[Cryptography] crypto standards and principles
Ray Dillinger
bear at sonic.net
Tue Feb 3 19:19:47 EST 2015
On 02/03/2015 02:46 PM, John Denker wrote:
> Be that as it may ... the NSA still keeps secret the workings
> of its own most-advanced systems. AFAICT there are only two
> possible explanations for this:
> 1) They think their best system might get broken if the
> adversaries found out how it worked.
> 2) Many other systems are already broken, and they don't
> want unbreakable crypto to fall into the hands of others.
> This surely leaves friendly non-top-secret communications
> vulnerable, in violation of Rowlett's maxim.
>
> Either way, it's not very flattering to the NSA.
Agreed.
No matter why someone fears releasing knowledge, fear reveals
weakness.
Keeping keys secret is part of what the NSA is for. Keeping
cryptosystems secret is pathetic, idiotic, and counterproductive.
If they are afraid others might break the ciphers, and they
have not, that's pathetic; it would mean they have lost the
lead and they know it.
If they are afraid others might learn how to make secure
ciphers from their designs, that's stupid; others already
know how to make secure ciphers.
If those systems are insecure, that's stupid; The longer
such secrecy keeps people from discovering that insecurity,
the more exposed they become and the more secrets they have
exposed to their enemies.
If those systems are secure, that's pointless and
counterproductive; in that case they've nothing to lose by
releasing them and gain nothing by keeping them secret.
Bear
More information about the cryptography
mailing list