A fair collection of cryptography related quotes collected over the last 5+ y ears:

""Two can keep a secret if one is dead."
-- Unknown


"How you can tell an extrovert from an introvert at NSA ? In the elevators? The extroverts look at the OTHER guy's shoes."
-- Steven Aftergood, e-mail to Cryptography mailing list, 6/11/02.


"Much work remains to be done. In particular, I believe we must soon address the risks posed by electronic distribution of encryption s oftware. Although the Wassenaar Nations have now reached agreement to control th e distribution of mass market encryption software of certain cryptographic stren gth, some Wassenaar Nations continue not to control encryption software that is distributed over the Internet, either because the software is in the "public dom ain" or because those Nations do not control distribution of intangible items. W hile I recognize that this issue is controversial, unless we address this situat ion, use of the Internet to distribute encryption products will render Wassenaar 's controls immaterial."
-- US Attorney General Janet Reno letter to Federal Secretary of Justice Herta Daubler-Gmelin May '99


"The bitch is getting a clue. :)"
-- William H. Geiger III (response to the above).


"We really haven't done everything we could to protect our customers ... Our products just aren't engineered for security"
-- Brian Valentine, Senior Vice President of the Windows Division, 05/09/02


"Microsoft shouldn't be broken up. It should be shut down."
-- Bruce Schneier, Cryptogram, 15/05/2000.


" There's no reason to treat software any differently from other products. Today Firestone can produce a tire with a single systemic flaw and they're liable, but Microsoft can produce an operating system with multiple systemic flaws discovered per week and not be liable. This makes no sense, and it's the primary reason security is so bad today. "
-- Bruce Schneier, Cryptogram, 16/04/2002.


"The present need for security products far exceeds the number of individuals capable of designing secure systems. Consequently, indust ry has resorted to employing folks and purchasing "solutions" from vendors that shouldn't be let near a project involving securing a system."
-- Lucky Green


"The problem isn't the Internet. The problem is the horribly insecure computers attached to the Internet. I would rather rewrite Windows than TCP/IP."
-- Bruce Scheier, Netcraft interview, 13/8/04.


"People who are willing to rely on the government to ke ep them safe are pretty much standing on Darwin's mat, pounding on the door, scr eaming, 'Take me, take me!'"
-- Carl Jacobs, Alt.Sysadmin.Recovery


"When stopping a terrorist attack or seeking to recover a kidnapped child, encountering encryption may mean the difference between success and catastrophic failures"
-- Janet Reno, Sept 99. Or in plain English "When trying to commit economic espionage and illegaly spying on our citizens, encountering encryption...."


"gentlemen do not read each others mail"
-- Henry Lewis Stimson


"In coming months, politicians will flail about looking for freedoms to eliminate to 'curb the terrorist threat'. We must remember throughout that you cannot preserve freedom by eliminating it."
-- Metzger, Wasabi Systems, Sept 01.


"What makes you think you can invent a good cipher if y ou have no expertise in the subject? Maybe you can, but it's not terribly likely. Imagine how you would react if your doctor told you "You have appendicitis, a disease that is life-threatening if not treated. We have a time-tested cure that cures 99% of all patients with no noticeable side-effects, but I'm not going to give you that: I'm going to give you a new experimental treatment my cousin dreamed up last week. No, my cousin has no medical training. No, I have no evidence that the new treatment will work, and it's never been tested or analyzed in depth -- but I'm going to give it to you anyway because my cousin thinks it is good stuff." You'd find another doctor, I hope. Rational people leave medical care to the medical experts. The medical experts have a much better track record than the quacks."
-- David Wagner PhD, sci.crypt, 19th Oct 02.


"History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did."
-- Bruce Schneier.


"I believed then, and continue to believe now, that the benefits to our security and freedom of widely available cryptography far, far outweigh the inevitable damage that comes from its use by criminals and terrorists...I believed, and continue to believe, that the arguments against widely available cryptography, while certainly advanced by people of good will, did not hold up against the cold light of reason and were inconsistent with the most basic American values."
-- Matt Blaze, AT&T Labs, Sept 01.


"The more corrupt the state, the more numerous the laws "
-- Tacitus


"Every time I write about the impossibility of effectiv ely protecting digital files on a general-purpose computer, I get responses from people decrying the death of copyright. "How will authors and artists get paid for their work?" they ask me. Truth be told, I don't know. I feel rather like the physicist who just explained relativity to a group of would-be interstellar travelers, only to be asked: "How do you expect us to get to the stars, then?" I'm sorry, but I don't know that, either.'' "
-- Bruce Schneier, Cryptogram 15 Aug 01.


