Hacker News new | past | comments | ask | show | jobs | submit login
John Nash's letters to the NSA (1955) [pdf] (nsa.gov)
238 points by jonbaer on May 24, 2015 | hide | past | favorite | 47 comments



Back when these were declassified, I prepared a transcript and annotated parts of it: http://gwern.net/docs/1955-nash Good for those who don't want to go through the scanned PDF version but a HTML version. (My version also has links to various discussions such as class exercises in breaking his proposed system.)


This was in 1955!

There are comments here trying to contrast Nash's work to modern cryptography, as though that's somehow fair. Nash never had access to anything remotely like a personal computer and this is just after the age - and in fact still one - where physical and mechanical devices were being used to perform encryption.

The better thing to do would be to compare (rather than contrast) his work. Look at this letter. Nash essentially predicts trapdoor functions and the P/NP gap... in a mere letter.

We were lucky to have Nash and his contributions. It's unfortunate that most of his academic work is largely unknown and that pop science focuses disproportionately on his work on equilibrium in symmetric games.

May he rest in peace.


In Economic Theory, the words "Nash Equilibrium" is said at least once an hour in every lecture hall. It's a pretty obvious focus (see here: http://math.uchicago.edu/~shmuel/AAT-readings/Econ%20segment...). He's an Alan Turing in the field. Also see here (http://econtheory.org/) for some good sunday afternoon reading.


Of course. There is no ill will toward or deemphasis of Nash Equilibria. :)

Merely, it's a shame that MORE of Nash's contributions haven't been as popularly traded. This popular science emphasis at the opportunity cost of others leads to the impression that this is all Nash has contributed. That's all I was getting at. :)


Alright. But honestly, if I got my namesake on some kind of fundamental theory, I'd be pretty ok with everything else being forgotten.

I can imagine the awkwardness of grad students presenting their work in a room where he was present ... "and so-and-so forms a nash equilibrium ... (silence, looking for approval from Johns face, sigh of relief from grad student when professor does not shake head in dismay)"


Why do the generals refer to him as Mr. Nash? (and not Dr. Nash, or Prof. Nash)?

It's not like the military is not used to being precise about titles (i.e. ranks)


I could be wrong, but I believe that Princeton PhD's go by "mister" instead of "doctor."

Princeton considers itself a unique institution in this way. They do not accept transfer students, they do not have any professional degree programs, etc.


University of Virginia does this as well:

"Out of respect for the founder of the University who did not have a Ph.D., University faculty are referred to as Mr. or Mrs. instead of Doctor, even if they have a Ph.D. Students and faculty historically addressed each other in this manner. Medical doctors are the exception to the rule and they should be referred to as Doctor."

http://www.virginia.edu/deanofstudents/studenttraditions.htm...


> I believe that Princeton PhD's go by "mister" instead of "doctor."

Would you have a reference for this? This is really interesting.


From http://www.princeton.edu/communications/services/editorial/r... :

> “Use the title Dr. only when referring to a medical doctor.”


Apropos of nothing, these rules seem mechanical enough to be codified as software. Has anyone done so?

P.S. A more specific link would be the "Titles" subsection, http://www.princeton.edu/communications/services/editorial/r...


That's a style guide for writers who happen to be attending Princeton, and a fairly common one, at that: generally one says John Doe, Ph.D. for a non-physician and then later says Doe, not Dr. Doe or Mr. Doe (the blanket rule against courtesy titles is also common and independent of Dr.). As for not using Dr. as a title for certain types of degrees, that is not universally accepted and has been the minority in my experience (with the exception of Juris Doctors). Pretty much every Ed.D. I have met styles themselves Dr., for example, though half of the etiquette people discourage it.

To the root point, your citation has absolutely nothing to do with a proper title for a Princeton alumnus.


The line before this says "don't use courtesy titles" (e.g. Mr.)


Thanks!


I'll take a look around.

An instructor of mine in college had attended Princeton, and thus the information came to me from him by word of mouth.


I can't find anything online supporting this.


I learned that "don't use Doctor except for medical doctors" was a thing in high school (South Carolina), and this custom was practiced at both my undergraduate school (Brandeis) and my grad school (UVa, Astronomy.)


