1996-05-21 - Re: Rumor: DSS Broken?

Header Data

From: jim bell <jimbell@pacifier.com>
To: stewarts@ix.netcom.com>
Message Hash: a552ac493597c9d5cde8e7516a060450a8d49157a1c5aab9c285f9800efd1ab4
Message ID: <199605210341.UAA25393@mail.pacifier.com>
Reply To: N/A
UTC Datetime: 1996-05-21 23:47:35 UTC
Raw Date: Wed, 22 May 1996 07:47:35 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Wed, 22 May 1996 07:47:35 +0800
To: stewarts@ix.netcom.com>
Subject: Re: Rumor: DSS Broken?
Message-ID: <199605210341.UAA25393@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 01:05 AM 5/20/96 -0700, Bill Frantz wrote:
>At  8:05 PM 5/19/96 -0800, jim bell wrote:

>>It should occur to all of us that if the NSA was actually doing the job we 
>>are vastly over-paying them to do, it is THEY who should be finding, 
>>exposing, and correcting these kinds of cryptography faults.  Has anybody 
>>ever heard any evidence that the NSA has ever acted in this sort of 
>>responsible role?
>
>I was rather impressed by NSA's role in the creation of DES.  The
>strengthened it against an attack which was not publicly known, and didn't,
>in the process, reveal the attack.  (See AC2.)

Isn't this partly bad, at least?  Sure, if DES was a working, operational 
cryptosystem revealing the attack immediately might be arguably 
irresponsible.  But since it was merely a design, exposing the flaw didn't 
help the enemy or hurt "us."  

Had DES been in use, the NSA could merely have stated, publicly, that "We 
see a flaw in DES, and we will tell you all about it in 5 years.  Enclosed 
is an encrypted description of the problem, encrypted using a single key 
system with a 128-bit key.  Save it for your files.  In five (5) years we 
will publish the key to decrypt that file, and you will then know what we 
know now."

At that point, anybody who then was using DES would have a five year warning 
to replace it.  And the NSA would be unable to change the contents of what 
they were revealing, because they would only be withholding the key.

Also, exposing the flaw in DES could have alerted the developers of other 
cryptosystems to watch for the same attack on their systems.

All in all, I don't think the NSA's near-silence on DES is unambiguously 
commendable.

Jim Bell
jimbell@pacifier.com





Thread