CDR: RE: Musings on AES and DES
Bill Stewart
regsupport at netscape.com
Tue Oct 10 01:32:57 PDT 2000
At 03:08 AM 10/10/00 -0400, Lucky Green wrote:
>John wrote:
>> NIST has stated that the maximum endorsement will be to use
>> AES for non-classified government information. So the question
>> will remain of what is better than AES, or to put it another way,
>> what is not good enough about AES for its use on classified
>> information.
>
>A more likely explanation of the NSA withholding endorsement of AES for use
>with classified traffic is that doing so would dejustify the continued
>existence of the code-making groups at NSA.
That's certainly a big part of it.
NSA has also always had the policy that they and only they will decide
what's strong enough for military use, partly because they
know what they (and possibly the KGB) can crack,
and they know that everything the commmercial world offered before DES,
and much of which it offered before PGP and before EFF's Deep Crack,
was either Snake Oil or DES implementations of varying quality
(e.g. some had inadequate random number generators for keys).
They also had a policy of not letting their crypto tech out,
because that would give the Commies technology as good as theirs,
which they desparately didn't want, and while security by obscurity
isn't real security, it still helps reduce attacks by less capable
cryptanalysts and makes data collection harder for the KGB,
or for other people they might want to hide stuff from,
like the Brits or French or Israelis.
Thanks!
Bill
Bill Stewart, bill.stewart at pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
More information about the cypherpunks-legacy
mailing list