[Cryptography] A different explanation of the Snowden documents

[Phillip Hallam-Baker]

We have all seen what happens when an organization have a clear set of
priorities, a set of aggressive metrics used to evaluate progress and an
'up or out' culture: The middle managers massage the figures to meet the
metrics.

So China might be going through an economic boom or a bust but the official
figures won't show the difference because they bear no relation to reality.
Are the leaked NSA documents possibly the result of the same cultural
effect?


I am specifically thinking of claims like the purported vulnerabilities
introduced into security specs. So far we have detected the NIST random
number generator but that was spotted at the time. There are a few areas
where DoD contractors have dominated IETF process but the result has not
been to block changes to the standard, the standards have instead been set
outside IETF process.

So I see the following possibilities

1) The NSA documents are genuine

2) The NSA documents are a hoax

3)  The NSA documents are the result of structural self delusion.

I discount 2 and at least some documents are describing real programs. But
I am starting to think that some of the programs maybe work about as well
as that missile defense scheme they have never tested without fudging the
result so it succeeds.


Imagine you are a Major in the NSA and Alexander has taken over and the
only way he knows to win a war is to destroy the opposition (rather than
not start it). You have ten years of working constructively with the IETF
etc. to improve the security of Internet standards. How do you present your
work?

-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131022/14fdcc93/attachment.html>