Path: utzoo!utgpu!water!watmath!gamiddleton
From: gamiddleton@watmath.waterloo.edu (Guy Middleton)
Newsgroups: sci.crypt
Subject: Re: Request for opinions: canadian cryptographic standard.
Message-ID: <17654@watmath.waterloo.edu>
Date: 19 Mar 88 23:06:12 GMT
References: <2463@geac.UUCP>
Reply-To: gamiddleton@watmath.waterloo.edu (Guy Middleton)
Organization: University of Waterloo [MFCF/ICR]
Lines: 18

In article <2463@geac.UUCP> daveb@geac.uucp (David Collier-Brown) writes:
>    We strongly believe that for sensitive Canadian secrets, a
> proprietary Canadian algorithm should be embedded into LSI, and the
> details shared with no one outside Canada.  Failure to do this makes
> a mockery of our already limited sovereignty. If we wish as
> Canadians to have our world views taken seriously by our allies, we
> must make the necessary expenditures not to be dependent.

Having an algorithm without trapdoors for nasty foreign intelligence
agencies is a good idea, but keeping the details of the aglorithm secret is
a bad way to make it secure.  At some time, *somebody* will find out, and
all the secrecy will be pointless.  It is better to assume that the enemy
knows everything about the encryption method except for the key.  Also,
keeping the details secret would provoke the same kind of worry about
trapdoors as the NSA does.

 -Guy Middleton, University of Waterloo Institute for Computer Research
 gamiddleton@math.waterloo.edu, watmath!gamiddleton	"nobody uses it, anyway"