[14713] in Cypherpunks
Re: Black Eye for NSA, NIST, and Denning
daemon@ATHENA.MIT.EDU (Adam Shostack)
Fri Jun 3 18:34:14 1994
From: Adam Shostack <adam@bwh.harvard.edu>
To: na5877@anon.penet.fi
Date: Fri, 3 Jun 94 18:28:27 EDT
Cc: cypherpunks@toad.com
In-Reply-To: <9406032148.AA09753@anon.penet.fi>; from "deadbeat" at Jun 3, 94 9:48 pm
deadbeat wrote:
| On the one hand, I applaud Dr. Blaze for the discoveries based on his
| black-box analysis of the NSA product. How fortunate to have him
| working in a laboratory seeded with this gear.
|
| On the other hand, I am amused at the "big deal" being made about such
| a minor result. This "protocol failure" exposes the NSA product to no
| new threats. If one's objective is to use SKIPJACK but to defeat key
| escrow, pre-encryption is easier, conceptually simpler, and may be more
| secure, depending on what is actually inside the SKIPJACK code.
Actually, Blaze's work does nullify one important aspect of
Clipper that pre-encryption does not address, and that is traffic
analasis.
Adam
--
Adam Shostack adam@bwh.harvard.edu
Politics. From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.
