1997-09-02 - Re: NSA/NIST Security Lab

Header Data

From: “William H. Geiger III” <whgiii@amaranth.com>
To: Tim May <tcmay@got.net>
Message Hash: 2a4c664e2069bcbfc6cb94bc1048631733613207d3b436419f75d16a6228e9cf
Message ID: <199709021848.NAA10856@mailhub.amaranth.com>
Reply To: <v0310280db03200b3cc75@[207.167.93.63]>
UTC Datetime: 1997-09-02 18:54:09 UTC
Raw Date: Wed, 3 Sep 1997 02:54:09 +0800

Raw message

From: "William H. Geiger III" <whgiii@amaranth.com>
Date: Wed, 3 Sep 1997 02:54:09 +0800
To: Tim May <tcmay@got.net>
Subject: Re: NSA/NIST Security Lab
In-Reply-To: <v0310280db03200b3cc75@[207.167.93.63]>
Message-ID: <199709021848.NAA10856@mailhub.amaranth.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

In <v0310280db03200b3cc75@[207.167.93.63]>, on 09/02/97 
   at 10:51 AM, Tim May <tcmay@got.net> said:

>At 10:12 AM -0700 9/2/97, Ray Arachelian wrote:

>>Uh huh, yeah, we'll be getting the NSA to review security...  Joy.  I can
>>see it now.  "Single DES is very safe.  40 bit keys are more than
>>enough..."  Even with Bruce on this, it doesn't warm my trust to them...

>Now, Ray, you're being too harsh. When NSA/NIST sought the analysis of
>Clipper/Tessera several years ago, the distinguished panel met for a
>weekend in a D.C. area hotel and concluded...drum roll...that
>Clipper/Tessera was secure.

>Of course, Matt Blaze broke the Tessera version a few months later....

>NSA has long had a dual mission. SIGINT and COMINT to break enemy
>messages, and COMSEC to help ensure national security through strong
>crypto. Code breakers and code makers.

>For government uses, this has worked pretty well, most of us would agree.
>ICBM launch codes are apparently secure, submarines can communicate
>securely, etc. (Please don't chime in with anecdotes about Walker.)

>Some believe they have a role in helping industry to secure its
>communications. I don't agree. The NSA has no business getting involved
>in business. Period.

>NIST (formerly NBS, of course) may have a role, but I doubt even this.

I do not see how NIST could have any role in the private sector as long as
they maintain their cozy relationship with the government especially the
NSA.


- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                        
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNAxSAY9Co1n+aLhhAQH/dwP7BATbMQ8Y5/muQ2jj7XtIk8Aty6XggaAm
BC2FDwjcsWGSgj+y9jMJaHumnKbMXBtX6zZtzCWE/I6PmRD6t2vRnRwQFu/dRk1D
zPTVlIq5W54fFsESVJn36tO4BgcI+IxZx/j2K7wUwkpCMSq6aXBoNqs44bTgPPzr
q0+i/It0SHI=
=he6z
-----END PGP SIGNATURE-----






Thread