"$_='while(read+STDIN,$_,2048) {$a=29;$c=142; if((@a=unx"C*",$_) [20]&48) {$h=5;$_=unxb24,join"",@b=map{xB8,unxb8, chr($_^$a[--$h+84])} @ARGV;s/...$/1$&/;$d=unxV,xb25,$_;$b=73;$e=256| (ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=($t=255)& ($d>>12^$d>>4^$d^$d/8))<<17, $e=$e>>8^($t&($g=($q=$e>>14&7^$e) ^$q*8^$q<<6))<<9,$_=(map {$_%16or$t^=$c^=($m=(11,10,116,100,11,122,20,100) [$_/16%8])&110;$t^=(72, @z=(64,72,$a^=12*($_%16-2?0:$m&17)) ,$b^=$_%64?12:0,@z)[$_%8]}(16..271)) [$_]^(( $h>>=8)+=$f+(~$g&$t)) for@a[128..$#a]}print+x"C*",@a}'; s/x/pack+/g;eval"
-- D e C S S in PERL


"Cryptography is like literacy in the Dark Ages. Infini tely potent, for good and ill... yet basically an intellectual construct, an idea, which by its nature will resist efforts to restrict it to bureaucrats and others who deem only themselves worthy of such Privilege."
-- "A Thinking Man's Creed for Crypto", Vin McLellan.


"This is by-design behavior, not a security vulnerability. "
-- Scott Culp, Microsoft Security Response Center, discussing the hole allowing ILOVEU to propogate, 5/5/00.


"Security is orthogonal to functionality - just because a security product functions properly does not mean it's secure"
-- Bruce Schneier.


"Paranoia is our profession."
-- Strategic Air command


"a trusted system is one which, when it breaks, can break your security policy "
-- Bob Morris, NSA.


"a trusted system is one which, when it breaks, doesn't get you fired (i.e., in the old days it was bought from IBM, now from Microsoft :-)"
-- Roger Needham


"a trusted system is one which can be insured so that you don't lose out financially when it breaks."
-- Ross Anderson


"I have copyrighted works protected with PGP. I did not consent to the TPM I use being circumvented. Bruce's description of this vulnerability is clearly a circumvention technology that will be used to pirate my work and is thereby illegal under the DMCA. .

I'm going to file a lawsuit against Bruce and Slashdot and anyone who links to Slashdot and anyone who reads the article and anyone who points at or otherwise refers to a person who reads the article. In fact, Bruce himself is circumvention technology, so I'm suing his parents, too, along with the major airlines, both of which have distributed Bruce. "
-- Brian Taylor, letter to Cryptogram


"Microsoft is a bad neighbour, whose allowed their yard to fill with filth and trash, subjecting the people around them to the vermin and roaches that breed within their unkempt property. It is on this day that the internet will begin to sputter and fail in places due to the tremendous burdon Microsofts incompetence has placed upon it. Microsoft's products spew pollution into the information space like a burning mountain of tires."
-- Unknown


"You have zero privacy anyway, get over it."
-- Chief executive officer of Sun Microsystems Scott McNealy to reporters and an aylsts, 25/1/99


"We can factor the number 15 with quantum computers. W e can also factor the number 15 with a dog trained to bark three times."
-- Robert Harley, 5/12/01, Sci.crypt.


"The price of freedom is eternal vigilence."
-- Thomas Jefferson.


"As soon as men decide that all means are permitted to fight an evil, then their good becomes indistinguishable from the evil that they set out to destroy."
-- Christopher Dawson, The Judgment of Nations, 1942


"Information is the oxygen of the modern age. It seeps through the walls topped by barbed wire, it wafts across the electrified borders."
-- Ronald Reagan


"Information networks straddle the world. Nothing remai ns concealed. But the sheer volume of information dissolves the information. We are unable to take it all in."
-- Gnther Grass


"Cryptography is concerned with the conceptualization, definition, and construction of computing systems that address security concerns ."
-- "Foundations of Cryptography" by Oded Goldreich, 1997


"Finding errors in _Applied Cryptography_ is like findi ng sand on the beach"
-- John S. Denker, post to cryptography mailing list 14/4/02.


"most security failures in its area of interest are due to failures in implementation, not failure in algorithms or protocols"
-- The NSA


"As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades."
-- Bruce Schneier, 1996.


"I couldn't help but overhear, probably because I was e avesdropping"
-- Anon


"the vast majority of security failures occur at the level of implementation detail"
-- Ross Anderson, 1993.


