From: jim@bilbo.suite.com (Jim Miller)
Date: Thu, 14 Dec 1995 14:15:15 +0800
To: herbs@connobj.com
Subject: Re: Attacking Clipper with timing info?
Message-ID: <9512140458.AA25132@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain



> >If it could be shown that Clipper chips require a fixed amount
> >of time/current to encode/decode traffic, then we could conclude
> >one of the following:
> >
> >(B1) The NSA knew about the issue and compensated for it.
> 

> Remember those carefully-chosen S-box numbers for DES
> and how, years later, how they just happened to turn out to
> be optimal for defending against the newly-discovered
> (in non-military circles) technique of differential
> cryptanalysis... :-) 

> 


That brings up an issue I occasionally think about...At what point does  
NSA's secrecy become more of a liability than an asset.  Should the NSA  
reveal flaws in crypto-systems in wide use here in the US to protect US  
companies and individuals from attack or should they remain quite so they  
can exploit them in the interests of national security?

Jim_Miller@suite.com