Re: Wikipedia "Cryptography" reaches Featured Article status

Roger Schlafly wrote:
I question the following claim that NSA said that DES was
a mistake. Can anyone confirm it? I suspect that a lot of
people in NSA consider DES a big success.


From Wikipedia:
The introduction of DES is considered to have been a catalyst for the
academic study of cryptography, particularly of methods to crack block
ciphers. Bruce Schneier writes:

"Off the record, NSA has characterized DES as one of their biggest
mistakes. If they knew the details would be released so that people could
write software, they would never have agreed to it. DES did more to
galvanize the field of cryptanalysis than anything else. Now there was an
algorithm to study: one that the NSA said was secure."
http://en.wikipedia.org/wiki/Data_Encryption_Standard

I have seen claims that NSA thought it would only be implemented in hardware. Certainly the unkeyed Initial Permutation and Final Permutation make no sense for security or for software, but IIRC, it allows hardware registers to be filled in parallel (or something. I don't understand hardware). The first product with DES that I was aware of was hardware (for network communications) or at least had no customer-accessible software.
DES and RSA did bring crypto to the public, which some at NSA did not like at the time. But restricting circulation of DES's details would I think only have postponed that public awareness.
I agree that "Off the record, NSA has x" is not a good construct for an encyclopedia, more or less independent of "x". There's enough unfounded speculation about NSA on the Internet as it is. In any event it should be "If they had known" rather than "If they knew".
The "DES did more ..." sentence looks good.

--Mike Amling
.

Relevant Pages