Re: Any truth to rumor that NSA had Public Key Crypto first?

From: David Wagner (daw_at_taverner.cs.berkeley.edu)
Date: 09/28/04

• Next message: David Wagner: "Re: IND-CPA for CFB mode"
• Previous message: Ernest Hammingweight: "IND-CPA for CFB mode"
• In reply to: Roger Schlafly: "Re: Any truth to rumor that NSA had Public Key Crypto first?"
• Next in thread: Roger Schlafly: "Re: Any truth to rumor that NSA had Public Key Crypto first?"
• Reply: Roger Schlafly: "Re: Any truth to rumor that NSA had Public Key Crypto first?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 28 Sep 2004 06:48:34 +0000 (UTC)

Roger Schlafly wrote:
>"George Ou" <533george_ou234@netzero234.com> wrote
>> According to Bruce, the NSA may have been 20 years ahead of the
>> academic community in 1970.
>
>He says:
>It took the academic community two decades to figure out that the NSA
>"tweaks" actually improved the security of DES. This means that back in the
>'70s, the National Security Agency was two decades ahead of the state of the
>art.
>
>But I don't think that's true. I believe that the advantages of
>DES over Lucifer were known much earlier.

I presume he's referring to differential cryptanalysis, which explained
an awful lot about the design of DES and which (supposedly) demonstrates
that the changes made to DES actually improved its security. Those principles
were not openly known in the 70s.

See, e.g., Coppersmith's paper "The Data Encryption Standard (DES) and
its strength against attacks", where he states that many of the principles
of differential cryptanalysis were known (under the name "T attack", T
referring to "tickling" the cipher with a small changes to the plaintext)
to the IBM team that designed DES in the 1970's, but the team did not
publish its knowledge for fear of adverse consequences to national security.
The paper seems quite credible to me.

• Next message: David Wagner: "Re: IND-CPA for CFB mode"
• Previous message: Ernest Hammingweight: "IND-CPA for CFB mode"
• In reply to: Roger Schlafly: "Re: Any truth to rumor that NSA had Public Key Crypto first?"
• Next in thread: Roger Schlafly: "Re: Any truth to rumor that NSA had Public Key Crypto first?"
• Reply: Roger Schlafly: "Re: Any truth to rumor that NSA had Public Key Crypto first?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Any truth to rumor that NSA had Public Key Crypto first? ... It took the academic community two decades to figure out that the NSA ... the National Security Agency was two decades ahead of the state of the ... DES over Lucifer were known much earlier. ... (sci.crypt) Re: FileVault Security Question ... what the NSA knows about cryptography and what the academic community knows appears to be narrower than it was back in the days of DES. ... There have been a few articles that some of our encryption schemes may have some NSA backdoors installed. ... (comp.sys.mac.apps) Re: Wikipedia "Cryptography" reaches Featured Article status ... NSA has characterized DES as one of their biggest ... If NSA had always before used to force their algorithms into silicon ... chips with special "coating", that would clearly tell that NSA did not ... (sci.crypt) Re: Wikipedia "Cryptography" reaches Featured Article status ... a mistake. ... The introduction of DES is considered to have been a catalyst for the ... NSA has characterized DES as one of their biggest ... Certainly the unkeyed Initial Permutation and Final Permutation make no sense for security or for software, but IIRC, it allows hardware registers to be filled in parallel (or something. ... (sci.crypt) Re: Wikipedia "Cryptography" reaches Featured Article status ... So DES was a mistake because it was followed by research? ... Or because the NSA was not able to predict the future very well? ... NBS standardization process and the algorithm ended up being ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint