[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on the NSA's correction to SHA




>The very fact that this correction had to made offers some
>insights into the National Security Agency.
>
>I believe that releasing DES to the public was the biggest
>cryptography mistake that NSA ever made.  Consider the state of
>research in cryptology before DES.  It was simplistic.  It was
>haphazard.  There was little interest.  If any results of value
>were ever discovered, the NSA could squash them with a secrecy
>order.  No one cared.
>

There is one problem with this analysis: 

  IBM created DES. Not the NSA. Sure the NSA could have asked them to keep
  it hidden, but the NSA was also going to IBM and warning them
  about Russians evesdropping on IBMs networks. Everyone realized it
  was time for public cryptography. Especially IBM. It is not clear
  that a secrecy order would have worked. 

This is not to say that your analysis is wrong. They classified the
design procedures which was their attempt at a compromise. IBM couldn't
publish the details of how to make a good algorithm, but they could
release the details of the standard.