"Today the french government owns the keys of our PGP product, which is an encryption product, so the french government can decrypt anytime because it has the keys, we are obliged, it is a legal obligation. And I think that this legal obligation exists in all industrialized countries."
-- Frederic Braut, President-Directeur General, Network Associates (France) appearing on TV program "Tous fliqu�" shown on Canal+, 15/01/01


"Within Europe, all email, telephone, and fax communica tions are routinely intercepted by the United States National Security Agency"
-- European Parliament report "Assessing the Technologies of Political Control"< /font>


"Export controls are utterly ineffective on an individu al basis, but extremely effective for blanket surveillance and espionage - Expor t controls help criminals and terrorists by leaving information systems vulnerab le to attack"
-- P.Gutmann


"The end of the Cold War has not brought to an end the Echelon eavesdropping system. This system has become a weapon of economic warfar e."
-- Rossiyskaya Gazeta (Russian state-funded daily paper)


"If I see you in the parking lot, I'll run your ass ove r"
-- NSA Export Officer to Jim Bidzos (Head of RSA), April '94 (pg 287, Crypto by S.Levy)


"That's right, my continental friends, we have spied on you because you bribe. Your companies' products are often more costly, less tec hnically advanced or both, than your American competitors'. As a result you brib e a lot. So complicit are your governments that in several European countries br ibes still are tax-deductible."
-- "Why We Spy on Our Allies", The Wall Street Journal, 17 March, 2000 By R. Jam es Woolsey - former Director of Central Intelligence.


"Your password must be at least 18770 characters and ca nnot repeat any of your previous 30689 passwords. Please type a different passwo rd. Type a password that meets these requirements in both text boxes."
-- Microsoft takes security seriously in Knowledge Base Article Q276304.


"I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say 'Daddy, where we re you when they took freedom of the press away from the Internet?'"
-- Mike Godwin, Electronic Frontier Foundation.


"At GCHQ, the Government listens to everyone except the people who work there"
-- London Tabloid advert placed by Trades Union Congress after the banning of un ion representation in GCHQ, circa 1981.


"Why shouldn't I work for the NSA? That a tough one, bu t I'll take a shot.

Say I'm working at the NSA and somebody puts a code on my desk, something nobody else can break. Maybe I take a shot at it, maybe I break it. I'm really happy with myself, because I did my job well.

But maybe that code was the location of some rebel army in North Africa or in the Middle East a nd once they have that location they bomb the village where the rebel army is hi ding. Fifteen hundred people that I never met, never had no problem with, just g ot killed.

Now the politicians are saying "Oh, send in the Marines to secure the area," because they don't give a shit. It won't be their kid over there gett ing shot just like it wasn't them when their number got called because they were pulling a tour in the National Guard.

It'll be some kid from Southie over th ere taking shrapnel in the ass. He comes back to find that the plant he used to work at got exported to the country he just got back from, and the guy that put the shrapnel in his ass got his old job, because he'll work for fifteen cents a day and no bathroom breaks.

Meanwhile he realizes that the only reason he was over there in the first place was so we could install a government that would s ell us oil at a good price. And of course the oil companies use the little skirm ish to scare up oil prices. It's a cute little ancillary benefit for them, but i t ain't helping my buddy at two-fifty a gallon.

They're taking their sweet ti me bringing the oil back, of course, and maybe they took the liberty of hiring a n alcoholic skipper who likes to drink martinis and fucking play slalom with the icebergs. It ain't too long until he hits one, spills the oil, and kills all th e sea life in the North Atlantic.

So now my buddy's out of work, he can't aff ord to drive, so he's walking to the fucking job interviews which sucks because the shrapnel in his ass is giving him chronic hemorrhoids. Meanwhile, he's starv ing because any time he tries to get a bite to eat the only Blue Plate Special t hey're serving is North Atlantic Scrod with Quaker State.

So what did I think ? I'm holding out for something better.

I figure, fuck it. While I'm at it, I might as well just shoot my buddy in the ass, take his job, give it to his swor n enemy, hike up gas prices, bomb a village, club a baby seal, hit the hash pipe and join the National Guard. I could be elected President."
-- From the movie "Good Will Hunting" (Matt Damon's character speaking to an NSA recruiter, in a heavy Boston accent)


(Stops in mid-gyration) "You're Phil Zimmermann? I kno w all about PGP!"
-- Stripper in North Beach strip club to PRZ (pg 289, Crypto by S.Levy)

"If McDonalds offered a free Big Mac in exchange for a DNA sample, there'd be lines around the block"
-- Bruce Schneier


"If the target didn't think he or she was communicating privately, they wouldn't communicate, the key to this business is actually doin g what your adversary believed to be impossible."
-- General Mike Hayden, Director of the NSA in an CBS Interview.


"'Oh please Mr. Terrorist, don't use that unbreakable P hil Zimmerman code...' said brer rabbit. 'Oh please, anything but that nasty old PGP!!!'"
-- 'JK' posting to sci.crypt, 14 February, 2001 about NSA complaining that PGP i s unbreakable.


