVyLVQAYXIa+jhzAcc4wQt+gmDE5j08Iv94iGZZkXrRMTTLAbJSbzVAOl
fiSRDHINkNIGD7adUltEel5pYLB/V+yckjLMzA5+5i53XeFYrmDEVpmB8/2UfVyc
hONBRsMWmANjIsVnymO6BSpGnfMDXRyorfeaFTgFw79EBH2dq+zcVGKagTLHb2IY
DvvxaXORmLYb3ndiGtoQLKFPlhTGHxdDJAuRWHsRWLpqyjLswp16kl9OllR/95bl
vKyTjZoxB3+F4Ko99Y000Cr6D8WYWXTGiHcNQQbj8WYryT5jNzZTfJU3+UpxjC2K
jqOmNB3l6rNzKWo0NCkB+bcCEnMaO+/TtbKGkC0hkMuvpH9+ZTTraweunSnBV6Va
cVOcIM7o34DZmk8uQIT7Z+3dkFEjCMiFWFM6blr1HBDS5xIPSgsuLxt3dwARAQAB
tCZDaHJpc3RvcGhlciBCeXJuZSA8Y2J5cm5laXZAZ21haWwuY29tPokCOgQTAQoA
JAIbLwIeAQIXgAULCQgHAwUVCgkICwUWAgMBAAUCUd5kvQIZAQAKCRDNj7W9hb8L
JUTnEADTl6N6bXauid9GPWBBPolaKFclB3cx6tN7GNZj4o/WGxJA6agm0V2scTYT
Ty5TWmDJjEkK1peri7Ellhy2vKRxlEyd6uWnPPF0IDI/f+kJyhl7itcTN0+UUtVG
rknBYKGXFySbJV6iYEQaHgSCYeVVFvri+sMR7ApKiKEX87CTsIvuZolrl4n8JCmc
p3GgpCl0gpNlOgWlw+knajsLKRTuG+sHUdh7mxHftb35VII6SmcAcYBBpbkriZEO
ENrKV6kEHuFqGFNpvV1F3PJVXud5yh0xZ0/hRNbUjaV0v15LapotKLc80xeO3U5b
JU0siVsrl6e25OD3WtXWkdITiNAIMyjq2wwoQB76hZabfowE/WND8xCsXkj4b/rg
eitnVEsbwa33s1ev7vyi/GD+LFWunUfC0iYXuxwa9w23p0DVNp1JZeeRXDQXMmFB
8kw/KVlQDk++/newTMwH1ZN2mTythmGhgtll6MIrvlojGtZbFQWPuNFbqL3TkT32
2ZDjesl8euYxdbAEaYWHWZIDz+8jdVkfzOxipSA8ZTD/76tEY+es1/NLgo+8BeUa
ujmc1tqWf985MvWQ8QacWhqj4HTKIAngO0JshJlCr2FkHn6Y/Itdb9VBxX7k7INh
Cy36i11VL+takV5ikJdGruIGA6KSWkzlRbirpS1POrUv3XR4zrQoQ2hyaXN0b3Bo
ZXIgQnlybmUgPGNocmlzQGNocmlzYnlybmUuY29tPokCNwQTAQoAIQUCUd5ktwIb
LwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDNj7W9hb8LJRx8D/9sJyJUcNWZ
AKXq4o01hBHvdW3ACctq16Q+kMk1BoRtvzwfZZFJu0eryBf8zeUki0mKdFJmlS4J
VIwA/Wl/smgE2Or9YNmzzPBJNI9gmPOr5CxDFwJEjpsgvnfLxbLx8QjVfHb36pKR
vdK+eoS4TT89G+3DmavgWCEpRgH5aiajZ8hMIFEf2HCiLXlvIwxswyz7JyhmszRe
UiVhgQVWD9VQCg9HV2C+EEVQ8b5783bfelV/LP0KW+X8rj6JrRcmA6hm48zTPBMj
9cUs+WgfodXwewVop4DRq52SgT0EfdwbalpsHoFdozcd2W3RrJjhFD/mJOL7rOUm
3It2Nzg3UFBxdjbpTvtrylYIStnUC5j3+3sI1krMFUgelG+yxX0LqTczK9f7IiI9
ikvDt6Ss7I1w2IwMckbK3+7E2z8tvwEQfw0aYVEJerwLdDHqFmFDVBiPxvd7Maag
