[7139] in cryptography@c2.net mail archive
Re: Critics blast Windows 2000's quiet use of DES instead of
daemon@ATHENA.MIT.EDU (John Kelsey)
Fri May 19 09:25:39 2000
Message-Id: <4.1.20000519005042.0091c570@email.plnet.net>
Date: Fri, 19 May 2000 00:56:14 -0500
To: Russell Nelson <nelson@crynwr.com>, cryptography@c2.net
From: John Kelsey <kelsey.j@ix.netcom.com>
In-Reply-To: <14627.59509.64676.664435@desk.crynwr.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
At 08:58 AM 5/18/00 -0400, Russell Nelson wrote:
>L. Sassaman writes:
> > PGP's source code has always been available for public review.
> > This has not changed. There are no "back doors" for the NSA in
> > PGP,
>
><paranoia>Unless they are particularly subtle ones, based on a
>mathematical understanding that is not yet publicly known. Remember
>that the NSA knew about differential cryptanalysis well before
>anyone else. Times have changed, but maybe less than we
>think.</paranoia>
If there are weaknesses that the NSA didn't put there, they're holes,
not back doors. If the NSA knows how to break some of the algorithms
(IDEA, CAST-128, 3DES, RSA, SHA1, El Gamal, etc.), that's still not a
back door, it's a successful cryptanalysis. It seems very unlikely
to me, but maybe an F-16 would have seemed pretty damned unlikely to
Orville Wright, too.
On the up side, if NSA knows how to break (say) CAST-128 with few
enough resources to be useful (e.g., 2^{80} work, 2^{40} memory, a
few thousand known plaintexts), that fact will be kept secret. Which
means that they will have to be *very* careful making any use of
information recovered from that break, to avoid leaking the fact that
they can break it.
>-russ nelson <sig@russnelson.com> http://russnelson.com
- --John Kelsey, kelsey@counterpane.com
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 Int. for non-commercial use
<http://www.pgpinternational.com>
Comment: foo
iQCVAwUBOSTXcSZv+/Ry/LrBAQENeAP/VL1RU+d6ClOD+hvoeY20r1XmyJ5eLvms
isjHq0NuK05Rs3kJ0Hnpx1qv0kB9h2DiMOGLO/Z+lWjCt93F4z6t7aRDQGVKhNPK
LM+Pv9bTyywLpPPAYDYUIvJQjSUcF63OiSpCDpWmVMO6BY2Vdp/9Mh5qvWZ+8Td5
3BpMyMpKBgY=
=WBJe
-----END PGP SIGNATURE-----
