Letter to Notices of the AMS in Response to the article by Dr. Wertheihmer

The letter below is in response to this article by Michael Wertheimer in the February 2015 issues of the Notices of the AMS. The letter appeared in the June 2015 issue. They did not print the names of all the signers, since there are too many, but pointed to this website instead. Please let me know (reyzin@bu.edu) if you'd like to sign it.

In his article "Encryption and the NSA Role in International Standards," Dr. Wertheimer works hard to leave the impression that the NSA did not place a backdoor in the DUAL_EC_DRBG algorithm. He never issues a direct denial, because of overwhelming evidence of the backdoor. Instead, he misleads through selective omission of evidence, including evidence that the NSA considered it a "challenge in finesse" to get the standard accepted, that the NSA paid a leading industry player a large sum to make this standard (with NSA's curve points) the default option, that it suppressed discussion of how the curve points should be generated, and that the standard makes no mathematical sense unless you were designing it for the backdoor. The NSA needs to address the actual question of the backdoor, or provide an explanation of why it will not.

Dr. Wertheimer is rightly concerned that this incident may lead people to believe that "NSA has a broader agenda to 'undermine Internet encryption,'" and asks for a "fair reading of our track record." This track record includes reducing the key length of the block cipher DES in the 1970s to make it breakable, blacklisting an inventor of DES (Horst Feistel) from cryptography jobs, advocating for control of cryptographic research in the 1980s, and, according to NSA's 2013 budget request, covertly influencing "commercial products' designs" and "policies, standards and specifications for commercial public key technologies" for the purposes of exploitation. Indeed, the track record speaks for itself.

Dr. Wertheimer writes that he feels "a connection to the mathematics community that goes beyond scholarship." If so, his attempt to mislead this community--the community that "encouraged and supported his studies"--is even more shameful.

Signers (in alphabetical order):

John Baez (University of California, Riverside)
Bruce Bartlett (Stellenbosch University)
Nils Carqueville (University of Vienna)
Paul-Olivier Dehaye (University of Zurich)
David Drasin (Mathematics, Purdue University)
Stéfane Fermigier
Michele Fineli
David Fisher (Indiana University, Bloomington)
Stefan Forcey (University of Akron)
Matthew Green (Johns Hopkins University)
Thomas Hales (University of Pittsburgh)
Ethan Heilman (Boston University)
Nadia Heninger (University of Pennsylvania)
Robert Kingan
Sandra Kingan (Brooklyn College, CUNY)
Michał Kotowski (University of Toronto)
Tom Leinster (University of Edinburgh)
Richard S. Laugesen (University of Illinois, Urbana-Champaign)
Matilde Marcolli (California Institute of Technology)
Daniel Murfet (University of Southern California)
Cathy O'Neill (mathbabe.org)
Leonid Reyzin (Boston University)
Phillip Rogaway (UC Davis)
Abhishek Saha (University of Bristol)
Bruce Schneier (Fellow, Berkman Center for Internet and Society, Harvard Law School)
Susan Sierra (University of Edinburgh)
Zoran Škoda (University of Zagreb)
Adam Smith (The Pennsylvania State University)
Daniel Tubbenhauer (QGM, Aarhus University)
Peter Woit (Columbia University)