Declassified NSA Newsletters

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “Tales of the Krypt,” from 1994 to 2003.

There are many interesting things in the 800 pages of newsletter. There are many redactions. And a 1994 review of Applied Cryptography by redacted:

Applied Cryptography, for those who don’t read the internet news, is a book written by Bruce Schneier last year. According to the jacket, Schneier is a data security expert with a master’s degree in computer science. According to his followers, he is a hero who has finally brought together the loose threads of cryptography for the general public to understand. Schneier has gathered academic research, internet gossip, and everything he could find on cryptography into one 600-page jumble.

The book is destined for commercial success because it is the only volume in which everything linked to cryptography is mentioned. It has sections on such-diverse topics as number theory, zero knowledge proofs, complexity, protocols, DES, patent law, and the Computer Professionals for Social Responsibility. Cryptography is a hot topic just now, and Schneier stands alone in having written a book on it which can be browsed: it is not too dry.

Schneier gives prominence to applications with large sections.on protocols and source code. Code is given for IDEA, FEAL, triple-DES, and other algorithms. At first glance, the book has the look of an encyclopedia of cryptography. Unlike an encyclopedia, however, it can’t be trusted for accuracy.

Playing loose with the facts is a serious problem with Schneier. For example in discussing a small-exponent attack on RSA, he says “an attack by Michael Wiener will recover e when e is up to one quarter the size of n.” Actually, Wiener’s attack recovers the secret exponent d when e has less than one quarter as many bits as n, which is a quite different statement. Or: “The quadratic sieve is the fastest known algorithm for factoring numbers less than 150 digits…. The number field sieve is the fastest known factoring algorithm, although the quadratric sieve is still faster for smaller numbers (the break even point is between 110 and 135 digits).” Throughout the book, Schneier leaves the impression of sloppiness, of a quick and dirty exposition. The reader is subjected to the grunge of equations, only to be confused or misled. The large number of errors compounds the problem. A recent version of the errata (Schneier publishes updates on the internet) is fifteen pages and growing, including errors in diagrams, errors in the code, and errors in the bibliography.

Many readers won’t notice that the details are askew. The importance of the book is that it is the first stab at.putting the whole subject in one spot. Schneier aimed to provide a “comprehensive reference work for modern cryptography.” Comprehensive it is. A trusted reference it is not.

Ouch. But I will not argue that some of my math was sloppy, especially in the first edition (with the blue cover, not the red cover).

A few other highlights:

  • 1995 Kryptos Kristmas Kwiz, pages 299–306
  • 1996 Kryptos Kristmas Kwiz, pages 414–420
  • 1998 Kryptos Kristmas Kwiz, pages 659–665
  • 1999 Kryptos Kristmas Kwiz, pages 734–738
  • Dundee Society Introductory Placement Test (from questions posed by Lambros Callimahos in his famous class), pages 771–773
  • R. Dale Shipp’s Principles of Cryptanalytic Diagnosis, pages 776–779
  • Obit of Jacqueline Jenkins-Nye (Bill Nye the Science Guy’s mother), pages 755–756
  • A praise of Pi, pages 694–696
  • A rant about Acronyms, pages 614–615
  • A speech on women in cryptology, pages 593–599

Tags: , , , ,

Posted on April 2, 2024 at 1:05 PM14 Comments

Comments

JonKnowsNothing April 2, 2024 1:43 PM

~1994 the dud(ette) who could discern a D from an E was clearly in-the-know.

And also jealous that you managed to get so many things correct; with a paltry number of errors for such a complex topic.

The good news there is every chance the reviewer is dead and buried or living in poverty.

Schadenfreude.

Clive Robinson April 2, 2024 2:38 PM

@ JonKnowsNothing,

“The good news there is every chance the reviewer is…”

As @Bruce would say “Ouch” 😉

But yes it was 1994, and any NSA “greyhead”[1] is probably a little stiff one way or another by now.

But where they a “greyhead”?

The smartest mathematicians I’ve known have all been in their late twenties or early thirties. So the reviewer could have been born in the mid 1960’s which means they could still be trotting upto retirment.

[1] Note I say “greyhead” not the more normal industry “greybeard” which is more appropriate to “academia’s issues”.

As I’ve said before in most of my life I’ve been more interested in what goes on in the mind than the supporting flesh…

Jon Lennox April 2, 2024 4:15 PM

The good news there is every chance the reviewer is dead and buried or living in poverty.

Death of course comes for us all, but the odds that the author is living in poverty are very low — far more likely to be living quite well on an ample U.S. Government pension!

cybershow April 2, 2024 6:17 PM

That’s a good review (albeit tinged with unnecessary snark). “I
listened for the echo and I heard only praise”, is the more common
complaint nowadays when people lack the courage for sincere criticism.

But I’m not sure it’s entirely sincere; What the review reveals is
interesting. It’s unusual in tone. It’s less about the book than about
the potential effects of the book. While it acknowledges the value of
encyclopaedic overview one detects a note of worry in that regard. Oh
dear, Schniere has created a “knowledge hazard”… but don’t worry
because it’s “sloppy”.

BTW, fifteen pages of errata is clearly to the credit of any author.
That’s a sign of care, not carelessness.

Anonymous April 2, 2024 9:28 PM

Wow :)!Good review though, askewed as it was.

@All – should we expect an AI generated review of this blog in the near future :)))?

ResearcherZero April 2, 2024 10:12 PM

They could have submitted some corrections for the errata, which would have been more helpful. Constructive criticism is generally allowed, even if some might frown about it.

