Path: utzoo!mnetor!uunet!tektronix!reed!mdr From: mdr@reed.UUCP (Mike Rutenberg) Newsgroups: sci.crypt Subject: Re: Request for opinions: canadian cryptographic standard. Message-ID: <8497@reed.UUCP> Date: 20 Mar 88 06:49:15 GMT References: <2463@geac.UUCP> Reply-To: mdr@reed.UUCP (Mike Rutenberg) Organization: Reed College, Portland OR Lines: 44 In article <2463@geac.UUCP> daveb@geac.uucp (David Collier-Brown) writes: > We strongly believe that for sensitive Canadian secrets, a >proprietary Canadian algorithm should be embedded into LSI, and the >details shared with no one outside Canada. Failure to do this makes >a mockery of our already limited sovereignty. If we wish as >Canadians to have our world views taken seriously by our allies, we >must make the necessary expenditures not to be dependent. Your suggestion sounds like "lets emulate U.S. practice" rather than general support for strong cryptographic research and commercial development within Canada. If you are suggesting that a Canadian standard be developed solely for the Government and military contractors, that might be appropriate (I must admit some ignorance of where the encryption schemes used by the Canadian government originate - does the Communications Security Establishment (CSE) make them or do they come from the NSA?). A more difficult problem would seem to be a public encryption standard. It is probably just my existence outside of the military that makes me desire open cryptographic research and systems. Black boxes concern me, no matter who they come from (I also don't like centralized key scheduling). I also think there is a need for generally available encryption, not just for national security applications. Banks, businesses, and even humble love letters all need to be protected. Maybe DES or the NSA chips are enough for these applications, but I certainly wouldn't mind having the option of an open, independent, "made-in-Canada" solution. The subject of resources also comes to mind (maybe some messages on this topic haven't made it out of Canada). How does one make strong cryptographic standards appear? Where would they come from? Thoughts which come to mind are National Research Council (NRC) and the CSE, but I don't know what resources they would have to tackle this seemingly difficult project. The open work that I know of is coming from places like Queen's University and the University of Waterloo. Do there already exist proposals for a Canadian standard or is this a thought which will later be turned into resources? Anyways, neat stuff. I'll buy one if it is cheap enough! Mike -- Mike Rutenberg specializing in fast, robust software and food (503)771-5516