At 7:24 AM -0400 10/17/00, John Young wrote:
The question occurs: did PK crypto get leaked on purpose? How was it done?
I'm not sure what your implication is, though I have some suspicion you are insinuating that the NSA and Company knew PK was somehow weak and so it leaked it. Well, several points: 1. The public part of the process (not counting the Brits and possible collaborators who may have invented something very similar some years earlier) included several folks many of us know quite well: Whit Diffie, Martin Hellman, and Ralph Merkle are all Bay Area folks from Stanford and Berkeley, then. And Rivest, Shamir, and Adleman are also well known. They have not hinted that they were fed information from NSA, or that key results mysteriously appeared on their desktops one night. Conclusion from this: a deliberate leak seems unlikely. 2. The ideas were "in the air" at the time. Merkle had done some interesting work on speculating about "puzzles" which might be used for encryption. I believe this work went back to around 1974-5, when he was a grad student at Berkeley. His notion was that some problems are easy to work out in one direction, but hard in the other direction. (Think of what we now routinely call one-way functions.) (By the way, there are comments from the 19th century along similar lines, even mentioning cryptography. I think some of the review articles on public key have mentioned these historical comments.) Merkle does not seem to be the kind of person who either would be working for the NSA or whom the NSA would pick to be a conduit for leaked secrets. 3. Ditto in spades for Whit Diffie. And Martin Hellman was, at that time, an active anti-war activist ("Beyond War"). Seems unlikely that NSA would pick them. 4. Once the Diffie-Hellman-Merkle early papers on the ideas of public key systems were out, Rivest-Shamir-Adleman worked on alternatives to the knapsack algorithm. The result was what we know of as RSA. At no point do I see persuasive evidence that PK and/or RSA were "leaked on purpose." Whit Diffie sometimes shows up at Bay Area Cypherpunk events, so someone could ask him. Though I expect he's tired of hearing conspiracy theories. --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.