Latest Crypto-Gram discusses Open Source, linux, and the Microsoft/NSA keySep 16, 1999, 13:38 (1 Talkback[s])
(Other stories by Bruce Schneier)
[ Thanks to Rhet Turnbull for this link. ]
Bruce Schneier's latest Crypto-Gram is out. He has a good article on the benefits of Open Source as it relates to crypto and Linux as well as a discussion of the NSA/Microsoft key that's been in the news recently. Read Crypto-Gram here.
"As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It's true for cryptographic algorithms, security protocols, and security source code. For us, open source isn't just a business model; it's smart engineering practice."
"This argues very strongly for open source cryptographic algorithms. Since the only way to have any confidence in an algorithm's security is to have experts examine it, and the only way they will spend the time necessary to adequately examine it is to allow them to publish research papers about it, the algorithm has to be public. A proprietary algorithm, no matter who designed it and who was paid under NDA to evaluate it, is much riskier than a public algorithm."