At 10:22 AM -0700 10/17/00, Kerry L. Bonin wrote:
>At 10:06 AM 10/17/00 -0500, Fisher Mark wrote:
>>It is just a whole lot easier to do a black-bag job on a North Korean
>>embassy (for example) than to directly attack their crypto. That is why
>>defense companies do background checks, that is why some areas of military
>>facilities are guarded by soldiers with guns, and that is why the NSA tried
>>to conceal all evidence of their existence for a while. Crypto is just one
>>part of a unified security policy -- sometimes not a very important part at
>>that.
>
>I don't dispute this, my choice of words was "Sure, they devote significant
>resources to exploiting weaknesses in key management." "Rubber hose" and
>"black bag" cryptanalysis have a long history of being far more cost
>effective than brute force.
Your main claim was that ciphers are crackable by the NSA (pace your
various comments about "near realtime," "cracking farms," ASICs and
silicon-on-sapphire, and your .mil/spook buddies who have
confidentially told you so).
Are you retracting this claim now?
--Tim May
--
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
"Cyphernomicon" | black markets, collapse of governments.