"Give me Liberty or give me... well, whatever you think s is best for society"
-- Slashdot .sig


"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honou r and reputation. Everyone has the right to the protection of the law against su ch interference or attacks."
-- Article 12 Universal Declaration of Human Rights


"Article 8 of the European Convention on Human Rights ( 1953, Cmnd 8969) provides:
1 Everyone has the right to respect for his private and family life, his home an d his correspondence.
2 There shall be no interference by a public authority with the exercise of this right except such in accordance with the law and is necessary in a democratic s ociety ... for the prevention of disorder or crime..."
-- From the ECHR, finally made English law 2/10/2000


"The real aim of current policy is to ensure the contin ued effectiveness of US information warfare assets against individuals, business es and governments in Europe and elsewhere"
-- Ross Anderson, posting to ukcrypto, 4th Dec 1998


"self-regulation is fine when the consumer's interests are at stake, but legislation is thought essential when the spooks consider thei r interests to be at stake."
-- Marc Rotenberg


"Indeed, key recovery schemes seem like they were desig ned by organized crime. What could be better than to persuade corporate America to effectively put all of its secrets ... in one or a few baskets, baskets that are sure to be underfunded and poorly guarded because they are hardly ever used legitimately?"
-- Ronald L. Rivest, Associate Director, MIT Laboratory for Computer Science


"1984 - Orwell was only off by a decade or two."
-- Anon


"I am smug enough to say that NSA can't break RSA or di screte logs."
-- Bob Silverman posting to sci.crypt, January 5, 1996.


"RSA seems to me to be elegant in its simplicity (even I cannot forget it, though I try every time I leave the country) and ease of dem onstration."
-- William Hugh Murray to talk.politics.crypto 7 Dec 1998


"An NSA-employed acquaintance, when asked whether the g overnment can crack DES traffic, quipped that real systems are so insecure that they never need to bother. Unfortunately, there are no easy recipes for making a system secure, no substitute for careful design and critical, ongoing scrutiny ."
-- Matt Blaze in AC2


(Sternlight) "According to the Web site a DIVX player i s just a DVD player with additional features."
(Ed Stone) "Kind of like a jailhouse is just a home with 'additional features'. ;-)"
-- On comp.security.pgp.discuss, 26 Jan 1999.


(BS) "You cannot trust an encryption algorithm designed by someone who had not 'earned their bones' by first spending a lot of time cra cking codes."
(PRZ) "...Practically no one in the commercial world of cryptography qualified u nder this criterion!"
(BS) "Yes, and that makes our job at the NSA so much easier"
-- Coversation between Philip Zimmermann and Brian Snow, a senior cryptographer with the NSA.


"Even the Four Horsemen of Kidporn, Dope Dealers, Mafia and Terrorists don't worry me as much as totalitarian governments. It's been a long century, and we've had enough of them."
-- Bruce Sterling


"I should be able to whisper something in your ear, eve n if your ear is 1000 miles away, and the government disagrees with that. [GQ ma gazine in England] quoted me on that---they changed one letter. It said I should be able to whisper something in your car, even though I am 1000 miles aw ay. I wonder what the people in England think of me."
-- Philip Zimmermann. We think you're great Phil!


"You want us to put an ax in your hand and you're promi sing to hit us with only the flat side of it. But the Chinese don't see it that way; they're already licensing fax machines and they're gonna need a lot of new hardware to gear up for Tiananmen II"
-- Bruce Sterling


"I'd rather have him inside the tent pissing out than o utside the tent pissing in"
-- Lyndon B Johnson on why he retained J. Edgar Hoover at the FBI, Guardian Week ly, 18 Dec 1971.


"England has never enjoyed a genuine social revolution. Maybe that's what's wrong with that dear, tepid, vapid, insipid, stuffy, little country."
-- Edward Abbey


"The right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall n ot be violated..."
-- The Fourth Amendment to the U.S. Constitution


"Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, a nd to petition the government for a redress of grievances."
-- The First Amendment to the U.S. Constitution


"No man's life, liberty, or property is safe while the legislature is in session."
-- Judge Gideon J. Tucker, 1866.


"The freedom of speech and of the press guaranteed by t he Constitution embraces at the least the liberty to discuss publicly and truthf ully all matters of public concern without previous restraint or fear of subsequ ent punishment."
-- Roth v. United States, 354 U.S. 476 (1957)


"...domestic intelligence activities [that] threaten to undermine our democratic society and fundamentally alter its nature"
-- Senate Church Committee report, 1976


"the debate over national cryptography policy can be ca rried out in a reasonable manner on an unclassified basis"
-- A Congress requested National Research Council report "Cryptography's role in securing the information society", 1996


"on balance, the advantages of more widespread use of c ryptography outweigh the disadvantages"
-- ibid


"Escrowed encryption [encryption for which a third part y holds a key] by design introduces a system weakness ... and so if the procedur es that protect against improper use of that access somehow fail, information is left unprotected."
-- ibid


"I Really think we would do better to discuss this in e xecutive session"
-- William E Colby, CIA Director, 1975


"Legality? That particular aspect didn't enter into the discussions."
-- Benson K Buffham, Deputy Director NSA when questioned by the Senate Church Co mmittee about domestic monitoring


"The FBI, on the other hand, stretched the truth and di storted the fact. It seems fair to conclude that the government has not made it s case regarding encryption."
-- Diffie in "Privacy on the line", 1998 - explaining how intelligence agencies (mis)use wiretap statistics.


