[4504] in cryptography@c2.net mail archive
Re: The name of "RSA"
daemon@ATHENA.MIT.EDU (Vin McLellan)
Sun Apr 11 23:22:20 1999
To: "Steven M. Bellovin" <smb@research.att.com>,
John David Galt <jdg@rahul.net>
From: Vin McLellan <vin@shore.net>
Cc: cryptography@c2.net, cypherpunks@algebra.com,
stds-p1363@majordomo.ieee.org
Date: Fri, 9 Apr 1999 16:58:53 -0400
John David Galt <jdg@rahul.net> queried the Cryptography List:
>> Can anyone tell us the names of the original British inventors of public key?
>> Granted that R, S, & A didn't plagiarize, but if they no longer want their
>> names used this way, perhaps their predecessors should get the honor >>
instead!
The discussion of alternative names for "RSA" has been an amazing
and entertaining carnival, spawned by a wildly exaggerated interpretation of
a 3/1/99 SDTI letter to the P1363 working group. SDTI, RSA's parent firm,
for which I have been a consultant for many years, never said they were
going to restrict the use of the term RSA by real people, or even members of
standards groups.
The RSA brand name issue, as SDTI sees it, is whether commercial
competitors will be allowed to mislead consumers as to who crafted a module
of implementation code. The theater generated around this topic has been
amazing, but anyone curious about SDTI's actual claims about RSA as a brand
name should check out SDTI's new letter to IEEE at:
<http://grouper.ieee.org/groups/1363/letters/SecurityDynamics2.jpg>
Steven M. Bellovin <smb@research.att.com> responded to Mr. Galt:
>The best current summary is in >
http://www.nytimes.com/library/cyber/week/122497encrypt.html
>The British paper no longer appears to be on the CESG web site.
Peter Wayner of the NYT did a great job in his 12/24/97 feature, but
John Young's invaluable Cryptome website still has a copy of James Ellis
1987 paper -- "The History of Non-Secret Encryption" -- available in
vanilla html and PS at: <http://jya.com/ellisdoc.htm>
GESG, the British communications intelligence agency, published
the Ellis paper ten years after it was written, on Dec. 14, 1997, shortly
after Mr. Ellis died.
In his paper, Ellis dates his own insight that secure cryptographic
communications was possible with no prior exchange of secrets between
parties from the late 1960s, with the first internal CESG publication on the
topic dated January, 1970: " J H Ellis, The Possibility of Secure
Non-Secret Digital Encryption, CESG Report, January 1970."
With the generosity and courtesy typical of the most creative minds
in modern crypto, Mr. Ellis gives full credit to Clifford Cocks for
developing the first workable version of this concept -- an apparent
special-case version of RSA, first described in an internal GESG pub on
20/11/73 -- and to Malcolm Williamson, who developed an apparent analogue
to the Diffie-Hellman PKC (first described in an internal GESG pub on
21/1/74) a few months later.
Except for the 1987 Ellis paper, the original GESG documents cited
above are unavailable, apparently still classified by the British government.
There is yet another -- or possibly more than one (it's a big world,
after all) -- unpublished "secret history of public key cryptography" in
the armored archives which hold the secrets of the various national
intelligence agencies.
In the US, the former Director of the National Security Agency,
Bobby Ray Inman, years ago claimed that public key cryptography was
originally invented within the NSA. The NSA has never published anything to
outline or date their original research in this area, although crypto
historian David Kahn has repeatedly pressed them to do so.
Informal comments by senior DoE and NSA staff indicate that some
of the early innovative work on PKC was done to provide a system to
maintain failsafe control over nuclear weapon systems, but it is impossible
to date any of this work without new revelations from the NSA. Matt Blaze
and Steve Bellovin have gathered some interesting documentation on this
topic at: <http://www.research.att.com/~smb/nsam-160/>
None of this secret research, of course, has anything to do with the
logic or ethics of free-market public invention. In America, the US
Constitution offers citizens a limited-time right to commercially exploit a
new invention -- including, according to US Courts, a device which
implements a cryptographic algorithm in some sort of pseudomechanical
protocol -- in exchange for the inventor's permission to publish the
details of that invention. The better to spur innovation, further
development, and competitive industry in the nation as a whole.
Secret invention, whether at GCHQ or the NSA, serves only the
secret world. It took unfettered invention, publication, and development --
often in the face of overt hostility and organized resistance from the NSA,
the lead US signals intelligence agency -- to give us the cryptographic
foundation for 21st Century e-commerce, and some hope of personal privacy in
cyberspace, where a virtual universe which now shadows the material world.
This empowerment of individual citizens was explicit in the goals of
Diffie et al as they developed the revolutionary concept of public key
cryptography in the mid 1970s. Few could expect such intent -- or such a
gift, with their success -- from the technical staff of the national
intelligence agencies in either the UK or the US.
However creative, useful, and necessary their work in the shadows of
the Secret World, their labor and innovation -- both modest and brilliant
-- serves the needs of Government, which in this context turned out to be
separate and distinct from the real and potential needs of the Citizenry.
Suerte,
_Vin
--------
"Cryptography is like literacy in the Dark Ages. Infinitely potent,
for good and ill... yet basically an intellectual construct, an idea,
which by its nature will resist efforts to restrict it to bureaucrats
and others who deem only themselves worthy of such Privilege."
_A Thinking Man's Creed for Crypto _vbm
* Vin McLellan + The Privacy Guild + <vin@shore.net> *
53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