20lqCF4E8McsRLFPvQHPJiRB+g6cOzZX9t1zt/5eXzDMcTCG0RXchvJ9tQqU8B4I
lWcO2aDocDVp65ppXSRz6wXCKJJs50dC3ZAcDp1i8cjl7s4XtGBieui8hlxdVgJy
IHFm0nDjWu56Sj62rvfvsUQ8FJuyk3z6X5wB6ZBs+oQ4lzIFiL4+ut7pnyUf5z3h
wrxk/n/BKAHpTKimw/tVp2EV/mPGPdYeE7QoQ2hyaXN0b3BoZXIgQnlybmUgPGNi
eXJuZWl2QGhvdG1haWwuY29tPokCNwQTAQoAIQUCUd5krQIbLwULCQgHAwUVCgkI
CwUWAgMBAAIeAQIXgAAKCRDNj7W9hb8LJR6LEADyC3KB9cxnTfn1jBirYGLFvdmP
uhYPz4++bkGOhWNTfOaZSuAFgvJDXWMWcc8K9oHFZe+XYw7h2hTdSUlUmMV9h+7P
KasoebfhxHoVi6Oy5eU94OnAioanies0RZZmVny7LJTeyah3oGQ1SNesNXirVwEp
amvdZLvlGkCmaYsDtgzJkaqxoU4pVXGIY2Nz62iw70Qy4Eo9Z0JZdQaXlpw1X94P
sVlWV10dKq6yT3QWDP5pTnA3XKkHWem/paSWea3hhHhgx/6PDaF8jABuP7Ew/ADp
RwLV3+oMosZMp8Qh6fNk9GuPeH6rNEUPXyZnlLFOyJGCHp5YU9vsVj3yHdz6dfmO
s6M41NKjjIKg+EiW2sM4FhlDRMFtnyKaS78WSy8oFWyzecCB2VNbevj3m/q34Xp/
PlC+Qv/lIfZRZyv1nAoImQs+nwn23NFjmxX5joUsfuV7M8F+xRnf1OnWv19LmNCF
EjutJ5MEU/MMcx/nJiYq2X4Mxmt/UkExwO3wn+JwKUDZyxpGR7dn8mqUEmY1HcPf
bzacOy7r1hWbhwwvlQd0qf/sRyqSV76qObafM5mjY2DPvfhxYVAz2LyQuhAHg9ST
EafEPFtW2EPlN3hkmsIEhTOaXff+rmcivaa0UwhZpIMhejaMSAmm5nTE14l50dYh
MjrXnjyk8qqoQfvFEtHUxtTEARAAAQEAAAAAAAAAAAAAAAD/2P/gABBKRklGAAEB
AQBgAGAAAP/bAEMACAYGBwYFCAcHBwkJCAoMFA0MCwsMGRITDxQdGh8eHRocHCAk
LicgIiwjHBwoNyksMDE0NDQfJzk9ODI8LjM0Mv/bAEMBCQkJDAsMGA0NGDIhHCEy
MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy
Mv/AABEIAO8A8wMBIgACEQEDEQH/xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUG
BwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMABBEFEiExQQYTUWEHInEUMoGR
oQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVGR0hJSlNUVVZX
WFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0
tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAf
AQADAQEBAQEBAQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAAB
AncAAQIDEQQFITEGEkFRB2FxEyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZ
GiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqCg4SF
hoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY
2dri4+Tl5ufo6ery8/T19vf4+fr/2gAMAwEAAhEDEQA/ALtFFFYmwlBpaQ0DEooo
