Sunday, September 03, 2006

Wikipedia on DES

On the Wikipedia Cryptography page, someone changed:
A popular book[40] claims that IBM independently re-discovered differential cryptanalysis and that the technique was kept secret at NSA's request, but the account published by IBM[38] makes no such claim.
to:
IBM discovered differential cryptanalysis independently[40] and kept the technique secret at NSA's request.
and justified it with:
If a fact is supported by a reliable published source, then it can be presented as fact on Wikipedia. You can call it "Levy's rumor", or a "goofy NSA theory", or an "anti government conspiracy theory", or "wrong" until you're blue in the face, I don't care. The only thing that will convince me is an actual rational argument as to why Levy, a published prize-winning author, cannot be trusted as a reliable source. Argument by repeated assertion is not convincing.
Steve Levy wrote a book on Crypto with a lot of interesting info, but his only source for the above statement is the account published by IBM. It would be very strange if IBM wrote a whole article bragging about how it knew about differential cryptanalysis and used it to improve the design of the Data Encryption Standard (DES), but neglected to mention that IBM invented it.

It appears that IBM's design of a new encryption standard had weaknesses, and the NSA told IBM's team about some attacks so that IBM could improve the design. A lot of people were suspicious about the NSA's involvement in DES back in the 1970s, but DES was a tremendous success, and none of those suspicions were ever substantiated. Whatever influence NSA had, it was overwhelmingly for the better.

Some conspiracy theorists just won't let go of their anti-govt paranoia, regardless of the evidence.

No comments: