[3174] in cryptography@c2.net mail archive
Re: NSA Losing Crypto Experts
daemon@ATHENA.MIT.EDU (Tom Perrine)
Mon Aug 10 11:18:44 1998
Date: Sun, 9 Aug 1998 22:46:51 -0700
From: Tom Perrine <tep@SDSC.EDU>
To: rick_smith@securecomputing.com
CC: nelson@media.mit.edu, cryptography@c2.net
In-reply-to: <3.0.3.32.19980729182216.00932d80@mailhost.sctc.com> (message
from Rick Smith on Wed, 29 Jul 1998 18:22:16 -0500)
This is a little old, but...
>>>>> The moving finger of Rick Smith, having written:
Rick> Nelson Minar wrote about not wanting to work at NSA:
>> What's the fun
>> in producing a great piece of software crypto if the only way it gets
>> out the door is in embedded military applications?
Rick> According to NSA tradition, by the way, crypto and software don't mix. You
Rick> can do one or the other, but never, never do both at the same time. They're
Rick> traditionally spooked by the fact that it's hard to make reliable
Rick> predictions about the behavior of software. If you look at what the Orange
Rick> Book tried to do, the underlying and unspoken theme is that a true A1
Rick> system might allow them to run crypto in software with an acceptable level
Rick> of confidence.
Rick> Rick.
Rick> smith@securecomputing.com
The over-riding motivation behind A1 was to produce a system that
could process data at multiple (very high) security levels with
sufficient assurance that very sensitive data would not leak to lower
levels and be compromised.
This, in turn, was motivated by two other factors. The major desire
was to do "true multi-level processing", so that information from
multiple levels of classification could be brought together in a safe
manner to provide better analysis capabilities (so-called "all source"
analysis). The other motivation, which was "older" and turned out to
be less important, was to save on hardware costs. Remember, this was
in the days of the multi-million-dollar mainframe, which ran at about
1-MIP, with disk drives the size of washing machines holding 450
Mbytes.
Being able to "run crypto in software" isn't quite the same thing.
Being able to process "HVCCO" ("handle via COMINT channels only",
which is extremely classified) data was the true motivation.
--
Tom E. Perrine (tep@SDSC.EDU) | San Diego Supercomputer Center
http://www.sdsc.edu/~tep/ | Voice: +1.619.534.5000
I'm not a Randian, an Objectivist, or a big-L libertarian. Sometimes
I'm not a little-l libertarian, either. I'm just Reasonable.
