From: Matt Thomlinson <phantom@u.washington.edu>
Date: Thu, 31 Mar 94 11:41:21 PST
To: cypherpunks@toad.com
Subject: Sternlight update
Message-ID: <Pine.3.89.9403311100.A20018-0100000@stein3.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain


I know this isn't immediately pertinent, but I wanted to offer a pointer 
to sci.crypt.

Currently a discussion of key lengths ("how long do {RSA|IDEA} keys have 
to be to be `safe'?") is going on; pretty interesting. 

Funny, I noticed a familiar name contributing (well, asking questions) 
and then _this_ post:


---------- Forwarded message ----------
From: strnlght@netcom.com (David Sternlight)
Subject: Re: I concede the key length/cracking point.


[...](matt)

Finally, it's been suggested to me that the Clipper issue isn't about today,
but about tomorrow,and that rich, smart cryptologic organizations may have
no trouble today, but it's hoped that by the time tomorrow comes along,
Clipper will be so widespread that non-Clipper can be handled by "other"
means.

In conclusion, I have to give a nod to the folks who are afraid non-Clipper
might be banned some day:

If in a few years widely available cheap machines (after all the roughly
$1500 Power Mac is what, about 50 MHz?) make much longer keys easily
feasible with short encryption/decryption times, then in a few years the
government MIGHT actually want to ban non-escrowed crypto very badly. It
would probably happen after the current Administration leaves office, making
the current White House statements the literal truth for THIS
administration. Alternatively, if the NSA has approaches we don't know about
which mean that such longer keys are still vulnerable, then we might never
see such a ban in the U.S.

Note that it's possible to state the above carefully, non-hysterically, and
without being offensive.

Having taken a few hesitant steps down that path, a few things become
clearer. For example the current effort in the Netherlands to ban
non-escrowed crypto, and all crypto without permission, perhaps suggests
that in the Netherlands they are there already--that is that their
cryptologic capabilites aren't of an order comparable to some others and
thus they have to face the "banning" decision now. Perhaps the same has been
true for France for a while. 

We do have good reason to believe GCHQ is very advanced--we Americans have
learned a thing or three from them, from what I read in the open literature.
Thus it's possible the issue hasn't yet become critical in the U.K.  Dunno
about the Germans. It's possible that they got more from Hitler's former
crypto experts than anyone knows and they are very advanced, or it's
possible they have "special" relations with the U.S. or maybe even (this
would be interesting) the U.K. of a kind that gives them capabilities the
Dutch don't have. Given their forward position in the old Cold War days, it
wouldn't surprise me.

David

-----------End Forwarded Message----------

Whoa! blew my mind. I think we finally got through to him. Now we'll have 
to finish brainwashing him (ready, tentacles?) and put him in a suit and 
tie. He can be our new spokesman.


By the way, this isn't a fake mail -- he's been waltzing around like this 
for a week or so. 

matt

Matt Thomlinson                               
University of Washington, Seattle, Washington.      phone: (206) 548-9804
Check my home page -- ftp://ftp.u.washington.edu/public/phantom/home.html 
PGP 2.2 key available via email, or finger phantom@hardy.u.washington.edu