"In total, therefore, the U.S. economy will lose betwee n $35.16 and $95.92 billion over the next five years, as a consequence of curren t administration policy [on crypto]."
-- Economic Strategy Institute report "Finding the Key", 1998


"The right to be let alone is indeed the beginning of a ll freedom."
-- Supreme Court Justice William O. Douglas 1952, Public Utilities Commission v Pollak


"The right to be left alone - the most comprehensive of rights, and the right most valued by civilized men."
-- Supreme Court Justice Louis Brandeis


"There is no assurance, without scrutiny, that all keyi ng material introduced during the chip programming is not already available to t he NSA...... Aslongas theprogrammingdevicesare controlledby the NSA, there is no way to prevent the NSA from routinely monitoring all SKIPJACK encrypted traffic . Moreover, compromise of the NSA keys,such as in the Walker case, could comprom ise the entire EES system."
-- NASA comments on EES, 1993. ok - branches of the government don't trust the NSA, but we should?


"In some countries, strong encryption has been banned o r the keys have to be escrowed for government officials. With invisibility readi ly available to anyone with moderate programming skills, it is obvious that any such measures are ineffective. Restrictions on encryption cannot stop criminals from using, but may hurt law-abiding businesses and individuals who could greatl y benefit from mass application of cryptographic techniques."
-- Counterintelligence News and Developments, National Counterintelligence Cente r, Volume 2 - June 1998


"Just because you're paranoid doesn't mean some one isn 't out to get you..."
-- Unknown


"Any time that you're developing a new product, you wil l be working closely with the NSA"
-- Ira Rubenstein, Microsoft attorney


"Few false ideas have more firmly gripped the minds of so many intelligent men than the one that, if they just tried, they could invent a cipher that no one could break."
-- David Kahn


"The multiple human needs and desires that demand priva cy among two or more people in the midst of social life must inevitably lead to cryptology wherever men thrive and wherever they write."
-- David Kahn, The Codebreakers.


"All data is illegal - all you need is the appropriate one time pad"
-- AMAN, 25 September 1998


"The disk scrambler is of course like any other entity which can be put to good, or bad use (I could perhaps strangle someone with a st ethoscope for example....)"
-- AMAN, 6 July 1998


"The law does not allow me to testify on any aspect of the National Security Agency, even to the Senate Intelligence Committee."
-- General Allen, Director of the NSA, 1975


"NSA systematically intercepts international communicat ions, both voice and cable."
-- General Allen, Director of the NSA testifying before Congress


"You bastards!"
-- guy@panix.com in response to the above General Allen quote :-)


"The wire protocol guys don't worry about security beca use that's really a network protocol problem. The network protocol guys don't wo rry about it because, really, it's an application problem. The application guys don't worry about it because, after all, they can just use the IP address and tr ust the network."
-- Marcus J. Ranum


"You don't want to buy a set of car keys from a guy who specializes in stealing cars"
-- Marc Rotenberg commenting on Clipper


"There can be no greater good than the quest for peace, and no finer purpose than the preservation of freedom."
-- U.S. President Ronald Reagan


"I know something about trust. I got my trust the old- fashioned way. I earned it."
--Bill Clinton, in Federal News Service, 28 October 1992. Hehehe.


"The strength of the Constitution lies entirely in the determination of each citizen to defend it. Only if every single citizen feels d uty bound to do his share in this defense are the constitutional rights secure.< /I>"
-- Albert Einstein


"At the very least, an effort should be made to develop minimal due process guarantees for individuals who are threatened with a secrec y order. The burden of proof should be on the gov't to show why a citizen's con stitutional rights must be abridged in the interests of 'national security'. "
-- pp 33 & 34 Werner Baum 1978 July [chaired an NSF committee on cryptography]


"Nearly all men can stand adversity, but if you want to test a man's character, give him power."
-- Abraham Lincoln


"It is dangerous to be right when the government is wro ng."
-- Voltaire


"So far as we are concerned, there is no difference bet ween an encrypted file and a locked suitcase"
-- UK Customs and Excise official, August 98. Apart from the fact you can force a locked suitcase open :-)


"If all the personal computers in the world - ~260 mill ion computers - were put to work on a single PGP-encrypted message, it would sti ll take an estimated 12 million times the age of the universe, on average, to br eak a single message."
-- William Crowell, Deputy Director of the National Security Agency, March 1997


