From: jthomas@kolanut.mitre.org (Joe Thomas)
Date: Tue, 26 Jan 93 09:24:19 PST
To: cypherpunks@toad.com
Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION)
Message-ID: <9301261719.AA00224@kolanut>
MIME-Version: 1.0
Content-Type: text/plain



From: thug@phantom.com (Murdering Thug)

tcmay@netcom.com writes:
 

> > from: john.nieder@f33.n125.z1.fidonet.org
> 

> (commenting on the strategy of "taking the 5th" on the matter of
> decrypting one's files)
> 

> > .   Recently this question came up in another forum on encryption  
& an
> > "authority" on communications law claimed the probable scenario  
would be
> > that the arresting agency would have the encrypted material  
decrypted by
> > a competent government or academic agency & the costs of said  
decryption
> > would eventually be recovered from the defendant through civil  
suits,
> > presuming the defendant had sufficient assets.  It is my memory  
of the
> > thread that he claimed this had been done in previous cases.
> 

> With strong crypto, e.g., with 300 decimal digit moduli, the  
"costs"
> of decryption by brute force could easily exceed the GNP/GDP of the
> U.S.

Since none of us have ever been inside the NSA, we cannot  
underestimate
their power and resources.  For all we know they may have 500 Intel  
Delta
supercomputers linked together, each having 65,536 i860-XP/50mhz  
chips.
We really don't know what kind of iron they possess.  Thus we can't  
assume
that they can't factor extremely large numbers easily.

The only way to thwart the NSA is to use an encryption scheme which  
has
been _proven_ uncrackable.  The only one I know of is the One Time  
Pad.

True, but impractical.  I can't conceive of any rational one-time-pad  
key distribution over the net.  Key distribution has to be over a  
guaranteed secure channel.  For RSA, the channel only has to be  
authenticated.  And if NSA can crack RSA, it would be worth having  
one cypherpunk lose one court case to find that out (yup, even if  
it's me...).

Joe