Path: gmdzi!unido!mcsun!uunet!samsung!zaphod.mps.ohio-state.edu!sdd.hp.com!
ucsd!pacbell.com!pacbell!hoptoad!gnu
From: gnu@hoptoad.uucp (John Gilmore)
Newsgroups: sci.crypt
Subject: Crypto '90 update
Message-ID: <11999@hoptoad.uucp>
Date: 17 Aug 90 18:34:57 GMT
Organization: Cygnus Support, Palo Alto
Lines: 72
Posted: Fri Aug 17 19:34:57 1990
I got back from Crypto '90 a few days ago and wanted to offer some status.
There are still about 60 copies of the 'on-site proceedings' which mostly
consist of early versions of the papers and/or "extended abstracts" of five
to fifteen pages. The authors get to spruce up their papers before
Springer-Verlag publishes the official proceedings, but that will be close
to a year from now. So if you want to read any of this stuff between now
and then, send $30 to:
Sherry McMahon
Cylink Corporation
130B Kifer Court
Sunnyvale, CA 94086 USA
+1 408 735 5800
The biggest news of the conference was that Adi Shamir revealed the
technique he and Eli Biham have been using to cryptanalyze DES. A later
message will go into this in more detail.
Of interest to sci.crypt readers is that Ralph Merkle has finally
released his paper on Khufu and Khafre that I posted to the net last
year after the snafu about whether NSA had asked Xerox to suppress it.
Shamir's differential methods do not work very well on Khufu because
the S-boxes are built from the key material rather than known in
advance; also because the S-boxes are larger. Ralph also presented
a check to Eli Biham for breaking 2-round Snefru, which did succumb
to the differential attack.
Several people reported on ways of doing RSA on smart cards, making a
host of privacy-preserving protocols possible in financial and
authentication transactions "in real life". Jean-Jacques Quisquater of
Philips Research in Belgium produced a co-processor designed to fit on
a smart card CPU chip and do bignum multiplications quickly, enough to
do RSA on 512-bit numbers in <1.5sec. The cell takes 4mm2 of chip area
(out of about 25mm2 available for smart card chips). David Chaum and
Niels Ferguson have formed a company, DigiCash BV IO in Amsterdam, to
commercialize smart card payment systems in which, as their slogan
goes, "RSA Numbers *are* Money". They use a commercially available
smart card which is too small and slow to do RSA itself. They
developed a method in which the smart card lets the machine it's
plugged into do the exponentiation, but is able to check the answer
to make sure it isn't being lied to.
There was a lot of the usual pushing known results slightly further;
most papers were like that.
C-Span videos of Congressional hearings on public-key standards and
computer security were shown. The hearings were by Rep. Torricelli
on July 10, 1990 -- I'm working on getting a transcript. If anyone from
Usenet has an interest in seeing public key cryptography standardized,
and/or in seeing cryptography be exportable, I encourage you to
write to the staff person who handles computer security for Rep.
Torricelli's subcommittee:
Barbara Kirsch
2321 Rayburn House Office Building
Washington, DC 20515
+1 202 225 9662
Let's write and call to give her some good contacts in the computer
security and public crypto worlds, and educate her about what the
issues really are. Congress won't know what's happening unless we
tell them -- the hearings included trailers for the movie Die Hard 2
which presented totally unlikely computer security crises in which
"only one man" could save the day -- a thug who seemed to spend a lot
more time shooting people than patching holes and tracking intruders.
A future msg will talk more about public key standardization.
--
John Gilmore {sun,pacbell,uunet,pyramid}!hoptoad!gnu g...@toad.com
The Gutenberg Bible is printed on hemp (marijuana) paper. So was the July 2,
1776 draft of the Declaration of Independence. Why can't we grow it now?