pDEpKU0hpAIabTqaaBiGm55pxppFIBrdaCcU6mkUikHWmmnGmmkMaaQ0ppDQA000
040ygANNNKaQ0AJSUE0maAClApKUUkDFpKWkqiQxS4xSUhagBc0UzNFFhG9SU6kN
aECUlLSUhhSGlpKBiUhp1JSAbSGnGmmgY00lONQXFxFaQPPPIEiQZZj2pDHnjJPA
Fc3qfjOwsmaK2Bu5RwdpwgP17/hXN654kutZka3tt0NnnG0HBf8A3j/Ssu3sizDg
HPeiwJNmtP4v1e5OIikAPQRpk/mar/2xrLMW+3T7h1G6p4dNYpnHP5YqVrA5xwB0
6UmzVU11C28XapbMBcItwg67hg/mK6LTfEtjqJEZbyJz/BIev0NctJAFONpwf4cd
aozWYcAovP8AKldDdPsenGmmuM0HxHJaSJZag+YScJKx5T2PtXZE5HFMzENIaU0l
IBpoopKAFpw6U2lzxSBhRmkzSE1RIE0maKSmIKKSimI6A0UUhqiQpKM0lAwopCaM
0gCiiikMQ0006kNIYwkAEk4A6muB8Sao+qziCEkWqHgf3j6mum8R3jQWQt4zh5+D
jso6/wCFYGn2KzENKCecCgqKuzBjtSOFx07dq0ILdVUDcGx1Y9hW+NHiaTjj6VUm
0O4EgRCdpbkj0zQa8rQ9FVYRt+h7nNP+zsQxXJY9zjg/0pwglR0Eq4I6du3WpopU
DY8w7ycH0xRYEVXsg4YZU7ecnpWVdW7pnqR6L2roJRiMoBsY5PB4J/CqLWcsuR5L
H9RUM0WxzVxbLJu+Xr6jBrpvDWpNLALC4P72Ifuyf4l9PqKZHpMjMTLCVXuSMf8A
66oSQPY3SyR8PG2RSUugpwurnYGkJqOKZZ4UlT7rgEU6qMBc0maTNITQApNLnimU
oNCExc0hooqiQpKKSgBaKSimI6DNITRSGqJDrRSE0gOaBi0lBNJmgBaKaTRmkxjj
TScUE00mkM5TxA5l1ry88JGoH481Nax7FXjBNM1ZMeIsno8Sn+Y/pV9ABsx27Umz
akupPCpJBPBq/EhxyOTVaNRkfSr0RAAz2qLnUtiza2cFxMPNQEgcVLfeHrGTMwTb
kdjxmltXAYMeo6VdlnV4x2H1rRNWMZJ8xmw2EEQwI1A+lDqqcKoH0FWTKoU8VVkc
+nBrKTRtFMoXRytc5qFtulZgOK6WcZWsrUBtQkDtWd9SpK6KWknZavDz8jnGfQ81
fzWdpj7pLjn+7/WtDNbLY4ZaMCaSikNBIE0oNMNLnimhMfmkJpuaTNUSOzSZpozn
rxS5oAWikooA3+1JmlptWQKeaQmkpKQxSaM0maM0DDvRRSUgFzSUZpCaQzmdRuBP
rKts2iNdmT35NXIGDsOay9QJGqTHOQXJwe3+cU63u1MZKklhzgUmjeDSOjiAY/pV
2KLoM1zEerGHmRGH4Vo22v28jAbsGp5UbqodAikAfyp24k8jiqcOpxsM5zUh1KLp
tAFHKVcsEEg+lQSDA681DJq0A/iUDoMmqkmqQE4MgzUuI1MmmOAeay9RbdasB1Aq
Z9QiJZSevftVC5nBt32kE5wMd6ztqW2mjP0Jsi5Zm5LgVsVkWsbRA28WTvkDSv8A
59/0rXJrWOxxVY2aYZppNITSE1RkKTS5pmaXNNCY7NNzSZozTELnik3gUh5FMIzQ
A8SD1oqPaKKYHSbqQk00mkDHvxVEDs0m6kLUzOCaBkmaKbkUZpAONITSE0x5FRGd
2CqoyWJwAPegY8msnWfEVhoiYncvORlYU+8fr6D61zuveOFTdb6SQzdGuCOB/ujv
9a4OWSSeVnkdnkc5ZmOST7mrjTvqyJT7Hcm4uNWaO7jURO8gkZFJIx6e9Xns5TM0
