[Cryptography] NSA versus DES etc....

John Denker jsd at av8n.com
Fri Oct 3 15:48:43 EDT 2014

On Oct 1, 2014, at 1:33 PM, ianG <iang at iang.org> wrote:

>> One point for:  Suite A and friends, which remains a heavily shared secret.
>> One point against:  In this particular place called cryptography, there
>> is a frequently repeated aphorism "the enemy knows my algorithm"
>> recently attributed as Shannon's maxim and historically as Kerckhoffs'
>> 2nd Principle.

OK, that's a balanced view.

On 10/02/2014 08:35 AM, Jerry Leichter replied:

> One can read way too much into this rule.  There's a countervailing
> principle:  Defense in depth.  Your data is protected (a) by the
> secrecy of your algorithm; (b) by the secrecy of your code.  The
> enemy needs *both* to read your data.  Why give him one for free?

Defense in depth ("belt and suspenders") makes sense sometimes
... but if you go to far ("belt and suspenders and crazy glue") 
it can defeat important parts of your core mission.  As a good 
rule of thumb, I tell my customers /not/ to pour crazy glue 
into their pants.

As for crypto in particular:  The opposite of Kerckhoffs's
principle is called "security by obscurity" and is held in
contempt by serious cryptographers and security experts.

You don't need to make a virtue of disclosing the algorithm, 
but if you /rely/ on non-disclosure you are doing something 
wrong.  Among other things, you will hesitate to put your 
best crypto into the field, for fear that the algorithm will
be captured.


More generally, I am astonished by the amount of traffic on 
this list attempting to justify NSA actions that are by any 
objective standard unwise or illegal or both.

Of course we want to /understand/ where the NSA is coming
from, but that does not require rationalizing or justifying

There are actually some rather simple ways of understanding
the observed behavior.  For starters:  Follow the money.

The US "black budget" is on the order of 50 billion dollars 
per year.  Over the course of ten years, that starts to add 
up to real money, something like half a trillion dollars.
    That can be compared to the "nominal" cost of the Iraq 
    war, namely a couple trillion expended so far (not counting 
    various accrued liabilities).
In any case, it stands to reason that bureaucrats will fight 
over the money, and fight intensely.  I've seen people go nuts
over a lot less than that.

a) Of that, the amount spent on code /breaking/ completely 
dwarfs the amount spent on code /making/ i.e. information 
assurance (IA).  So it stands to reason that in any bureaucratic
knife-fight the IA guys are going to lose.

b) As a related point, they guy who /benefits/ from codebreaking
knows where the benefits are coming from, and is willing to pay.
In contrast, the guy who /suffers/ from codebreaking is usually
slow to find out what the problem is, and therefore unwilling to 
pay for security (until it's too late).  So this is another reason
why in any bureaucratic knife-fight, the IA guys are going to lose.

I emphasize again:  These explanations are /not/ justifications.
The fact that the NSA feels obliged to lie to Congress about
what they are doing indicates that even they know it is wrong.

It is bizarre for the US taxpayers to be paying the NSA to spy
on them and (!) to leave them open to spying by foreign powers.
The NSA has repeatedly taken actions that are self-defeating in
terms of their stated mission.  Their actions are unconstitutional.
Even if they were constitutional they would be illegal.  Even if
they were legal they would be bad public policy.

 ++ [The method] should not require secrecy, and it should not
  be a problem if it falls into enemy hands.
                     -- Auguste Kerckhoffs

 ++ The enemy knows the system.
                     -- Claude Shannon

 ++ In the long run it is more important to secure one's own 
  communications than to exploit those of the enemy.
                     -- Frank Rowlett

 -- Let's create a situation where our friends can be spied
  upon more easily than our enemies."
                     -- NSA policy for 40+ years

More information about the cryptography mailing list