[1977] in cryptography@c2.net mail archive
Re: secret history of the development of PK crypto
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Wed Dec 17 14:46:39 1997
To: cryptography@c2.net
cc: Matt Blaze <mab@crypto.com>
Date: Wed, 17 Dec 1997 14:13:34 -0500
From: Steven Bellovin <smb@research.att.com>
There is, I think, a lot more that is to be learned about the development
of public key crypto inside of assorted agencies. Diffie notes that in
the 1986 Encyclopedia Britannica (I haven't checked later editions), the
director of NSA claimed (without substantiation) that NSA had had public
key crypto a decade earlier than Diffie and Hellman.
Let me add what little I can. At the Fairfax conference a few years ago,
Whit Diffie organized a Festcolloquium in honor of Gus Simmons, who
was retiring. Gus told of how he learned of public key crypto -- the same
way many of us did, by reading Martin Gardner's column in Scientific
American. Simmons was on his way to Australia to give a talk; he said he
was immediately struck by the implications of this technique for nuclear
weapons command and control -- his field -- so he tore up his talk and
made up a new one on the plane. It seemed clear, at that point, that he
had not known of the technique. (An alternative explanation, of course,
is that he knew of it but couldn't speak about it until it was
rediscovered. I did not get that impression at the time.)
The next speaker was someone who had recently retired from the upper
echelons of NSA. (His name escapes me; Matt, do you remember who it was?)
He spoke of National Security Action Memorandum 160 (from June 6, 1962),
entitled "Permissive Links for Nuclear Weapons in NATO". The claim was
that this memo -- signed by President Kennedy and endorsing a memo from
his science advisor, Jerome Weisner -- was the basis for the invention
of public key cryptography by NSA. Simmons nodded in vigorous agreement.
When the conference was over, Matt Blaze called up the Kennedy Library in
Cambridge, MA, and asked about getting a copy of the memo. It was
classified -- but the person to whom he spoke initiated a declassification
review. Fairly promptly, he received a sanitized copy.
This version has been sitting around here for four years. I've finally
gotten around to scanning them in and putting them up on the Web. I'll
make up some fancier pages later; for now, they're sitting in
http://www.research.att.com/~smb/nsam-160/pg?.gif, where ? ranges from
1 through 7. (N.B. The files may not be there this instant, until the
staging daemon runs; they will be within a few hours.)