QheEqNwYE7Tn29apaWfK2ID91QPyrqAxkxIASxHzVizshG6OVk0y9lgmxfSiX/ln
tOAPYipdP0WSOydrieU3bNldj5VR75PNdIbRH+baQe/FI8aQRM2GJx0xTU9LDdHW
5jaZLcNdraIHdjk7pTsx+HNXtVe4s2SNlT96cKUfJ/IgUmmRxjU2uVX524OKu6xa
x3s8TOMmNtw96iUrM2jTlynPNp9xLG7NNIjFCY8g8t788VVsYNUAk8+1QFB8u5my
5/A8V2MVut0mGIUjtmnHTCvDSHHfpT9orbGbpSve5yomlIAktbhHJ2hF+cE/4VZt
LO7hkIlTZAq5w3JL/X0xXSRwRRKNnUck1X1KYNGxPWsnK5vGnZmda48sMDyXbI9u
KslqxF1CKzUPMwRHfbuPY4z/AErTjmjmXdFIkg9VYGtILQ5K79+xMTTSaYWpC1UY
j804moGlVPmdgo9ScVn3fiLTrXIM/mMOyDNNCZrZozXHXXjNuRa2wHozmse58Q6l
dZDXDKp7JxV8rI5kehT3dvbgmaeNB/tNWZL4o0uNwgmZyTjKrkV588jyHLuzH1Jz
SJzIoHXIp8gnM9aBJAI6GimoSEXI5wKKks6AkUhNNPtSHPrTJHUhNNFOwTQAgajd
VW71OwsQTc3cUeOxbn8q4/X/ABuWBttIJUY+a4Yc/RR/Wmk2DaR1Ora7Y6PFuuZc
yEfLCvLt+HYe5rznW/Et7rTFJG8q2B+WFDx+J7msaSSSV2kkdndjksxyT+NMyc1r
GCRk5Nik0AUmc0A1RJ1ulXGVhbOcqO9dbaTZA5rz7R58qI88o3H0NdnYzcCuWS1P
RpT0TOnhkyvNVtVfFlIeh6D61HBNnHTFM1QGW0xGy+YGBGTgH2qDodtyvpETCYgj
uOa1NRUo+MciudtNQvLa5yscUgXqEbn9etWb3XLybaVtgoyBumO39OtKUboqFRI1
NPkKs4ODg8VoOdyg4APtWNpAlkSWa4ePc5+UJ/OrrS7QRU9LFO17iTSbQeeKwtUn
JTaDyeK0Lqb5TWDeyjczMcKozmpCUtDmfEF2xljs1xsUCRj79BWTHNJCweKRo27F
Tg0t1Obq6lnP8bZHsO1RZruhG0Ujx6s+abZ0Fj4rurfCXYFwn97ow/HvReeLLpyV
gjWIdj1Nc/SfeGD17UOCEpsmuL+6umJmmdvqar9SAMkmrmnWa3TSB1csuMKO9QlP
J1PZ90LKB9OalSV7Ibi7czIpY5ItokQqSMjNXJNNaPTfte5iMAjA45q54ntltrqA
KSQUPJrTuD5vgeM+kY/Q1N20mVZJtFLwxp8V8LhpMZjIxxk1gyjZcyj+65/nXSeC
3/e3ieqqf51zl3xe3A/6aN/OqS95k3vE9SibdDG3qoP6UVDYN5mnWzesS/yoqC1s
dKWIqMuR1OKUmoZOVI9qpEtnHal4/eKR4bSzwykqWlOeR7CuavfFOsX2RJduqH+G
P5RTvFFmbbWZmCkJIfMU49ev61mxR+WAzD5j0Hp71fKrmfM2g2vu3SMWkP8AeOcU
HIoJ565NGfyrRIQlNJpxppoEJR60UelAEttOba5R8/L0au6064DBSO9efsK39Cvs
AQyHkdD6isakep0UZW0O4luPs8BkPpxWTPd3Vwx2kkHsp5NX7e5DhASCuc81Lc+R
OuHVTj2rGx13ZkW2n3CsrBCWznirVzYzsCXzuI4BardvZWajL7ceo6irD2ti64RU
b1Zsk/rSaXc0ijIt7m4syquflHfPatmO7WYDa2TTbeC1ifKxrj6daJ5Yo87MDNQk
inzbkF5ccYrkfEF/tjNujfPJ19l71q6rqSWsLyMckDgZ6muIkle4laaU5dv0HpWt
OF3c5q9XlVluxPWij/CkrqOAM0o60hpRQBPDdSwMGikZG9VOKimZ5pjOTmQnLe9I
