At 10:12 AM -0700 9/2/97, Ray Arachelian wrote:
Uh huh, yeah, we'll be getting the NSA to review security... Joy. I can see it now. "Single DES is very safe. 40 bit keys are more than enough..." Even with Bruce on this, it doesn't warm my trust to them...
Now, Ray, you're being too harsh. When NSA/NIST sought the analysis of Clipper/Tessera several years ago, the distinguished panel met for a weekend in a D.C. area hotel and concluded...drum roll...that Clipper/Tessera was secure. Of course, Matt Blaze broke the Tessera version a few months later.... NSA has long had a dual mission. SIGINT and COMINT to break enemy messages, and COMSEC to help ensure national security through strong crypto. Code breakers and code makers. For government uses, this has worked pretty well, most of us would agree. ICBM launch codes are apparently secure, submarines can communicate securely, etc. (Please don't chime in with anecdotes about Walker.) Some believe they have a role in helping industry to secure its communications. I don't agree. The NSA has no business getting involved in business. Period. NIST (formerly NBS, of course) may have a role, but I doubt even this. --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."