[3117] in cryptography@c2.net mail archive
RE: NSA Losing Crypto Experts
daemon@ATHENA.MIT.EDU (John Pescatore)
Thu Jul 30 15:20:14 1998
From: John Pescatore <John.Pescatore@entrust.com>
To: "'Rick Smith'" <rick_smith@securecomputing.com>,
"'cryptography@c2.net'"
<cryptography@c2.net>
Date: Thu, 30 Jul 1998 09:25:35 -0400
Most of what the Big 6 (Fab 5, Final 4: what are they down to now?) have
been hiring from NSA are generic engineers who have worked at the Agency for
20 or more years and can take early outs. Generally not the cream of the
crypto crop - those companies are looking for "rain makers" not
cryptologists.
JP
John Pescatore johnp@entrust.com
Senior Consultant 301-421-4055
Entrust Technologies, Inc. 301-421-4052 (fax)
-----Original Message-----
From: Rick Smith [mailto:rick_smith@securecomputing.com]
Sent: Wednesday, July 29, 1998 7:22 PM
To: nelson@media.mit.edu; cryptography@c2.net
Subject: Re: NSA Losing Crypto Experts
Nelson Minar wrote about not wanting to work at NSA:
>What's the fun
>in producing a great piece of software crypto if the only way it gets
>out the door is in embedded military applications?
According to NSA tradition, by the way, crypto and software don't mix. You
can do one or the other, but never, never do both at the same time. They're
traditionally spooked by the fact that it's hard to make reliable
predictions about the behavior of software. If you look at what the Orange
Book tried to do, the underlying and unspoken theme is that a true A1
system might allow them to run crypto in software with an acceptable level
of confidence.
Rick.
smith@securecomputing.com