DSg0rIdzb8VsJBZSg5BXqKs2jeb4Ldeu1WH61zrsWjCMSUByBnoa6DRxnw5dxEgk
FvyIrNxsi07yK/g58ajOv96L+tYl7xqNyP8Apo3860/Cj7daA/vRsKzdQ41S5H/T
Vv50/tC+yeh6LJv0WzP/AEyAoqloM3/EjtRnopH6mioaKTOyLUxjSE0wtk1QjlPG
YhW1hDn955m5F9Rjn+lcSzZ5Na3iPUDf6xMwbMcZ8tPoO/55rIFaoyFxSEUuKMUw
G0EUppKYDaSnGkI70gEPNWrLLyeUrbZM5jb/AGvT8aq5wfrSglGDA4IOQaTV0NOz
OlstWy4jmGyVThga6CC5jlAy3J6ZrmXjTVLBbhBtu0HUfxY7GoLPU2iZVkJBXg5r
ncTsjU7nbx2xZBsfgmpY7PkGVyARwPSsqz1aEqpEgwB3NTzavEIzlwv41m0dEXHc
u3EqQttDdAKxr/VY4IyGPzA9B3rKvdZyGCNknoap21nJcOJZyWZui/40Rh3JnVvo
ipqM8tyVkkyFY8CqXatHWcLeC3X/AJZKAfqef8Kzq6oKyOCpK8hR0pO9HajvVkBS
jpSHpS9qQBSikpTQAA8+1TQTSQvvjcqSMH3HpUFOBoAu6ADDr8APRtwH5VT1PjVb
r/roasWNwLa9gnZSwjbOBVbUnWTUriRDlWbcD7GotqVfQ6HR7rZpUC56bv8A0I0V
j2c+y1Rc9M/zNFKwrnrBNUdTu/smm3M4PKRkj69BVpmzXN+Mbkw6SkK9ZpAD9Bz/
AIUJalN6HCk888mkzRj1pfrWpmGaAaMUUwDrRSfSjPqKACkIpTRQAzFAOeKWkIwc
jrSA0dIvFtpjHK21H6N2U1rXmlJdHeDskPcdDXMA+tXbXU7qyICSCRMfcY5H/wBa
olG+qNIztoyWTS7uE8LuA7qaYtpdyHAjf8a6DT9RtdRIjz5cx/5Zsev0PetZNPAP
IrN3W5sknscxaaO24NKcn0FbNy8OjWBuJMGZhiFP7zev0FaqwQWsL3EzBY4wWYno
BXA6tqT6pfvOchB8saH+FaIq7Cb5UU3kaSRpHYs7HLE9zQWA9c0gFBIIAHUVscwA
k0vc0gpe9AAeopTSd6DTAUdaCeaOgpM0gFFLmm0oNADs0kkfmLx94dPejNKDQBCj
lVAoqUxoxJIOT6UVNgPXCa5rxkobS4X7rN/MGuhY1g+LBv0Vv9mRT/Sktxy2OEpa
SjNaEi0UZopgGKSlooAQUEUHmjNIBp5/GjqKU0goATFAz7UHrRQMATkf0ro9J8US
W5SC+zJF0En8S/X1H61zmaU9OlJpMcZOLujp/FerrO0djbyBogA8jKeGPYf1rl84
oHoKMUkrIcpOTuxetFFFMkKX0pKUdKAE7ml70h70gPSmA40gopaACiiikAtFJS0A
OzRTaKAPVWasnX036JdeoUMPwIrRJqpqSiTTbpOuYm/lUoGedUUlL1qxBRRRmgAz
S0lGKAFpCM0Z9aM+9ADSaTvTmFN6mgBetJThQRQMbSntRijvSAUCkNKeDSGgAoNA
ooAKBRQKAEJoPWhqbmgB1LTQc04UALRRRTAKKQ0daQC5PpRRxRQB6Yz1G37xGU9G
BFITUU9xHbRGWVwqL1JoEcA6FWZT1UkUzpUtxIJbmWRRgOxYD0yaj6GmAdaKTHPF
L1oAKWiimAYpCKWikAlMIwRTzTH4waQxc4p1MbpSqcigBaKDRQAUlLmkoAKKKKAC
gUUUAI3SmGnt0qM0gHA04Hiox1p2aaAdkUuabn0FKKACj8c0fWjPtQAufaiiigD0
VnVFLOwVQMkk4Arh9T1KW/uWZm/dKSI1HQD1rqNYtpbzTZIYc7yQcD+LnpXFSIY3
