FYI: RISKS DIGEST 14.64

[Dave Farber <farber () central cis upenn edu>]

------ Forwarded Message
Date: Thu, 13 May 93 10:22:19 -0700
From: forman () cs washington edu
Subject: Rewards offered for finding bugs in Japanese encryption methods

In RISKS-14.60 Klaus Brunnstein implies that "Security by Obscurity" (not
making an encryption method public) is a poor way to get a secure encryption
method.  Both the USA's Clipper Chip and Europe's A5 standards use Security by
Obscurity.

Japan doesn't seem to rely on this arcane method:

Professor Shigeo Tsujii of the Tokyo Institute of Technology is offering $3000
to anyone who can find a bug in his new encryption method called "NIKS-TA".
(Described in his 15-page thesis.)

Similarly, in 1989 NTT offered $9100 (1M yen) for finding a bug in their
encryption method.

         [This could be RISKy if the reward is not big enough, 
         and someone on the "other side" is offering more?  PGN]
------ End of Forwarded Message