[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Wrap Up: Conference on Law Enforcement and Intelligence
At 1:03 PM 10/20/96 +0000, James Morris wrote:
>On Sat, 19 Oct 1996, Black Unicorn wrote:
>
>> 4. Might be a good idea to review implementations of crypto.
>>
>> Both James Woolsey and Stewart Baker made sly remarks about the
>> reliability of crypto in the public domain. [...]
>
>There was also an interesting comment made in session three of the
>Joint Australian/OECD Conference on Security, Privacy and Intellectual
>Property Protection in theGlobal Information Infrastructure,
>(Canberra, 7 - 8 February 1996), reportedly by a representative of
>the DSD:
>
>"... PGP may not survive as a viable option for private security."
>
>For the full quote, see:
> http://www.nla.gov.au/gii/sess3.html
(1) If I were faced with an opponent who had a crypto system I couldn't
break, I would attempt to make him think I could break it so he would stop
using it. AKA FUD.
(2) If I could break his system, I would want him to continue using it. I
would have to be very careful about how I used the material so he didn't
catch on to the break. There are some wonderful examples of this logic in
"The Code Breakers".
(3) The devil is in the details. I still am not convinced that MacPGP has
enough sources of entropy for its IDEA key generation. (But I am not
convinced that it doesn't either.) I put integrating Jon Callas's entropy
manager into MacPGP as a high priority.
-------------------------------------------------------------------------
Bill Frantz | Tired of Dole/Clinton? | Periwinkle -- Consulting
(408)356-8506 | Vote 3rd party. I'm | 16345 Englewood Ave.
[email protected] | Voting for Harry Browne | Los Gatos, CA 95032, USA