[45359] in Cypherpunks
Re: Attacking Clipper with timing info?
daemon@ATHENA.MIT.EDU (Jim Miller)
Thu Dec 14 00:21:03 1995
From: jim@bilbo.suite.com (Jim Miller)
Date: Wed, 13 Dec 95 22:56:49 -0600
To: herbs@connobj.com
Cc: rittle@comm.mot.com, cypherpunks@toad.com
Reply-To: Jim_Miller@bilbo.suite.com
> >If it could be shown that Clipper chips require a fixed amount
> >of time/current to encode/decode traffic, then we could conclude
> >one of the following:
> >
> >(B1) The NSA knew about the issue and compensated for it.
>
> Remember those carefully-chosen S-box numbers for DES
> and how, years later, how they just happened to turn out to
> be optimal for defending against the newly-discovered
> (in non-military circles) technique of differential
> cryptanalysis... :-)
>
That brings up an issue I occasionally think about...At what point does
NSA's secrecy become more of a liability than an asset. Should the NSA
reveal flaws in crypto-systems in wide use here in the US to protect US
companies and individuals from attack or should they remain quite so they
can exploit them in the interests of national security?
Jim_Miller@suite.com
