Digression

[Faustine]

Jim wrote:

>"and therefore insecurity"

>Does not follow.

>I would argue that rather the simpler, the stronger.  A simple 
>structure, if it can be broken, would have simple breaks.

So what do you make of this bit from the abstract:

"The security of Rijndael depends on a new and untested
hardness assumption: it is computationally infeasible to solve equations
of this type."

How long do you think that's going to keep it "secure", all things 
considered? 

Even though the Senate Select Committee on Intelligence in '78 cleared the 
NSA of any charges of introducing deiberate weakness into DES by modifying 
the S-boxes, everybody knows they broke it ages ago anyway. Or at least 
that's the way the hearsay and hot air blows. What makes you think things 
are going be any different this time around, the NSA theoreticians aren't 
anymore likely to give up and kick back than they ever were. 

You can do a lot with plaintext/ciphertext and statistical calculation: it 
stands to reason that while most people get stuck nattering on about what 
you can't do computationally, other people are quietly exploring what else 
can actually be done with available resources.  

The smartest, cleverest and most creative prevail, no matter which sector 
pays their paycheck. The effect of intitutional baggage on performance is a 
seperate issue, but as the cypherpunk movement itself shows, it's dangerous 
to discount anyone for not being a part of any given work environment. I 
happen to think fundamental respect for brainpower and ability should go 
both ways. 

~Faustine.