[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NSA




	Just two small points.  First NSA's two missions are protecting
classifed US communications and penetrating those of everyone else. 
Neither is aided at all by publication of NSA developed cipher
technology.  Seems particularly silly to assume that no matter how much
NSA mathematicians and engineers might like to publish that the agency
would let them if by so doing they made their job harder in either the
short or long term.  And certainly it is not in the agencies interest to
publish much of anything ex-officio either. 

	So it is really kind of stupid to complain that they must not be
any good because they have not contributed to the published body of work
that constitutes the infant modern science of mathematical cryptography
when the existance of and quality of that body of knowlage is their
greatest long term challenge. 

	NSA's mission depends critically on others underestimating NSAs
capability and overestimating their own skills at making and breaking
codes.  If those whose codes NSA has cracked thought they could be
cracked they would not have used them (would have used one time pads or
some other technology that is truly secure instead).  It is thus
obviously not in NSAs interest to allow the world to know just what they
have developed and when, especially if by so doing they frighten the
codemakers in the rest of the world into using more secure technology,
and certainly so if by thus admitting they can be seen to be endorsing a
particular technology that they have in fact been using in US codes
because they think it secure. 

	This brings up the second point.  IS NSA really presuring RSA
because they fear the security of the RSA exponentiation algorithms or
because they can break them and hope to induce people to use use them by
seeming afraid of them ? What would be a better endorsement of a
security product than that the NSA wanted it banned because it was too
good ? Or would it ?

	I personally find it extremely hard to believe that
Clipper/Skipjack is not riddled with holes and backdoors since it seems
inconceivable that NSA would allow a NSA technology that could be used
effectively against them to be circulated world wide.  They can't really
believe that the anti-reverse engineering stuff will protect them
against foreign goverments and other well funded research organizations
for long, and they admit to having known of Blaze's checksum hack so it
seems likely that anything one could extract from reverse engineering
the chip and algorithm is flawed in some more subtle way.  Weak Keys ?
Or do they have a general method of solving DES like ciphers ?

							Dave Emery
							N1PRE
							[email protected]