ZG6qcGgSFByBS0xT1FOzihDFFBoopiD60tJS0wCiiikAU0jinUhFAxnahe9DDHeh
aQDqTvSjnpSEEdQRQAZyaKKKACiiigBKWkooAD0plPNNCFjSY0myaMqiZ9RUB4PS
pVQjtQ0TN0HNQnZmrjdEYNOqxFp9zL92M49TxV6HQ5WALsF9hTdSK3ZMaU5bIycU
7FdJb6FAMbwWPua0YNJtVxiFc+4rN14rY2WEm9zisUV6CNMgx/q0/wC+aKn6wuxX
1N9zndX1s4MNs/ykYLjv9PaudJyTUkyHcW6j+VQmug4xyn5qfUVSA5ANNAHPalz6
8UUcUxC9elGKTb6UZx1oAWik4NLjFABQc0ta+g6WmozSGTlI8cepNJuyuVGLk7Ip
WWkXWoEGJdqf32/p610Fn4Wt4WU3JaVuu08CujhWG1UQQxhnA57BacsRMhYnLt1N
c0qjZ2woxW+pFFYwxxiOKJIx6KoFPfTlYYdAw91BrSgtowoOWL9zmpWXjFYnUkrH
Mz+HbGfO63UH1Xj+VZs/g6FuYZnX6812e3scGmGPJ4pqUlsxOnTlujgZfCN4mdks
bD3BFVZPDeox9Y1P0avSPLB47mlNurcAc5qvbTMnhqbPMl8P6gTgxAf8Cqwnhq66
vsA+pNehfZF7UhgU9hQ60wWFpnBjw1J0Z/yWpl8OIpHzMc9e1do0AP50wwDv9BUu
pJ9TVUILocqNEiQgFM+uTVqPTUQjCADGeBW2IBtOfpQYl6iobbLUIroZiWgH8PHc
VJ5IB4A61oeWMEg0nlkcVJWhV8nOPSniPI9KsBODnmmBArd+aBiqjbRzRTwpIyCc
UUCuf//ZiQI6BBMBCgAkAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheABQJR3mUf
AhkBAAoJEM2Ptb2FvwslIX8P/0pfyApnWafZsMWwyQArnr+f+WOSF/PjidchK7rV
PJSLk+ZLraaKLGzUy0dPPnOzR8vhPfeam7Dg7R5heD9SwOzzjEzrESwps7ntkp6K
zCrAEZt8ycVKNtzd+aZJKGBmFv/JMtpQG5ph84VqQt5WUjIK8+KzJkDEX/idOkmG
E8KfslCut8aFKQ5fWz0u29+TxShlvS0lkKAAq8jeM0XHH1kruymTq4iE4lUUzt6u
OJXi0dv4vC6+yuPhXjKmE6Xt0gSSA9WctUjWB3g2i6g996jo7qUQABKPH2MFQS0T
G8fC2EhvS2Z4r7pOOp91UBbRYVyDCg7AyFbOKs6aKbJ+pTGVKdXqmGOt5LkROxmx
ChdvGA9pYWCeX6Enw7eXYDFLxhnzrhJpuMcW8U4LwVrD2hI7LLcxOjT7zXyzMt6B
yCQRECMjcRoKApw3xX32WzW/HmsBvSRVMAQueDtGus3RLJWeutABHsAoa3+TaG7C
DyBWRkLi/O1lLClf40EhfgQEiyBNvVyUs65juVtQzdeyFNGYFLEOIBBAgeg+6g/c
UnVx94Xo+LQ8VThbdymrExOqjxw5gnd0FLx/sHu2oNUC9c7a/NWzo+LHZKx88G6D
Ns1LGb7nYtNPhChfhbkdrwQwQQKCmGKuA3EyuAXaoS8mNNNbfpMD643lSOR+WsgL
CGaEuQINBFHScT0BEADCveJ6u4zw7d+GwAu0V/utB7aifnFNg9iCUN/8cO1qYafB
gj53kWWWAIwjcvhY9BZPCTCtekE7/PCToUUdOdNSJw15/Kie7vKrHMG02womWb61
/xjqAQC50sciCuwvIzqBYM8w5yPDXU532iWNr7Ao4J2GRWb5ebE6NxOUcvZSbAWw
NnyxgVMvZCNTI6ZCvYx8/hTbkwlpUIbZuEAwJgsBoJq8RheHw5puAkHHsx4Sl0/l
oTnKIFWxeZ8UioikeUhkVqeC5OFznWuSnNDHgkVw+l/iPjG0rsF/N9k7bZz9oM1y
