From: Lyle Burkhead (LYBRHED@delphi.com)
Date: Sat Dec 21 1996 - 22:03:23 MST
James Rogers writes,
> You misunderstand the nature of modern cryptography.
If you guys don't cut out the wise-ass remarks, I'm going to chase you
around the playground and beat you up! <g>
> *Many* common encryption algorithms today could not be broken
> even if the entire GNP of the country was applied towards
> computational capability.
>
> For example, no amount of budget would allow the NSA to crack
> an IDEA encrypted message. There isn't enough computational
> capability available.
Why is it so hard to get this across? I'm *not* saying that they can
decode an encrypted message. I'm *not* saying they can reconstruct
the algorithm that generated an encrypted message.
Eugene Leitl proposes to make routine low-overhead encryption part of
TCP/IP. I am only claiming that NSA can tell the difference between
an encrypted message generated by such a routine algorithm, and one
generated by a more sophisticated algorithm. Not that they can read the
messages, just that they can tell which is which.
> A good pseudo-random number generator is indistinguishable
> from a true set of random numbers. The RC4 stream cipher (= PRNG)
> is a case in point. The output has a totally white spectrum.
> The only thing that makes it "pseudorandom" is that it is generated
> deterministically. The output is indistinguishable from
> non-deterministic random noise.
Is that a theorem? Are you saying that trying to distinguish between
these outputs is like trying to find a rational number whose square is 2?
If it's not a theorem -- and I don't think it is -- then I wouldn't be
too quick to assert that it is *impossible* to distinguish between
different kinds of pseudorandomness. I could be wrong, but my
mathematical common sense tells me that each algorithm leaves
some kind of fingerprint, and distinguishing between them is
just a matter of cleverness and patience.
Michael Lorrey writes,
> First a clue for Lyle: Cryptography has always been classified as
> munitions.
Really? Always? As recently as the 1930s, the attitude of the
American government was that "gentlemen don't read each other's
mail." But thanks for the clue, Mike. Now nobody can say I'm
clueless.
> The day a spy agency like NSA gets such status and budget will be
> the beginning of the Second AMerican Civil War.
Nope. That's a totally naive statement.
John Novak writes,
> Tell me, do you know something I don't regarding the operational
> standing of the NSA and governmental plans for the same, or are
> you just painting a paranoid nightmare scenario for the sheer joy of
> trying to spook people?
I'm just painting a paranoid nightmare scenario for the sheer joy of
trying to spook people! <evil g>
What I am doing -- not in this thread particularly, but in general -- is
the opposite of encryption. I am trying to decrypt my thoughts. I am
trying to create a vocabulary in which I can make myself understood.
The most subversive thing I can do is to tell the truth in plain English.
But first I have to establish a context within which my ideas will be
intelligible. This has been the purpose of all my posts from day one.
Lyle
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 14:35:54 MST