From: John Young <jya@pipeline.com>
Date: Wed, 23 Nov 94 05:33:20 PST
To: cypherpunks@toad.com
Subject: (Fwd) Re: NSA seems to be lobbying against bank use of triple-DES
Message-ID: <199411231332.IAA11421@pipe1.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain



Forwarding Cyberia-L mail by: dcain@pioneer.uspto.gov (David 
Cain) on Wed, 23 Nov  7:8  AM
-------------------

 John Thomas writes:

> It's clear that NSA is opposed to triple-DES because it 
cannot break it.
> I'm not supprised the banks are going ahead even if 
triple-DES cannot be
> exported; it will be trivial to develop the hardware 
overseas, since all
> the algorithms are public.

Although NSA will neither confirm nor deny <grin> one of the 
fundamental principles of cryptography is that any encryption 
system which cannot be broken is also inefficient - like the 
one-time-pad.  NSA may be concerned with allocation of CRAY 
resources, but I doubt they are concerned about the viability 
of breaking triple-DES.

One of the most important concepts of cryptography is that 
false security is worse than poor security, for if you are 
aware of a system's vulnerability, you can guard the weak 
points.  NSA's point that layering encryptions not only doesn't 
strengthen the security, but may create patterning that is more 
susceptible to differential analysis than a single DES pass, is 
an important one.  More is frequently less in crypto.

Now, I have no more insight into NSA motivations than the next 
shmoe, but the objections they raise are legitimate from a 
security standpoint.

As for independent creation in Europe, there is a component to 
"real" hardware DES which is classified.

dc
Primary Examiner USPTO
Cryptography

  David Cain                   *  
  Speaking for no one          *  Escape to find the shining 
light   dcain@uspto.gov              *   Borne within evolving 
sight  dcain@osf1.gmu.edu           *