"Without censorship, things can get terribly confused i n the public mind."
-- U.S. General William Westmoreland


"I would rather be exposed to the inconveniences attend ing too much liberty than those attending too small a degree of it."
-- Thomas Jefferson


"The spirit of resistance to government is so valuable on certain occasions that I wish it to be always kept alive"
-- Thomas Jefferson


"My comment was that the FBI is either incompetent or l ying, or both....."
-- Bruce Schneier on FBI claims that they don't have specialised machines that c an break DES


"It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics."
-- Bruce Schneier


"Cryptography products may be declared illegal, but the information will never be"
-- Bruce Schneier


"ECC curves are divided into three groups, weak curves, inefficient curves, and curves patented by Certicom"
-- Peter Gutmann, 10 Aug, 2001.


"But I'd also ask American business not to make a campa ign out of just trying to bust through export controls as though somehow there w as a God-given, inherent right to send the strongest encryption to anybody in th e world, no matter who they are. I don't agree with that. I will never agree wit h that."
-- Deputy Secretary of Defense John J. Hamre, 21 July, 1998. But who said th ere is a god given right that the DoD can read my messages?


"You can torture me all you want, I don't know anything"
"torture you... that's a good idea"
-- Resevoir Dogs (Quentin Tarantino)


"The NSA response was, 'Well, that was interesting, but there aren't any ciphers like that.'"
-- Gus Simmons - "The History of Subliminal Channels"


"A secret between two is a secret of God; a secret amon g three is everybody's secret."
-- French proverb (about clipper / key-escrow systems? :-) )


"Can you say 'cryptographic filesystem'? Can you say 'c ustom filesystem'?"
-- James MacDonald posting to sci.crypt, August 14, 1998. Sarcastic comment - m ade unwittingly to the author of ScramDisk :-)


"The obvious mathematical breakthrough would be develop ment of an easy way to factor large prime numbers."
-- Bill Gates from The Road Ahead, p265


"There is a secret message embedded in the phosphor of this period."
-- David Honig [honig@sprynet.com] .sig


"It's the dungheap of History. If you look really, rea lly closely at the tippy top, you can see Louis Freeh holding a Clipper chip."
-- Xcott Craver posting to sci.crypt 20 August 1998. Describing the 'pyramid th ing' on the cover of AC2 :-)


"You shouldn't overestimate the I.Q. of crooks."
-- NYT: Stuart A. Baker, General Counsel for the NSA, explained why crooks and t errorists who are smart enough to use data encryption would be stupid enough to choose the U.S. Government's compromised data encryption standard.


"An essential element of freedom is the right to privac y, a right that cannot be expected to stand against an unremitting technological attack."
-- Whitfield Diffie, Distinguished Engineer at Sun Microsystems


"It must always be remembered that crime statistics are highly inflammatory---an explosive fuel that powers the nation's debate over a large number of important social issues---and that FBI Director Louis Freeh toda y is the leading official shoveling the fuel into the blazing firebox."
-- David Burnham


"If the personal freedoms guaranteed by the Constitutio n inhibit the government's ability to govern the people, we should look to limit those guarantees."
-- President Bill Clinton, August 12, 1993


"Why should you care if you have nothing to hide?"< BR> -- J. Edgar Hoover


"I love my country but fear my government"
-- Anonymous


"...Finally, face it; PGP, albeit useful for some niche applications, is a little pissant pimple on the body of cryptographic usage."
-- David Sternlight posting to comp.security.pgp.discuss, June 25, 1997. Click < A HREF="http://www.synernet.com/public/sternlight-faq/">here for more :-)


"The irony of the Information Age is that it has given new respectability to uninformed opinion."
--John Lawton, as previously quoted in D.Sternlights .sig But was it written abo ut him? :-)


"Where the hell is your great contribution to the field that I worked in?????"
-- Robert Gifford posting to comp.security.pgp.discuss, Aug 25, 1998 to David St ernlight :-).


"I have not got any father than just a few variables pa st one round. I tried to search for real info on the 3.5 rounds that some one r everseved engineered but could not find it."
-- The literate David A. Scott posting to sci.crypt , June 26, 1998. RE his ana lysis of IDEA :-)


"Besides a mathematical inclination, an exceptionally g ood mastery of one's native tongue is the most vital asset of a competent programmer."
-- Edsger Wybe Dijkstra. Did he know David A. Scott too? ;)


"I have developed an encryption software package that I can best describe as a ONE-TIME-PAD GENERATOR."
-- Anthony Stephen Szopa posting to sci.crypt, August 8, 1997


"Is it time for another one of these already? Oh, both er."
-- Bruce Schneier posting to sci.crypt, August 8, 1997 - in response to the Szop a quote :-)


"The magic words are squeamish ossifrage""
-- RSA message encoded in 1977 by Ron Rivest. Rivest estimated that breaking th is message by factoring the 125-digit number would require 40 quadrillion years. It was broken using idle times on machines connected to the internet.