y32BiHaW4RFALAuEeRQdj2ULCs1sTc1hd8mKRVhQw3iXDixZJMjKeWPT4B40GvKw
rnUMHOcgpLb+TWBTqLeEI/1VLHt2VijDRj/I/YaSi64HAIk7887ISQRFn+QyoOHW
ph973awD/cOwUJ7NY2/EjO2rJpRxqJm5BGpl41e1Lq6b0zF49+IyPRzomBhuBxq7
dzT8GEeuYFOCvvjsv2xEYKolcEjE+0GpVRAu4Q7mayEFwgEeQt8zs3xRcKT7sfK5
urGiHKq9pJbQCA8NKMVECyWHxBLcXv8oPyVLOoaKsZu5V8Lu/Mb7fPEOHPBPavIF
h7zVjtzv2I+7NoGPJR78YYlxtxCwDAbOBs/O3kuDC5Eo6x1u+CBMyFHRdIplQQAR
AQABiQQ+BBgBCgAJBQJR0nE9AhsuAikJEM2Ptb2FvwslwV0gBBkBCgAGBQJR0nE9
AAoJED2appCQubIj5ScP/iPzND0wcn7Iu5QpzRFwYE9ge9T2WAYRFJG3qjTXbITm
GZ2Oyneb1hPE7m2c6IqOmlTFjhl9PMO80TZsOZpE5lJ21nPqFyEAjPf8oxCcBzFH
EbJGxsUDFjbiT33C1cXUnopB7WLdgCC4JfHWuU2uffIYI5NfSiFYwLLrKbBwxSdw
6RKLocvmtJ+/NwfiJR8Q7ZIL5UZH+C2vWhwOxE5fK+eXGBJQWg7MfzB41DDNTYNQ
JejmR/sACIrz3QEOsZgLNN/2sbjhB7boxWeWf15I2Ervrt2RS9bXbc99zf1kXmNR
+qC+VQIK0acUZnyefCzeMOueThX0iJ7UmttgKP4VJQ1Up3h2KSIqP+KCIyuqvqDA
Ksy5Q4B41eV0+/7xzEY6S7LawmBRs1lqtpXiG91Hgw5VQjIBtfBVfKtU3LCZBHfr
TifhDi4pUtLoLgqPBo8oe80GDQvOV34356ov0DYWDg9rEYx+dI8lgXY7NnC471pQ
wGPzdIfgMMOeExhyVFqR2/yJR+PGwIcLN3WskI9xQbAld7pn1Yyq7LyoJRI6eva8
HwyRmm7h0odDVB0GRrFFgYeDh8XjUy1YvIMpIpZgpGFTZWOOEhjDjgZ2XdpZmfSA
fWiRPnaQnR+jkeCzffnXvzt0u4a3bRLlizjQ4DI31/arF/mxYxLDcdynyHeZzgiL
H64QAJ7rY/RZG1gB3nCfRIY8Rxr8+h5RuuP13ToLmztM7I0a9vMkAjn1qzljBP9I
Jati9Fm3vHNjb2NbR3YpECAz/hg8WRwK+N/hTTcuCg6/cnRP/8YRvIx+nKS9x88I
fpAuogQQyHHV6hjUsObh6TvdagOIrVgPPavvOctW9LoHsJu2MpbcEcmqP+gCJcqT
qBAZIcmL/JXz0q2aY0rSwUJiZ2Q+RGH/mcdRP9QrA6dmG7r6LtJHnC6tI9ppRpoN
m0+BpKhKDJyCzFfcq+/ZF+BkkcOFGk7rJIhU9QahIkerDqI9iUrkC7shnhs5384a
8zpmwTebCmwfKjqgx1iS0ZP00DRXOHa4iW0tW41cAr447XkEXdKd4yGLbtmmry9Q
N3z0eoKknG7Ezywj6RkqU0BGbpTCVER88PaLLvLCxX0aRQWQkw+4/ND0pLD06xCV
wuuH526aAC48zZVv5NioiDmsNu7nrikCPGiiZYKv2ikYxXmqomN6Q+0F49O6xyLE
1cIq7sdPZmk+P34Y/beukbi6HgxQ1koN/sIUPNPfxO6gDXJZbtburJu/PChvwGlE
EisX2+2NEHrE5NMyT0ZRoo+GH1xyxdL6qbB1RzhuPsqM9Kg9gOAlOZc1AZe39Y30
IVQpcyYx2OAqp2rdVRmj9JmQIlYzuC/BFIPiV796COI33Yd/
=2VJ/
-----END PGP PUBLIC KEY BLOCK-----