1996-04-14 - carrick, Blowfish & the NSA

Header Data

From: Jerry Whiting <jwhiting@igc.apc.org>
To: cypherpunks@toad.com
Message Hash: 22eef6bd3e1e5219758d4be1bd91d41d6fddf22fa3fc3a493105b3bfd113e3b4
Message ID: <199604140412.VAA24649@igc2.igc.apc.org>
Reply To: N/A
UTC Datetime: 1996-04-14 07:33:58 UTC
Raw Date: Sun, 14 Apr 1996 15:33:58 +0800

Raw message

From: Jerry Whiting <jwhiting@igc.apc.org>
Date: Sun, 14 Apr 1996 15:33:58 +0800
To: cypherpunks@toad.com
Subject: carrick, Blowfish & the NSA
Message-ID: <199604140412.VAA24649@igc2.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain

One reason we chose to use Blowfish as the basis for carrick is that it _is_ a new algorithm.  One has to assume that the NSA et al. has tools optimized to crack DES and possibly IDEA/RSA.  At least let's give them something else to sweat over.  In the short term there's a high probability that a cross-platform Blowfish-based encryption toolkit will muddy the waters and make life interesting for us and a bit more challenging for them.

We're shooting for a May 1 release for Windows with the Mac and DOS 6 weeks behind and VAX/Sun a month after that.  We're aiming for the stars: encryption, time/date stamps, signatures, message digests, etc. all based on Blowfish.  We're doing a core engine with APIs, a standardized file format, and extensability for other developers.  We're very committed to making the spec including the API and file format VERY PUBLIC.  Like I said, we're aiming high.

So yes, if we're successful Blowfish should be taken more seriously.  And yes, when I outlined the above to the NSA while asking for an export permit, I was met with silence on the phone.  I can't wait to meet with them mid-May when they come out to visit.  My sense is that some junior level person(s) looked at Blowfish when Bruce originally published it in Dr. Dobb's and that their report was filed away waiting for the day when someone actually used it in the real world.

Our marketing tag ("Encryption software so good, the Feds won't let us export it.") may well become a self-fulfilling prophecy.  But that's OK because having others adopt carrick is our real goal.  Building up a strong U.S. user base is OK while we wrestle with the NSA over how big a key length we can export.  Their initial response was that 40-bit keys were specific to RC2 and RC4 and that Blowfish was another kettle of fish (bad pun intended).

Either way we're going to publish an extensive FAQ on carrick that should allow someone to not only work with carick but perhaps clone our efforts.  IANAL but my understanding is that publishing such a document, with or without source code, and making it publicly available to non-U.S. citizens is perfectly legal.

So NSA if you're reading this: This may be yet another example of locking the barn door after the genie is out of the bottle.  Prohibiting us from exporting carrick the product is pointless if we're allowed to fully document carrick the API and file spec.

    Jerry Whiting         jwhiting@azalea.com         1 800 ENCRYPT