"Quis Custodiet Ipsos Custodes." -> "Who will wa tch the watchmen."
-- Juvenal, circa 128 AD


"Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin."
-- John Von Neumann, 1951


"Deception is a state of mind - and the mind of the sta te"
-- James Angleton, the late CIA superspy, quoted in the book, DECEPTION by Edwar d Jay Jones (1989)


"The limits of tyrants are prescribed by the endurance of those whom they oppress."
-- Frederick Douglass


"I swear to tell the truth, the whole truth, just the w ay the President did."
-- Timothy C. May .sig


"Linear improvements in compute power can't stand up to exponential improvements in difficulty."
-- Anonymous


"The best system is to use a simple, well understood al gorithm which relies on the security of a key rather than the algorithm itself. This means if anybody steals a key, you could just roll another and they have to start all over."
-- Andrew Carol. Amen!


"Random numbers should not be generated with a method c hosen at random."
-- Donald Knuth, The Art of Computer Programming Volume 2 - Seminumerical Algort hms


"Key escrow to rule them all; key escrow to find them. Key escrow to bring them all and in the darkness bind them. In the land of sur veillance where Big Brother lies."
-- Peter Gutmann


"When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl."
-- Kevin McCurleys Thought for the day, June 24, 1997


"The greatest calamity which could befall us would be s ubmission to a government of unlimited powers."
--Thomas Jefferson, 1825


"I regret to say that we of the FBI are powerless to ac t in cases of oral-genital intimacy, unless it has in some way obstructed inters tate commerce."
-- J. Edgar Hoover


"50 million potential S/Mime users can't be wrong.... B ut they can all be stupid!"
-- Sam Simpson, 4th December 98


"1 million PGP users can't be wrong.... But they can al l be stupid! (But at least they ain't spied upon by Echelon)"
-- Sam Simpson, 7 Dec 98 (In response to Sternlights complaint about the previou s quote)


"Mary had a little key (It's all she could export),
and all the email that she sent was opened at the Fort."
-- Ron Rivest


"Mary had a crypto key, she kept it in escrow,
and everything that Mary said, the Feds were sure to know."
-- Sam Simpson, July 9, 1998


"Mary had a scrambler prog, equipped with key recovery,
the snoops, her data, they did log, much to her shock discovery!"
-- AMAN, 22 September, 1998


"There is a group at Fort Meade
who fear that which they cannot read
so they fight with their friends
(God knows to what ends! )
In attempts to get more than they need."
-- Jim Bidzos, CEO of RSA Data Security


"Feistel and Coppersmith rule. Sixteen rounds and one h ell of an avalanche."
-- Stephan Eisvogel in de.comp.security, Jan 1998


"The NSA regularly lies to people who ask it for advice on export control. They have no reason not to; accomplishing their goal by any legal means is fine by them. Lying by government employees is legal."
-- John Gilmore (gnu@toad.com)


"In God we trust. Everybody else we verify using PGP!"
-- Tim Newsome


"BTW, I learned a lovely new acronym today: "Law Enfor cement Agency Key" - LEAK."
-- Charles H. Lindsey (chl@clw.cs.man.ac.uk)


"They that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
-- Benjamin Franklin


"[U]ncontrolled search & seizure is one of the first & more effective weapons in the arsenal of every arbitrary government."
-- Robert Jackson 1949 Brinegar v US 338 US 160, 180-181


"Wherever a man may be, he is entitled to know that he will remain free from unreasonable searches & seizures."
-- Supremes 1967 in Katz v US 389 US 347, 359


"When the President does it, that means that it's not i llegal."
-- Richard M. Nixon in an interview with David Frost, 19th May, 1977

< BR>

"Asking the Government to protect your Privacy is like asking a Peeping Tom to install your window blinds"
-- Founder of the EFF


"Whoever would overthrow the liberty of a nation must b egin by subduing the freeness of speech."
-- Benjamin Franklin


"We must ensure that new technology does not mean new a nd sophisticated criminal and terrorist activity which leaves law enforcement ou tmatched -- we can't allow that to happen"
-- Al Gore - Sept. 16, 1998


"Civilization is the progress toward a society of priva cy. The savage's whole existence is public, ruled by the laws of his tribe. Civ ilization is the process of setting man free from men"
-- Ayn Rand, The Fountainhead (1943)


"Individual rights are not subject to a public vote; a majority has no right to vote away the rights of a minority; the political funct ion of rights is precisely to protect minorities from oppression by majorities ( and the smallest minority on earth is the individual)"
--Ayn Rand


"Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves."
-- William Pitt, British Prime Minister, November 18, 1783


