[Cryptography] Opening Discussion: Speculation on "BULLRUN"

Kevin W. Wall kevin.w.wall at gmail.com
Fri Sep 6 21:52:14 EDT 2013


On 9/6/2013 1:05 PM, Perry E. Metzger wrote:
> I have re-read the NY Times article. It appears to only indicate that 
> this was *a* standard that was sabotaged, not that it was the only 
> one. In particular, the Times merely indicates that they can now 
> confirm that this particular standard was sabotaged, but presumably it 
> was far from the only target. 

WEP was so bad it's hard to think anyone could have done that intentionally.
OTOH, stupidity usually wins out over malice.  Besides, I don't believe 
that WEP
fits the other attributes of the story.

But seriously, sabotage can manifest itself in a lot of different ways. 
Perhaps their
HUMINT promoted attitudes of jealously and backstabbing. Those means would
likely be more efficient means to get something you want. Eventually 
everyone
gets weary and will agree on practically anything even if it isn't near 
optimal,
especially it it had been suggested early on and then discarded because the
committee decided they could do better. There's also politics, bribes, 
and other
gratuity they might offer.

There's more than one one to dumb down standards besides just suggesting
the wording of some crypto details which is what everyone seems to be
assuming they did. Maybe all they did was encourage an dumb idea that
someone else offered.

-kevin
--
Blog: http://off-the-wall-security.blogspot.com/
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents."        -- Nathaniel Borenstein


More information about the cryptography mailing list