On 5 Jan 2002, at 7:58, John Young wrote:
This crypto demonization may well intensify as investigations proceed into the government, military and intelligence failure to prevent 911. Whether crypto actually played any role in the attack may be seen as unimportant so long as a convincing story can be promoted that it must have been.
I don't think anyone claims that it "must have been". Rather, the idea that it might have been, or might be useful for future terrorists, is sufficient to demonize it. Similarly, the 9/11 terrorists didn't use guns, but everyone knows terrorists use guns, The idea of cryptography as munitions isn't just metaphor or, if it is, it's a really really good metaphor.
Tim is right that Diffie, Hellman, all the PK early developers, deserve all the credit for making PK public and the British deserve none for their compulsive secrecy. And it may be only academic as to who invented PK. Still, it is worth learning what the possibilities are for attacks on PK, especially in the light of its unparalleled reputation for public use, or, as David Kahn said, its value as "the single most important invention in the history of cryptography."
I'd rank it number 2, after key based encryption. But the concept of key-based encryption seems to me to be relatively obvious (I could have invented it myself if it hadn't been invented already) whereas the idea of public key encryption seems (to me at least) to be counterintuitive and utterly brilliant.
That sort of language makes me nervous about what lurks in the heart of PK, its invention, its leak, its liberation, its widespread public use, its seeming impregnability. A fair amount of the reputation of PK is comparable to a sophisticated sting -- the kind Kahn richly documents throughout the history of cryptography.
If liberation of cryptography is a sting, what role of cpunks in that? What role vainglory in falling for the allure of anti- authority as the sting unfolds. Levy has words about this, although I have no reason to believe his early vaunting of cypherpunks was part of a wider scheme, nor his recent book. But, still, wizened cryptographers, as Kahn documents, claim you cannot ever be too paranoid.
To the extent that paranoia represents a genuine disorder, paranoia refers not to an excessive amount of distrust or precaution- taking, but rather an unrealistic assesment of risks. Carrying a gun around alll the time isn't paranoid. Carrying around cobra antivenom is (assuimng you have no particular reason to expect cobra attacks). The idea that there could be a back door in something as basic as the CONCEPT of public key encryption strikes me as being absurd.
Whatever NSA releases on pre-Diffie PK, it will not be the truth but probably convincing to the believers in fairy tale crypto protection. The Brits way of leaking PK history to accomplish a hidden task or ability is similarly suspicious.
I'd call it "irrelevant" rather than "suspicious". Any time an academic cryptologist discovers something (PK encryption, linear cryptanalysis, differential cryptanalysis..) there's always some spook there claiming he knew about it years earlier. Maybe it's true, maybe it isn't, who cares? If you make a discovery and hide it, you may as well not have made it, and that really is all there is to say on that particular issue. George