Brin on privacy

Lyle Burkhead (
Sun, 22 Dec 1996 00:03:23 -0500 (EST)

James Rogers writes,

> You misunderstand the nature of modern cryptography.

If you guys don't cut out the wise-ass remarks, I'm going to chase you
around the playground and beat you up! <g>

> *Many* common encryption algorithms today could not be broken
> even if the entire GNP of the country was applied towards
> computational capability.
> For example, no amount of budget would allow the NSA to crack
> an IDEA encrypted message. There isn't enough computational
> capability available.

Why is it so hard to get this across? I'm *not* saying that they can
decode an encrypted message. I'm *not* saying they can reconstruct
the algorithm that generated an encrypted message.

Eugene Leitl proposes to make routine low-overhead encryption part of
TCP/IP. I am only claiming that NSA can tell the difference between
an encrypted message generated by such a routine algorithm, and one
generated by a more sophisticated algorithm. Not that they can read the
messages, just that they can tell which is which.

> A good pseudo-random number generator is indistinguishable
> from a true set of random numbers. The RC4 stream cipher (= PRNG)
> is a case in point. The output has a totally white spectrum.
> The only thing that makes it "pseudorandom" is that it is generated
> deterministically. The output is indistinguishable from
> non-deterministic random noise.

Is that a theorem? Are you saying that trying to distinguish between
these outputs is like trying to find a rational number whose square is 2?

If it's not a theorem -- and I don't think it is -- then I wouldn't be
too quick to assert that it is *impossible* to distinguish between
different kinds of pseudorandomness. I could be wrong, but my
mathematical common sense tells me that each algorithm leaves
some kind of fingerprint, and distinguishing between them is
just a matter of cleverness and patience.

Michael Lorrey writes,

> First a clue for Lyle: Cryptography has always been classified as
> munitions.

Really? Always? As recently as the 1930s, the attitude of the
American government was that "gentlemen don't read each other's
mail." But thanks for the clue, Mike. Now nobody can say I'm

> The day a spy agency like NSA gets such status and budget will be
> the beginning of the Second AMerican Civil War.

Nope. That's a totally naive statement.

John Novak writes,

> Tell me, do you know something I don't regarding the operational
> standing of the NSA and governmental plans for the same, or are
> you just painting a paranoid nightmare scenario for the sheer joy of
> trying to spook people?

I'm just painting a paranoid nightmare scenario for the sheer joy of
trying to spook people! <evil g>

What I am doing -- not in this thread particularly, but in general -- is
the opposite of encryption. I am trying to decrypt my thoughts. I am
trying to create a vocabulary in which I can make myself understood.
The most subversive thing I can do is to tell the truth in plain English.
But first I have to establish a context within which my ideas will be
intelligible. This has been the purpose of all my posts from day one.