[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
What happened to the NSA's _second_ mission?
([email protected] removed from the cc: list for obvious reasons)
At 10:09 AM -0800 11/2/96, Bill Frantz wrote:
>I don't think either of these exclusions would cover the reference
>implementation of the SET protocol. I don't think it would cover an
>electronic commerce application running on a personal computer/workstation
>either. Therefore I conclude that the ITAR is contributing to the
>vulnerability of our emerging electronic commerce infrastructure.
Given the reported statistics on the _meager_ number of serious crimes
which have been stopped by the use of surveillance and wiretaps (reported
in various forms several times in recent months), and given that electronic
commerce may be vulnerable to _serious_ disruptions, one has to (again)
wonder if the charter of the National _Security_ Agency needs a careful
reevaluation.
Some years back, the NSA was more explicitly divided into two functions,
one function doing SIGINT/COMINT, and the other doing COMSEC and INFOSEC,
i.e., working on mechanisms to better secure the nation's communicaitons.
At about this time, circa 1988, the NSA's COMSEC folks were _explicitly_
warning that DES was long overdue for replacement and that new measures
were urgently needed to secure the nation's communications and financial
infrastructure. (The details have faded in my memory, but I believe this
was the time the "Commercial COMSEC Endorsement" program was being
discussed, with various hardware and software being proposed....don't know
how it eventually turned out, faded out, etc.)
So where are we today? Almost 10 years later, with huge advances in chip
power and density (500 MHz processors, 250,000-gate-equivalent PLDs, etc.),
and yet what do we have? Only plain old DES-level cryptography is being
encouraged, with various roadblocks placed in front of efforts to deploy
stronger crypto.
Jeesh. To supposedly wiretap a few terrorists we risk the whole enchilada.
Of course, I suspect the real issue is that the NSA understands the
implications of strong crypto, anonymous remailers, untraceable digital
cash, etc., and is thus taking what steps it thinks it can to limit the
spread of these technologies. The wiretap stuff is just a figleaf.
--Tim May
"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."