"Perry E. Metzger" <perry@imsi.com> writes:
On the other hand, the people in the black community have the advantage that they can read anything that the open community produces but not vice versa, and they have at least a 15 year edge in knowledge about the design of conventional systems, and who knows (we certainly have no idea) how much of an edge in the modern cryptographic arena.
Such a situation does not apply solely to the NSA. There are, for instance, secret lodges of French mystics who devote themselves to higher mathematics, absorb everything the open community produces, and rarely publish anything or draw attention to themselves. They solve problems, write secret manuscripts, put them on shelves, and have been doing this for centuries. Perhaps the ultimate factoring algorithm already exists within their walls. We would never know if it did, unless they chose to tell us. The NSA is very good at solving problems that require "acres of Crays". They are crack numerical analysts and algorithm designers. They also make nice block ciphers. I do not think, however, that they have deeply profound insights into the complexity of computation that exceed those of the University community, and certainly not by 15 years.
We don't know for sure if the NSA knew about Public Key before the open community did. Certainly they knew of differential cryptanalysis and similar techniques, and they must know quite a lot that we don't.
Rumour has it that the NSA nearly had a collective epileptic fit when they realized the implications of Public Key Cryptography. Yes, they did invent differential cryptanalysis and some other techniques before outsiders thought of them, but I'm unsure this implies some great cabal of hidden knowlege on their part. It is more likely a case of throwing research dollars at a problem which had not yet captured the interest of researchers outside the intelligence community.
Overall, I'd say that in the long run the open community is going to catch up regardless of what the NSA likes. That does not mean, however, that this is going to happen particularly soon, or that they don't still know decades more than we do.
I think the NSA has lost its edge completely in the last decade, as cryptographic research in the open community has taken off. It is much the same sort of situation experienced by IBM, when they were slow to catch on to the paradigm shift created by distributed computing and workstations, and companies like Sun rose from nowhere to become major players. If the NSA were a corporation, they would be apologizing to their shareholders, restructuring, and trying to identify a market niche they could continue to be a player in. Since they are funded by government, we don't see them doing this, but it is absurd to suggest that they are still decades ahead of the rest of the world in basic research and technology. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $