Why "carnivore" type systems can't be (entirely) open source

[Tom Thomson]

> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Owen Lewis
> Sent: 30 January 2001 21:24
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Re: Why "carnivore" type systems can't be (entirely) open
> source
> > Relying on lack of knowledge of your algorithms when you are placing
> > those algorithms in the hands of your adversary is bound to lead to
> > tears, as the lack of knowledge is strictly a temporary thing.
>
> Done reasonably well it buys time (see GSM). The core issue is the
> probability of whether, in the implementation one has in mind, it gains
> sufficient time to serve one's purpose. See argument re. GSM and also
> (later) re. software offered on the open market.
>
> >Since many secure algorithms do exist despite them being public
> knowledge,
> > there is no substance to the argument that obscurity helps, and usually
> > (almost always, in practice) it hinders because limited scrutiny is far
> > more dangerous than excessive scrutiny.
>
> That, if I may say so, is more a statement of hope that a
> statement of fact.
> Who knows? What *is* known is that no one has found a crack and
> published it
> widely.

Interestingly enough, you appear to have demolished that part of your own
case which is based on GSM; all one knows about GSM is that (prior to
Shamir's paper) no-one had publicised a crack widely. A large commercial
advantage might have been obtained by keeping a crack secret, if the crack
was for the purpose of industrial espionage, so a crack made by an opponent,
as opposed to an "academic", would not have been publicised widely.

Tom Thomson