24 June 1998
Date: Wed, 24 Jun 1998 105900 -0400 From: "Kawika Daguio" <Kdaguio@aba.com> To: pgut001@cs.auckland.ac.nz Cc:cryptography@c2.net Subject: Re NSA Declassifies Algos -Reply Releasing these algos was a smart and sound move on the NSA's part. I have spent way too much time over the last 5 years trying to get the NSA to be more open than they have been and to take more risks to support their protection mission. They are doing a tremendous job compared to a few years ago and we have welcomed their actions which acknowledge that protection is becoming as important as exploitation. This move gives me hope that this trend will continue if not accelerate. The NSA has worked with the banking industry for over 20 years to guide the industry away from a number of potentially problematic infosecurity approaches thus helping vendors to meet the banking industry assurance requirements as well as guidance to help limit implementation problems. Their most important contributions have come in the area of development of security standards in ANSI X9F committees. While we have had disagreements in the past that led to the enactment of the Computer Security Act, and other fallout, there is a growing, but still limited trust between our two worlds. I would expect that those that examine the algorithms will find they have practical application and non-conspiracy theorists will find comfort in their provenance rather than a threat. We have hoped that the NSA would be more active, visible, and open about the algorithms in their vaults and those the private sector develops. Unfortunately, however, any public activity on their part usually brings immediate and overwhelming negative public relations consequences regardless of the nature of their initiative. As a result even when the wish to help industry more they are reluctant to actually face the risks involved. To my regret, because of the Clipper and KR debate related public relations damage, the Agency has been unwilling to contribute an algorithm to the AES beauty contest despite my requests that they do so in the interest of advancing national security. We rejected using SJ/KEA and fortezza cards for a PKI almost 4 years ago when the government offered them to us even in a built in a way that would have separated us from the government KE/KR infrastructure. Among the original 5 public reviewers of these algorithms are a couple from our community, and we were also offered an opportunity to review the algorithms on an indepth basis. The banking industry wants more good choices and our sector believes that alot can be learned from an "allied" group that hammers on crypto on an unparalleled basis in a production oriented environment. Brilliant academics and entrepreneurial technologists have great potential and have contributed much, but nothing beats money, manpower, and experience. Transferring some of the fruits of this experience is a recommendation that I made while on a PCCIP (critical infrastructure) R&D committee appointment. I hope that they share more of the fruits of their past efforts on terms negotiated with N and industry. I believe that it is entirely appropriate that they have declassified these algorithms and they should continue along this line by being more visibly active in the AES evaluations now that the time for submissions has passed. Also, given the expected adoption of the ECDSA by a number of critical infrastructure sectors, it is thus reasonable to expect that a significant level of resources be expended to insure that no surprises arise after it is made a standard, and implemented widely. We have repeatedly argued that equivalent resources be allocated early in the standards process to the algorithms that industry is pursuing as if an actively hostile nation were using it. We would expect that information be shared and guidance be forthcoming to ensure that a "known" problem in the secret world be shared with those operating or supplying technology solutions to critical infrastructure sectors. Transferring these algorithms is a great start, but continued openness and advancement of mutual interests requires the NSA and the private sector to be open and take risks and extend some measure of trust beyond their own domains. I hope it happens, if it does I am confident we will all benefit. ----- The above represent my views and not to be considered the views of the american bankers association or the financial institutions we represent unless otherwise indicated. kawika daguio