"Steven M. Bellovin" <[EMAIL PROTECTED]> writes: > Bruce Schneier's newsletter Cryptogram has the following fascinating > link: http://www.fas.org/irp/eprint/heath.pdf > It's the story of effects of a single spy who betrayed keys and > encryptor designs.
Very interesting indeed. I was unaware that the military had such astonishingly bad key management practices. One wonders if things have actually improved. One thing one hopes has changed is that one hopes that it is no longer necessary for everyone to share the same keying material among so many different endpoints. Public key cryptography and key negotiation could (in theory) make it unnecessary to store shared secrets for long periods of time before use, where they are rendered vulnerable to espionage. One hopes that, over the last thirty years, this or something analogous has been implemented. One intriguing question that I was left with after reading the whole thing was not mentioned in the document at all. One portion of the NSA's role is to break other people's codes. However, we also have to assume that equipment would fall into "the wrong people's hands" at intervals, as happened with the Pueblo incident. If properly designed, the compromise of such equipment won't reveal communications, but there is no way to prevent it from revealing methods, which could then be exploited by an opponent to secure their own communications. Does the tension between securing one's own communications and breaking an opponents communications sometimes drive the use of COMSEC gear that may be "too close to the edge" for comfort, for fear of revealing too much about more secure methods? If so, does the public revelation of Suite B mean that the NSA has decided it prefers to keep communications secure to breaking opposition communications? Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]