Re: Cracking & auditing crypto protocols

[gnu (John Gilmore)]

> * A "cracker's guild" to break weak cryptography and publicize
> the cryptanalysis algorithms (cf. the Word Perfect crypto cracker),
> forcing the weak crypto off the market.  For example, if 
> NetCash was deployed this organization would crack it.  This
> organization might be funded anonymously by those selling strong 
> crypto (who have an incentive to debunk their competitor's hype).

The person who built the standard "network license manager" for Unix
(flexlm) has offered us cypherpunks access to the protocol if we'll
try to crack it.

> * A formal Crypto Auditing Agency that would verify the algorithms
> and protocols were secure, without revealing trade secrets.
> My next statement may cause hisses & boos, but I think the recent
> Crypto-Auditing of Clipper by Denning and other eminent 
> cryptologists will be a model widely applied in the commercial
> computer security business.   The auditors should be 
> able to examine the source and run the programs without revealing
> trade secrets.

The auditing may indeed be duplicated.  By marketing departments, and for
the same reason as the Denning auditing -- marketing.  Solely.

There is no way that the selected group of people could crack a 
half-reasonable cryptosystem in a few weeks.  Real Cryptanalysts spend
months and years working on cracking cryptosystems, and none of the
panelists was a Real Cryptanalyst.  We had all the details of DES,
and it took 15 years to make a dent in it.

But they fooled you -- and maybe a lot of other people -- so there *is*
a function for such review panels.  Sponsoring one is a way to convince
innocent spectators who don't know better.  Marketing.

	John
	Marketing Dept, Cygnus Support