"There's no way to rule innocent men. The only power an y government has is the power to crack down on criminals. Well, when there aren' t enough criminals, one makes them. One declares so many things to be a crime th at it becomes impossible to live without breaking laws."
-- Ayn Rand, "Atlas Shrugged"


"I apprehend no danger to our country from a foreign fo e ... Our destruction, should it come at all, will be from another quarter. From the inattention of the people to the concerns of their government, from their c arelessness and negligence, I must confess that I do apprehend some danger."
-- Daniel Webster, June 1, 1837


"This method, seemingly very clever, actually played in to our hands! And so it often happens that an apparently ingenious idea is in fa ct a weakness which the scientific cryptographer seizes on for his solution. "
-- Herbert Yardley, The American Black Chamber, p282, referring to a Japanese me thod of transposing the sections of a code message to hide the beginning and end .


"I applied ROT13 to this, but that didn't make it any m ore intelligible!"
-- Roger Schlafly posting to sci.crypt, 21st June 98 in response to a message po sted in German :-)


"The Internet treats censorship as a malfunction and ro utes around it."
-- John Perry Barlow


"Liberty means responsibility. That is why most men dre ad it."
-- George Bernard Shaw


"The greatest trick the devil ever played was convincin g everyone he didn't exist"
-- Verbal Kint. (Written about the NSA?)


"It is better to weep with wise men than to laugh with fools."
-- Spanish Proverb


"The best defense against logic is ignorance."
-- anon


"I think there's a world market for about five computer s."
-- Watson, Thomas (Founder of IBM)


"I know not with what weapons World War III will be fou ght, but World War IV will be fought with sticks and stones."
-- Albert Einstein


"Terrorism: deadly violence against humans and other li ving things, usually conducted by government against its own people."
-- Edward Abbey


"No poor bastard ever won a war by dying for his countr y. He won it by making other bastards die for their country."
-- George Smith Patton


"If I have seen further it is by standing on the should ers of giants."
-- Sir Isaac Newton (1642-1727)


"Those who cannot remember the past are condemned to re peat it."
-- George Santayana (1863-1952)


"Furem fur cognoscit et lupum lupus. " -> "A thief reco gnises a thief and a wolf a wolf."
-- Anon


"In some ways, cryptography is like pharmaceuticals. It s integrity may be absolutely crucial. Bad penicillin looks the same as good pe nicillin. You can tell if you spread sheet is wrong, but how do you tell if you r cryptography package is weak? The ciphertext produced by a weak encryption al gorithm looks as good as ciphertext produced by a strong encryption algorithm. There's a lot of snake oil out there. A lot of quack cures. Unlike the patent medicine hucksters of old, these sofwtare implementors usually don't even know t heir stuff is snake oil. They may be good software engineers, but they usually haven't even read any of the academic literature in cryptography. But they thin k they can write good cryptographic software. And why not? After all, it seems intuitively easy to do so. And their software seems to work ok"
-- Philip Zimmermann


"Are there any users of cellular phones here? Because p eople are concerned (2-3 people finally clap) I knew it was a sophisticated grou p. Um, no. People are concerned about the privacy you know. Newt Gingrich, what happened to him. So a couple of months ago they set out to make these things a l ot better so that you couldn't break in. Well. Put in a new code. Yesterday, a t eam of computer experts announced that they had already cracked the electronic c ode. And sadly, none of them knew how, still, to unhook a bra."
-- Politically Incorrect on ABC, 21 March 98


"Am I being overly harsh or do others think that the mu lti-thousand bit key is about sowing fear, uncertainty, and doubt for commercial gain? DES? Not big enough! Triple DES? Not big enough! IDEA? Not big enough! Wh at you need is Dr. Phineas P. Snakeoil's mystery elixir! Filled with matrices an d Galois fields to improve the digestion of dyspeptic managers everywhere! Step right up and get a whole case full! Don't ask what's inside ladies and gentlemen ! It's a patent medicine that is only available here."
-- Stephen M. Gardner


"First they came for the hackers.
But I never did a nything illegal with my computer,
so I didn't speak up.
Then they came f or the pornographers.
But I thought there was too much smut on the Internet anyway,
so I didn't speak up.
Then they came for the anonymous remailers .
But a lot of nasty stuff gets sent from anon.penet.fi,
so I didn't spe ak up.
Then they came for the encryption users.
But I could never figure out how to work PGP anyway,
so I didn't speak up.
Then they came for me .
And by that time there was no one left to speak up."
-- Unknown


"Buy four copies of the book, and mail one to each of t he top four names on the list. Then add your name to the bottom of the list. In just a few short weeks you'll receive 2^56 copies of Applied Cryptography from a ll over the world...."
-- Bruce Schneier posting to sci.crypt, 19 October, 1998. Aren't pyramid scheme s illegal? :-)