Just two small points. First NSA's two missions are protecting classifed US communications and penetrating those of everyone else. Neither is aided at all by publication of NSA developed cipher technology. Seems particularly silly to assume that no matter how much NSA mathematicians and engineers might like to publish that the agency would let them if by so doing they made their job harder in either the short or long term. And certainly it is not in the agencies interest to publish much of anything ex-officio either. So it is really kind of stupid to complain that they must not be any good because they have not contributed to the published body of work that constitutes the infant modern science of mathematical cryptography when the existance of and quality of that body of knowlage is their greatest long term challenge. NSA's mission depends critically on others underestimating NSAs capability and overestimating their own skills at making and breaking codes. If those whose codes NSA has cracked thought they could be cracked they would not have used them (would have used one time pads or some other technology that is truly secure instead). It is thus obviously not in NSAs interest to allow the world to know just what they have developed and when, especially if by so doing they frighten the codemakers in the rest of the world into using more secure technology, and certainly so if by thus admitting they can be seen to be endorsing a particular technology that they have in fact been using in US codes because they think it secure. This brings up the second point. IS NSA really presuring RSA because they fear the security of the RSA exponentiation algorithms or because they can break them and hope to induce people to use use them by seeming afraid of them ? What would be a better endorsement of a security product than that the NSA wanted it banned because it was too good ? Or would it ? I personally find it extremely hard to believe that Clipper/Skipjack is not riddled with holes and backdoors since it seems inconceivable that NSA would allow a NSA technology that could be used effectively against them to be circulated world wide. They can't really believe that the anti-reverse engineering stuff will protect them against foreign goverments and other well funded research organizations for long, and they admit to having known of Blaze's checksum hack so it seems likely that anything one could extract from reverse engineering the chip and algorithm is flawed in some more subtle way. Weak Keys ? Or do they have a general method of solving DES like ciphers ? Dave Emery N1PRE die@pig.jjm.com