1994-06-02 - Re: Black Eye for NSA, NIST, and Denning

Header Data

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
To: cypherpunks@toad.com
Message Hash: 7e4f6ace10040c707c8bf426cf0f255b278d417450b1979f969c7fea7eec3baf
Message ID: <9406021851.AA11330@anchor.ho.att.com>
Reply To: N/A
UTC Datetime: 1994-06-02 19:39:40 UTC
Raw Date: Thu, 2 Jun 94 12:39:40 PDT

Raw message

From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Date: Thu, 2 Jun 94 12:39:40 PDT
To: cypherpunks@toad.com
Subject: Re:  Black Eye for NSA, NIST, and Denning
Message-ID: <9406021851.AA11330@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text/plain


Keywords: rant

Tim writes:

> If Matt's attack works, and Clipper/Capstone/Tessera/etc. has to be
> redesigned, some issues are pretty apparent:

Capstone/Tessera already had to be redesigned to use the
new Secure Hash Standard revision (one can speculate about
whether the NSA's revision was to remove an old weakness or 
install a new one, or both :-)

Of course, if they do redesign Clipper instead of junking it,
the chances of them making it *more* genuinely secure
by having the two wiretap keys installed separately
instead of having them combined (and probably stolen) by the NSA
and then the XOR loaded in are probably pretty low...
 
> * Combined with Micali's talk of a lawsuit, the slow acceptance of
> Clipper (Cypherpunks and others have helped to make Clipper a very
> dirty word, thus slowing any corporate acceptance that I suspect the
> NSA was hoping for), and these problems, the Clipper program seems to
> be in disarray.

It's especially enjoyable seeing that coming from Micali    -
his patent on "Fair Cryptosystems" is just *dripping* with
the collectivist use of "fair" as meaning "Do what we tell you".
His system also fails to carry out the claims made by his patent
that say it permits the government to access the keys of suspected
lawbreakers while protecting the privacy of law-abiding users,
unless you accept the Ed Meese position that people who are
law-biding aren't suspects...

> So, NSA's vaunted crypto capabilities seem to be waning. 
> (I'm sure there are still many competent folks at the Fort, of course.)
> Their venture into the commercial world seems pretty flawed.

While the SHS problems are crypto-related, the primary incapabilities
of the NSA's Clipper project aren't technical, but political - 
they're trying to tell the public "We don't trust you,
but you can trust us, because we're from the Government
and we're here to help you!", which is a hard sell for anyone :-)

		Bill
		





Thread