John wrote:
A more likely explanation of the NSA withholding endorsement of AES for use with classified traffic is that doing so would dejustify the continued existence of the code-making groups at NSA. --Lucky Green <shamrock@cypherpunks.to> "Anytime you decrypt... its against the law". Jack Valenti, President, Motion Picture Association of America in a sworn deposition, 2000-06-06
At 03:08 AM 10/10/00 -0400, Lucky Green wrote:
That's certainly a big part of it. NSA has also always had the policy that they and only they will decide what's strong enough for military use, partly because they know what they (and possibly the KGB) can crack, and they know that everything the commmercial world offered before DES, and much of which it offered before PGP and before EFF's Deep Crack, was either Snake Oil or DES implementations of varying quality (e.g. some had inadequate random number generators for keys). They also had a policy of not letting their crypto tech out, because that would give the Commies technology as good as theirs, which they desparately didn't want, and while security by obscurity isn't real security, it still helps reduce attacks by less capable cryptanalysts and makes data collection harder for the KGB, or for other people they might want to hide stuff from, like the Brits or French or Israelis. Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
It could be that AES will be used as part of an ensemble for protecting classified information. The few Type 1 systems that are publicly described never use only a single algorithm without supplementary programs for enhancing cryptanalytic protection. Belt and suspenders and probably additional support in hardware systems not spelled out. Presumably there are software and hardware add-ons which are easily not available and which could counter known cryptanalytic methods of cracking and of tampering, some of which have been mentioned here recently. This would conform to military doctrine which states that it must be assumed that the enemy knows everything you do, but lacks information on when, where and how you will apply what you know. Thus the need for multiple strategies, multiple weapons, multiple programs of disinformation, ploys, strategems, betrayals and theft of secrets. Recall the program NSA and CIA runs to break-in to get what cannot be electronically intercepted. Similarly, brute force to attack software is matched, indeed, amplified, by brute force to physically steal. As with the long-standing practice of the FBI and domestic law enforcement agencies. So AES could be seen as a consumer assurance technology, to deter the ordinary burglar and biz-bandit like yourself, but in no way impede a global intelligence cartel which believes it has a right to everybody's private affairs. Have a read of USSID 18 over at the National Security Archives which ostensibly prohibits the NSA from spying on Americans. Parts of it are remarkably similar to gov statements on AES, the parts that assure trustworthinesss of the authors. No military professional would believe any such fluff was anything more than artful deception. None of these remarks are directed at the AES competitors, but at the purpose of the public competition and disavowals that have accrued during it. The fine print, very fine, virtually invisible ploys.
participants (3)
-
Bill Stewart -
John Young -
Lucky Green