[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: clipper plans 4 sale (was Re: Earl Edwin Pitts, $224,000)



Vladimir Z. Nuri wrote:
| [publish skipjack]
| >	Right now, we're shooting to make the ITARs irrelevant by
| >saying things like 'IDEA is Swiss, and when we can't export it from
| >the US.  What does that do to competitiveness?'  We can't make that
| >claim about Skipjack.  Skipjack is an NSA designed cipher which the
| >agency probably expects will be publicised.
| 
| they spent millions of dollars to hide the encryption on the chip--
| using state-of-the-art technology from what I understand. it would have
| been far cheaper not to have done this.  also, the
| chip manufacturer was under very high security. 
| 
| so, seems like exactly
| the opposite to me-- they don't want it to be publicized. in fact
| when it was first released there was some verbiage in the documents
| about how the chip design would be used to prevent such an amazingly
| powerful algorithm from getting into private hands without 
| "appropriate safeguards". so I don't buy your theory.

	I said expects, not wants.  The NSA knows that Skipjack is a
fat target, and probably, despite efforts at hardening it, a soft
target as well.  So they took steps to make it tough, but probably
expect that those efforts will fail.

| publishing skipjack would be a very, very significant cpunk victory.
| recall that DES was slightly redesigned by the NSA, and about 20
| years later it was discovered it was done to possibly make it
| less vulnerable to "differential cryptoanalysis". 20 years later!
| that suggests that the NSA may be up to 20 years ahead of public/academic
| crypto research, at least at that point.

	Bruce Schneier gave a talk 2 years ago at the Crypto rump
session where he talked about 'Open Source Skipjack.'  The talk notes
may be on the web.

| anyway, my point is that if skipjack was published, similar insights
| into what the NSA is thinking would be available. can you point to

	I know that.  I honestly don't think it would be a sufficient
propaganda victory to break through the 'tamper-resistant' housing and
reverse engineer the algorithim to make it worth the loss of respect
for 'revealing national security codes.'

	The big losers would be the smartcard folks.  Its not clear to
me that 'cypherpunks' would get more positive PR than negative.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume