Slashdot Mirror
U.S. Government Encryption Irony
Bruce Lane writes "Given the US Government's hype and paranoia about not allowing strong encryption out of the country, I find it particularly ironic that they should choose, as finalists competing for the next federally-blessed encryption standard, a couple of schemes developed outside the country altogether. The full story is here. Enjoy!"
heh. That explains it, alright!
Seriously, our virtual guarantee of non-competition has made feasible encryption research that otherwise might not have happened.
Congratulations, Mr. Clinton and Friends, you now know that the high-tech advantage goes to those who work in the field rather than those who sit on their advantage. You have effectively subsidized far more foreign participants. Can we get back to a rational encryption policy now, please?
Geeky modern art T-shirts
Looks like they just garbled their own english. 128, 192 and 256 bit are keysizes required for AES.
What really bugged me is the "340**35" number at the bottom. It looks like someone just pulled some random base and exponent out of thin air.
Most reporters take pride in their accuracy. *snicker* Oh well, I guess reporters get confused by technical stuff just like all other non-techies.
Government beurocrats and lawmakers always have had a strong tendency for cluelessness, especially where technology is involved.
It has always been the case that it is possible for an American to download some freeware source code from a foreign site that contains encryption, modify an aspect of the application that has nothing to do with the encryption (translate the output text to English, perhaps), then if he re-uploads the program, he has committed a federal felony!
Don't expect our lawmakers to actually be swift enough to see the irony in this, they're far to stupid for that.
Sometimes I wonder if anything would really change if we just trained chimpanzees to be our senators and congressmen...
Please, learn a little more about the subject before spreading FUD. All of these ciphers are fine.
The result against MARS is an equivalent-key attack, for keys *over 1024 bits long*. AES-standard keys (128,192,256-bit) are fine, it's just a wee problem with some extended functionality that the AES doesn't require. And the "tweak" against MARS for a more smartcard-friendly key schedule fixes even this.
The result for Twofish is even weaker: not all subkeys are possible. However, the subkey entropy is quite sufficient to ensure the security of the cipher, and it doesn't lead to a break. See the paper on the subject on the Twofish home page.
And there's nothing listed for RC6 at all!
HPC is big and slow and complex and impossible to analyse; it would be a terrible mistake to bring it into Round 2. CAST-256 was rejected because everything it does, Serpent does better.
I'm happy with the choices NIST made and the reasoning they give. And like everyone else, I think that the final battle will be between Rijndael and Twofish. It's interesting to note that neither of these excellent ciphers are patent-encumbered.
Oh, and it's not 2^128, it's 2^128 + 2^192 + 2^256, a 78-digit number
--
Xenu loves you!
A similiar letter from Janet Reno was sent to Germany's federal minister of justice Hertha Däubler-Gmelin too.
Read that letter here and the background story here.
The only explanation that makes sense to me is that the U.S. government indeed is able to gather a lot of useful information under present communication habits.
And what nature is this information - fighting drug dealers, organized crime or terrorists?
Nope. It seems to be mostly economical espionage. Some cases that became public:
- European Union / U.S. economic treaty negotiations - the EU delegation was eavesdropped by the U.S. who had easy play knowing the others strategy and goals
- A solar energy company from north germany suddenly found their invention patented by a U.S. company
- During the bidding for a train system, the german led ICE consortium lost to the french TGV because the French were able to eavesdrop the ICE faxes
Another interesting item is that even the german armed forces use Lotus Notes, despite it's weak encryption..Hey! This reporter must have phenominal accuracy, to be able to represent a number like that! For most reporters, their MPU would overflow on the exponent, though most should cope with the mantissa OK.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
That's enough to twist anyone's mind!
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
I dunno. All those lobby groups would end up unemployed and on the streets. They'd overcrowd the sidewalks something chronic.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)