Interesting People mailing list archives
FYI: Re: Re Dorothy Denning's knock on the Sobel DSS summary
From: Dave Farber <farber () central cis upenn edu>
Date: Wed, 19 May 1993 19:05:38 -0500
------ Forwarded Message Posted-Date: Wed, 19 May 93 12:47:52 -0700 Date: Wed, 19 May 93 12:47:52 -0700 From: godsdog () netcom com (Mitch Ratcliffe) Message-Id: <9305191947.AA00359 () netcom3 netcom com> To: farber () central cis upenn edu Subject: Re: Re Dorothy Denning's knock on the Sobel DSS summary Dave -- I'd just like to point out that Dorothy's comments on David Sobel's summary of the DSS controversy are way off base. In no sense was NIST doing things in a standard way. At first, they claimed to have developed the DSS. MacWEEK reported in November 1991 that the NSA had admitted it developed the Digital Signature Algorithm used in the DSS. A flurry of letters complaining that the public comment period was inappropriately short, especially in light of the inaccurate description of the algorithm's origin, forced NIST to extend the comment period. The records of the DSS development are still incomplete, despite CPSR's success with its FOIA request. No one outside the government is convinced the DSS is as robust as RSA. If the NIST documents acquired by CPSR are any indication, few inside the government believe DSS is as secure as RSA. Now that the DSS is being folded into the Clipper and Capstone chips, there is all the more reason for concern that all the technical information about the DSS is not available. My sources in the industry said the NSA is taking a new approach, an "openness" cited by several folks and that's been apparent to me when calling Fort Meade. By offering the DSS/Clipper/Capstone in the free market the NSA may finally have turned the corner on public relations and come to understand the power of providing information. Not that this means they'll deliver the specs on the Skipjack algorithm -- rather, they may have grasped the computer industry's tactic of flooding the market with irrelevancies which create a sense of urgency. Now, the hardware and software vendors will be faced with choosing between greed, as it will be rewarded by the Feds if the industry adopts Clipper/Capstone, and principles of freedom of expression, privacy and public debate, which cannot be quantified. I can see it now: Apple and Microsoft will be guaranteed hundreds of millions in handheld computer sales -- if they standardize on Capstone security. They'll turn to the user community and say, "We've received more cooperation and information than we could ever have expected from the NSA in days of yore. We are satisfied that the NSA is earnest in its wish to help us provide users with absolute security." The new openness is a smart marketing move on the NSA's part, it places privacy advocates in the position of having to battle against largely irrelevant information. Mitch Ratcliffe ------ End of Forwarded Message
Current thread:
- FYI: Re: Re Dorothy Denning's knock on the Sobel DSS summary Dave Farber (May 19)