JonKnowsNothing April 2, 2024 11:43 PM

@ ResearcherZero , All

re: Constructive criticism

We can tell a lot about the kind of people at the agency from what 1994Redacted wrote, and giving constructive or supportive suggestions is not likely one of their strong suits.

  • They are clearly exceedingly well versed. It’s not 100% clear if they made their observations alone or by committee but I’d grant it was their own findings.
  • To sieve through the book and pick out errata, wasn’t so much to inform people of potential errors outside of the agency, but only to notify those inside the agency.
    • If there was a miscalculation in the public sphere that’s just fine NOBUS
  • There are a lot of very well educated people in such agencies but they select to abhor pubic information and of course, any public acknowledgement of their contributions in favor of Big Fish Small Pond among a series of Small Ponds.
    • It is possible 1994Redacted is a well known public figure, however, withholding this ultra secret document for 30yrs implies they were not well known.
    • They are quite stuck in the government ranking system and competition for the upper tiers must be fierce. Otherwise who-cares if a public sphere book has an error in it?
    • Agencies like this are not keen to have their employees current or retired write on such a significant topic. If they want to write spy make-believe novels that’s OK but don’t give out any technical information. If this person was so well informed it must have been very difficult for them to not be able to share with a wider audience.
  • One can only imagine what sort of team member or boss this person would have made, since they were channeling Judith Crist (1) for the review style
    • There isn’t any definite indication of gender but they are certain no one in the agency is going to call them out or challenge their authoritative review.

===

1)
https://en.wikipedia.org/wiki/Judith_Crist

Judith Crist (May 22, 1922 – August 7, 2012) was an American film critic and academic.

She was known for her acerbic cinema reviews.

echo April 3, 2024 6:52 AM

This is a chance to say her name: Ann Caracristi. Women’s History Month was last month but we got there in the end, I suppose.

There’s a lot of stories here. The institutional story and polished careers. There are stories of hierarchical privilege and poverty. Stories of lives lived and the other elsewhere who didn’t. The public story of techno-triumphalism built and the silenced voices of a million women. Stories of wealth and privilege giving leverage and favours granted but only so far.

This is why we have Women’s History Month. It’s where women share our histories with each other and the histories of women who came before us so the next generation of women know where they came from. Women have always done this. Women share their stories from mother to daughter, sister to sister, elder to young women making their way in the world.

echo April 3, 2024 8:27 AM

Agencies like this are not keen to have their employees current or retired write on such a significant topic. If they want to write spy make-believe novels that’s OK but don’t give out any technical information. If this person was so well informed it must have been very difficult for them to not be able to share with a wider audience.

The ex-CIA book on disguises Bruce wrote a topic about is very much like that. I know ten times what the book says and I know zip all compared to some. The whole thing was so dumbed down. The thing is much like chemistry, I suppose, the knowledge is out there in the wild. It’s just the old “don’t give stupid people ideas” thing kicking in. The book was also written by a man who was grabbing all the credit. An interview on Youtube with the woman who ran the actual department shows who was the real brains and even she would be drawing on domain experts. Pretty much 99.9% of everything they use or I suspect they use is commercially available. There’s one thing I’m thinking about you can only commercially buy from a place in Italy and it’s not cheap. Anyone who is in the know knows exactly what I’m talking about and no I’m not saying and neither are they.

If anyone pays attention to interviews with special forces (SAS and Delta) you’ll note this is a small but consistent theme running through the interviews. It’s overshadowed by all the techno whizz action hero nonsense which grabs the attention of many but it’s there. They don’t want nutters or people who will snap or buckle in that less than five seconds window when they have to make a friend or foe call.

Secrecy to protect the innocent I get. Secrecy to protect abusers I don’t get.

Erdem Memisyazici April 3, 2024 9:45 PM

Meh, it happens. It’s only a big deal if you’re defining a protocol and even those get erratas after years of collaboration. It takes many years for collections of rules on hot topics to mature/get-to-a-stable-version and that includes math related books.

I wouldn’t scrutinize a version 0.1

Erdem Memisyazici April 4, 2024 5:47 AM

Found a comment online that was of some interest as it better states the publishing in a historical context.

Regarding AC in particular, Schneier has himself stated that the approach of AC was in hindsight not the best. The preface to his later book, Cryptography Engineering states:

But such books are also one step removed from the needs of cryptography and security engineers in practice. Cryptography and security engineers need to know more than how current cryptographic protocols work; they need to know how to use cryptography.

There’s even a stronger phrasing, referred to and accepted as true by Schneier in his blog (Cryptography Engineering an updated version of Practical Cryptography):

But in the introduction to Bruce Schneier’s book, Practical Cryptography, he himself says that the world is filled with broken systems built from his earlier book. In fact, he wrote Practical Cryptography in hopes of rectifying the problem.

Even as a reference, AC is almost 25 year old now, counting from the second edition published in 1996. It predates AES by 5 years, and accordingly spends a full chapter on the Data Encryption Standard (DES). Obviously, it is also missing such things as elliptic curve cryptography (ECC) and AEAD encryption modes, etc. Of course, Cryptography Engineering isn’t much of a reference at all, it describes real-world issues and one design, but only mentions other subjects like RSA padding or GCM in passing.

As Matthew Green puts it,

you should [own a copy], if only to be awed by Bruce’s knowledge of bizarre, historical ciphers and all of the ways they’ve been broken.

The human element here is what I wanted to put into perspective. If Mr. Schneier didn’t know the math he couldn’t invent an algorithm of his own nor participate in NSA events but that seemed like an implication with the 1994 review by redacted if you didn’t know the history and the influence. I had to look it up myself as I didn’t even own a computer back in 1994.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.