From: Eugene Leitl (Eugene.Leitl@lrz.uni-muenchen.de)
Date: Fri Dec 20 1996 - 15:15:03 MST
On Thu, 19 Dec 1996, Lyle Burkhead wrote:
> > [ routine low-overhead encryption part of TCP/IP ]
>
> The NSA would love this. It would give everybody a false sense of
NSA would just hate this. Just write an according RFC, and listen for
comments. You might even face legal action.
> security. An encrypted file generated by a speedy, unsafe encryption
Why? You still are free to use heavy-duty encryption, should you feel
like it. An encryption scheme which takes 1 hour to break makes routine
snooping by dedicated parallel scanner chips totally worthless. The step
from us to ks is a tall order.
> program would differ from a file generated by better encryption
> programs. The difference wouldn't be apparent to a casual observer,
But not obviously so. Perhaps I should elaborate on unsafe encryption: I
consider IDEA relatively secure, while DES being unsafe encryption.
> but the NSA could see the difference.
But not _casually_. That's the point.
> > so that high-entropy pieces (compressed stuff causes this anyway)
> > won't cause scanner chips raise their virtual eyebrows whence
> > flowing thru NSA (heard the interrupt pling?) nodes
>
> True, they would have to rely on other methods besides scanner chips
> that simply recognize high-entropy messages. But other methods are
> available. Devising such methods would give them something to do,
Though such methods, should they exist, are surely not public.... I doubt
easy methods exist. It is quite impossible to tell random from
pseudorandom, and compressed stuff from encrypted stuff (ok , the latter
gives a totally white spectrum).
> maybe increase their budget... no problem.
Good cryptography scales very favourably in terms of roi. NSA would have
a very hard time scanning myriads of trivially encrypted packets, even if
their budget rise to astronomical (and I mean it) heights.
> In a sea of pseudorandom bits generated by a simple encryption
> program, a "seriously" encrypted message would stand out. Then
CAMs/iANs do not produce trivial sequences. The only way to tell them
apart would try a serious cryptoattack, which is a very costly business.
> they would know: here is somebody who has something to hide.
> The standard encryption isn't good enough for this guy -- so who is he?
> And then they would proceed to find out who he is.
These arguments are not valid. Cryptography does not work this way.
> Let me rephrase my original statement: using more encryption than
> other people commonly use is like painting your windows black when
> everybody else uses curtains. It just attracts attention.
It is a wrong picture, but everybody using cryptography equals to anybody
having windows. It is just some of them are bulletproof. Really easy to
tell, huh?
ciao,
'gene
> Lyle
>
>
______________________________________________________________________________
|mailto:ui22204@sunmail.lrz-muenchen.de |transhumanism >H, cryonics, |
|mailto:Eugene.Leitl@uni-muenchen.de |nanotechnology, etc. etc. |
|mailto:c438@org.chemie.uni-muenchen.de |"deus ex machina, v.0.0.alpha" |
|icbmto:N 48 10'07'' E 011 33'53'' |http://www.lrz-muenchen.de/~ui22204 |
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 14:35:54 MST