Talk:Advanced Encryption Standard

From Citizendium
Revision as of 09:34, 27 October 2008 by imported>Howard C. Berkowitz (→‎The process and the open approach remain important: new section)
Jump to navigation Jump to search
This article is developing and not approved.
 Main Article
 Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
To learn how to update the categories for this article, see here. To update categories, edit the metadata template.
 Definition A US government standard issued in 2002 for a stronger block cipher to succeed the earlier Data Encryption Standard. [d] [e]
Checklist and Archives
 Workgroup category Computers [Categories OK]
 Subgroup category:  Security
 Talk Archive none  English language variant British English

The process and the open approach remain important

Noticing that you moved the technical content to block cipher, it still makes sense to have this, perhaps more focused on the process of open review and the alternatives. This sort of thing might be in a more general policy article rather than AES, or AES selection and policy could be a subarticle.

DES selection, of course, was quite different. While it's U.S.-specific, there was a very interesting Congressional oversight response to concerns that NSA had weakened the DES key length, perhaps to give them a back door within their computing power but not of others. An NSA oversight body of the time, the Senate Intelligence Committee, set up a panel of cleared academic experts to deliver a classified report and open recommendations to them. The public report said, apparently accurately, that there was no back door, but carefully said nothing about differential cryptanalysis.

Open review of encryption algorithms, I personally believe, is wise, but I also believe that the Senate action was a prototype for balancing legitimate security needs against legitimate oversight needs. In the present warrantless interception matter, it does not appear Congress has gotten adequate briefings, and/or has been allowed to have independent experts evaluate not the legalities, but the probability of the program obtaining useful information at the cost of privacy. Howard C. Berkowitz 15:33, 27 October 2008 (UTC)

Retrieved from "https://citizendium.org/wiki/index.php?title=Talk:Advanced_Encryption_Standard&oldid=529700"