[Cryptography] RSA is dead.

Jerry Leichter leichter at lrw.com
Tue Jan 21 22:18:21 EST 2014 

On Jan 21, 2014, at 6:30 PM, William Allen Simpson wrote:
>> NSA has had a surprisingly good reputation pretty much until Snodownia.  Before their involvement with DES, no one really knew anything about them - but every interaction I've ever heard of with NSA people left the impression that they were extremely bright and extremely competent.  (A friend who, many years ago interviewed with both CIA and NSA, thought the interviewers for the former were a bunch of bumbling idiots, while he was very impressed with the latter.  He never took a government job, however.)
>> 
> No.  NSA had a good reputation in the '60s.  I even recommended a friend for a
> position there in the mid '70s.  (AFAIK, he's still there.)
> 
> By the '90s, its reputation was dirt.  Because, other than what was known or
> suspected about DES, every action they took was to inhibit public use of
> cryptography....
You're talking reality, I'm talking reputation.  I don't disagree with you that NSA, behind the scenes, was engaging in all sorts of shenanigans (to put it very mildly).  While that may have been known in some communities most directly affected, I can tell you - having *not* been part of those communities, but being somewhat involved in both the academic and crypto-*using* commercial communities at the time - that NSA's public relations efforts were quite successful.  For example, you mention the sad history of Photuris.  For most of us on the outside, this all just looked inexplicable - or perhaps a commercial power play.

NSA played the game very well.  Key escrow?  40-bit limitations?  The names that were visible were not NSA - they were politicians.  I actually had to work with NSA to get export approval on a product in the 40-bit days.  They were somewhat slow to respond - no surprise, they were after all a government bureaucracy - but what they had to say was reasonable, within the context of a policy they enforced.  (Approval for export moved from NSA to State while we were in the middle of the process, and we ended up losing interest anyway for our own internal reasons.  We didn't implement crypto in our product until many years later, by which time the process had turned into little more than filing some paperwork to which you never got a response - which meant automatic approval after 30 days.)

Look, I'm not defending NSA.  I'm telling you that I, and many other people I knew, and from what I could see most members of the broader community, were fooled by their charm offensive.  If you found little support in those years - this is why.  You were out-maneuvered by some of the best professionals in the business.
                                                        -- Jerry

More information about the cryptography mailing list