[Cryptography] NSA and cryptanalysis

Anne & Lynn Wheeler lynn at garlic.com
Mon Sep 2 14:05:19 EDT 2013

recent post with email discussing PGP-like implementation ... a decade before PGP in financial crypto blog
and then a little later realizing there were 3-kinds of crypto (when I was told I could make as many boxes as I wanted ... but could only sell to a certain gov. agency).

In the late 90s, I worked on crypto chip for financial applications ... I would facetiously talk about taking a $500 mil-spec chip and cost reduce by 2-3 orders of magnitude while making it more secure (final objective was well under a dollar). Part of the objective was also to eliminate all the vulnerabilities that payment chips being done primarily in Europe were prone too. Long winded thread in financial crypto blog

About that time, I was also approached by the transit industry to make the payment chip meet transit turnstyle requirements (while not reducing any security) ... this was a contactless chip being able to do crypto operation in 1/10th sec elapsed time and power profile of contactless transit turnstyle operation.

RSA chips at the time were really large implementing 1024-bit arithmatic requiring enormous power and contact operation to get time in a few seconds. It turns out I could have a AADS chip strawman with ECC that was higher integrity *AND* could meet the transit industry turnstyle contactless power & elapsed time profile. some past references to AADS chip strawman

I was also asked to give presentation at Intel trusted computing ... gone 404 but lives on at wayback machine

one of the problems in the early part of the century was that I wanted to go for higher than EAL4+ evaluation ... but NIST(somebody) pullled the ECC evaluation criteria ... and since ECC was part of the chip silicon ... w/o the ECC evaluation criteria ... I had to settle for EAL4+.

Possibly part of the issue with AADS chip strawman was I approached it as purely a cost issue ... and the objective was to eliminate all possible costs from the whole infrastructure ... the side effect of course, it also eliminated all related profit.

virtualization experience starting Jan1968, online at home since Mar1970

More information about the cryptography mailing list