Aquilifer
Posts: 31
Joined: 4/19/2005
Status: offline
|
The NSA is the last group I'd want managing information security on the national level.
Remember the Clipper Chip / Skipjack fiasco? That was the NSA, demonstrating to the whole wide world that they didn't know the first thing about cryptography.
For those of you whose memories mercifully deleted this obscenity, here was the idea in a nutshell.
The NSA wanted to impose, by fiat, a standard cryptographic algorithm they called "Skipjack". The details were classified. "Skipjack" was supposed to be implemented, in silicon, by the "clipper chip".
The NSA's slice of the pie was the encryption keys, which were to be ecrowed with them.
Absolutely everybody who had gotten past "c.a.t. spells cat, d.o.g. spells dog" in cryptography knew this idea was idiotic on several levels. Let's ignore the obvious civil liberties issues for the time being and simply consider what a disaster this was from a cryptographic standpoint.
In the first place, once you have several tens of millions of clipper chips out there, your "secret" algorithm isn't going to be secret anymore, because multiple instances of that chip will have been reverse engineered.
In the second place, all those escrowed keys are probably going to be kept in a single location, which becomes a spy-and-hacker magnet of truly gigantic proportions. Sooner or later, this archive will be breached and the keys will be compromised.
In the third place, no cryptographer worth his pay is going to trust the security of an algorithm whose details are not public. Yeah, you read that right. A secret algorithm is less secure, not more secure. This is counterintuitive, but here's how it works.
Lousy insecure cryptographic algorithms are incredibly easy to write, and so most new ones aren't worth a leaping damn. The only way you can sort out the wheat from the chaff here is to publish the algorithm in full detail, and let professional cryptographers beat the holy livng bejesus out of it in full public view, for years.
This is a brutally Darwinian process. Most algorithms perish, because somebody figures out some way to attack them, in other words, to reverse engineer a cryptogram back to its original plaintext, that does not require prior knowledge of the cryptogram's key.
Only the algorithms that survive this Murderer's Row are considered strong enough to entrust real secrets to, because the only way anybody has so far discovered to break the cryptograms they generate is to use brute force key guessing. And the way you defeat that is easy: just pick a long enough key.
This concept is more than a century old in the cryptographic community. It's called "Kerckhoffs' principle".
< Message edited by Aquilifer -- 3/20/2009 1:12:25 AM >
|
Should cybersecurity be centralized? - 
Profile
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread