[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NSA/NIST Security Lab


In <[email protected][]>, on 09/02/97 
   at 10:51 AM, Tim May <[email protected]> said:

>At 10:12 AM -0700 9/2/97, Ray Arachelian wrote:

>>Uh huh, yeah, we'll be getting the NSA to review security...  Joy.  I can
>>see it now.  "Single DES is very safe.  40 bit keys are more than
>>enough..."  Even with Bruce on this, it doesn't warm my trust to them...

>Now, Ray, you're being too harsh. When NSA/NIST sought the analysis of
>Clipper/Tessera several years ago, the distinguished panel met for a
>weekend in a D.C. area hotel and concluded...drum roll...that
>Clipper/Tessera was secure.

>Of course, Matt Blaze broke the Tessera version a few months later....

>NSA has long had a dual mission. SIGINT and COMINT to break enemy
>messages, and COMSEC to help ensure national security through strong
>crypto. Code breakers and code makers.

>For government uses, this has worked pretty well, most of us would agree.
>ICBM launch codes are apparently secure, submarines can communicate
>securely, etc. (Please don't chime in with anecdotes about Walker.)

>Some believe they have a role in helping industry to secure its
>communications. I don't agree. The NSA has no business getting involved
>in business. Period.

>NIST (formerly NBS, of course) may have a role, but I doubt even this.

I do not see how NIST could have any role in the private sector as long as
they maintain their cozy relationship with the government especially the

- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                        
- ---------------------------------------------------------------

Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000