1994-06-23 - Re: Thoughts on the NSA’s correction to SHA

Header Data

From: jktaber@netcom.com (John K. Taber)
To: cypherpunks@toad.com
Message Hash: d1825dd8a30f0842169c5928a3f6c8170f2cd44131956f6ebeb135aa11782fab
Message ID: <199406230102.UAA28921@netcom12.netcom.com>
Reply To: N/A
UTC Datetime: 1994-06-23 01:03:02 UTC
Raw Date: Wed, 22 Jun 94 18:03:02 PDT

Raw message

From: jktaber@netcom.com (John K. Taber)
Date: Wed, 22 Jun 94 18:03:02 PDT
To: cypherpunks@toad.com
Subject: Re: Thoughts on the NSA's correction to SHA
Message-ID: <199406230102.UAA28921@netcom12.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Forwarded message:
> 
> 
> >The very fact that this correction had to made offers some
> >insights into the National Security Agency.
> >
> >I believe that releasing DES to the public was the biggest
> >cryptography mistake that NSA ever made.  Consider the state of
> >research in cryptology before DES.  It was simplistic.  It was
> >haphazard.  There was little interest.  If any results of value
> >were ever discovered, the NSA could squash them with a secrecy
> >order.  No one cared.
> >
> 
> There is one problem with this analysis: 
> 
>   IBM created DES. Not the NSA. Sure the NSA could have asked them to keep
>   it hidden, but the NSA was also going to IBM and warning them
>   about Russians evesdropping on IBMs networks. Everyone realized it
>   was time for public cryptography. Especially IBM. It is not clear
>   that a secrecy order would have worked. 
> 
> This is not to say that your analysis is wrong. They classified the
> design procedures which was their attempt at a compromise. IBM couldn't
> publish the details of how to make a good algorithm, but they could
> release the details of the standard. 
> 
> 
> 

Well, yes, IBM did create DES.  But the NSA against its better judgment
blessed the effort, and by my guessing helped tremendously.  I have heard
rumors that NSA *does* say it was their biggest mistake, and never again.

There is no way I can prove a rumor, but I put a lot of credence in these
particular rumors.  I speculate that it was Bobby Inman who ordered NSA
to facilitate IBM.




Thread