NSA's History of Communications Security — For Your Eyes, Too 52
Phil Sp. writes "Government Attic, those fine investigative pack rats, have outdone themselves this time. Just posted: a declassified NSA document entitled A History of Communications Security, Volumes I and II: The David G. Boak Lectures [PDF] from 1973 and 1981. This is an absolutely fascinating look into how the NSA viewed (views?) communications security and touches on all sorts of topics, including public key crypto, economics, DES, tamper-resistance, etc. It was seemingly from a collection of lectures to new employees. The first 85 pages are heavily redacted but the remaining 80 or so are largely intact. It even concludes with a cryptogram puzzle for the reader!"
Their "FLOP" section was blanked out. :( (Score:5, Insightful)
Redacted, huh? (Score:3, Insightful)
Re:Why was it classified (Score:5, Insightful)
You are correct, however, sometimes you don't want to know about bad algorithms.. or more accurately, you don't want your enemies to know that you've cracked their codes.
Sometimes, things are just politically sensitive.. ie, We cracked the code, realized that country X placed a spy into country Y, we notified country Y, and the spy for country X had a tragic accident...
Re:Noone Read TFA (Score:3, Insightful)
Yes.
Re:Why was it classified (Score:5, Insightful)
That's commonly held belief of security amateurs. In reality, obscurity is a valuable tool in the arsenal of the security professional - because an attacker cannot be prepared to address a measure that he does know the existence of beforehand. For example - a visible set of VCR's in a place equipped with visible cameras... but they are dummies with the real ones (or a backup set) behind a nondescript door.
The analytical power of many experienced and knowledgeable eyes - sure. But those eyes have clearances and access to the document. Just because the general public doesn't see it, doesn't mean that a lot of qualified people haven't.
So this is way below their lower limit (Score:3, Insightful)
Interesting reading. Probably beyond average slashdotter's patience, hence so few comments to the story. I've found the history of TEMPEST being the most fascinating... discovered, forgotten, rediscovered, never fully eliminated but considered adequately handled given the threat level assessment. It left me wondering what the status of TEMPEST is with current electronic computing devices?
According to the book itself (see p. 128 bottom), this disclosure should not even come close to define the lower bound of NSA's today's capabilities. Umm, impressive then.