The diagram on page 14 (page 3 of the machine description) vaguely resembles a Markov model, which I could imagine would be useful for cryptanalysis, but I don't see how such a system would be reasonable for encryption or decryption if you have the keys. Am I misunderstanding the machine?


The NSA's response said about the same thing, once you get to the end --- not interesting, not reasonable for encryption and decryption.

Interesting, I think, the statement that Nash's machine requires "comparatively" too much hardware. This implies the NSA did have auto-keying systems at the time that had higher security, and lower hardware burden.

Remember, in '55 we didn't have single-chip CPUs, we barely had practical transistors, we didn't have planar process circuits (invented in about '60 according to the computer history museum).

http://www.computerhistory.org/revolution/digital-logic/12/3...

Nash believed in helping the US keep its secrets safe, and exposing the secrets of the enemy. One thing to remember when you look at Snowden's papers exposing not just domestica activities but foreign activities.


Wait, you run a company (Aerospike) making a DB engine. It had better be backdoored and automatically relaying data to intelligence services, or at least banned for export without spyware - if that isn't the case, you're not living by your own mantra, and I'd be curious as to why not?


Where is this mantra you speak of? In the post at least, he was speaking of what John Nash believed.


Today's generation is strongly detached from the military, I think that is why.

If everyone had a close family member or friend serving they would care more about the security of military operations.

Like it or not we have enemies still and need to maintain this secrecy to protect our country.


My brother is in the US Army (and so was my cousin). I don't believe that Snowden-like reveals put him in any more specific danger - AFAIK, he's at much higher risk from "insurgent" activity, which the US's actions have created without any help from leaks.

Nor is using the word "serving" instead of "working" beneficial to how people think about it. It's a job, he enjoys it, he's fairly well compensated (good credit, benefits, etc.) The military offers all sorts of bonuses and recruiting tactics to hire people, like other companies. You're not forced into the military, and when he joined, the various divisions were actually quite picky and it took a while to find a properly compensating match, just like other employers. (Though in my cousin's case, after suffering severe damage on base, they had no trouble discharging her to a rather miserable life, hey just like other corporations.)


> I don't believe that Snowden-like reveals put him in any more specific danger

That's true only in the same way that sending half-rations to your soldiers on the front line instead of full rations doesn't put them in "more specific" danger.

Or in a civilian context, refusing to wear seat belts doesn't put people in any "more specific" danger, nor does smoking cigarettes. Yet we understand that statistically speaking across the entire population in question, that it is possible to reduce the risk of harm by taking specific actions that have general impact.

In the case of the military, it's always a double-ended question. There is the risk added or reduced for your force in particular, but also the risk added or reduced for the adversary forces.

E.g. you put "insurgent" in scare-quotes when mentioning that they actually pose a danger to your family in the military, but without seeming to realize that many of the NSA programs Snowden leaked are directly aimed at those very same insurgents putting your family at risk. Even if we take it as true that the U.S. managed to unilaterally create insurgencies (which is by no means the case), that is not the fault of U.S. servicemembers like your family any more so than any other non-U.S. politician.

To loop back to my point about managing general risk, the things that Snowden leaks had disastrous real effects, including second- and third- order effects. Beyond improving the security posture of U.S. insurgent adversaries and terror networks (terror networks that strike against U.S. allies in addition to the U.S. itself, I might add), Snowden's leaks also had the effect of weakening the national intelligence agencies of important U.S. allies, and reducing Western nations to infighting even as they needed to be able to present a united front due to geopolitical changes. It's hard to make statements about past "what-ifs" (though that has never stopped Snowden's supporters from chicken-littling about future what-ifs...), but certainly the joint U.S./E.U. reaction to Russia's invasion of Crimea would be more meaningful without Snowden's actions a year earlier.

But just because these risks (for the U.S. and for the possible adversaries or the U.S.) can't be quantified or laid out in short and simple flowcharts doesn't mean that those risks don't exist.


|the things that Snowden leaks had disastrous real effects,

I agree, this is undoubtedly true. I also firmly believe Snowden is a hero. Any highly illegal or immoral activity of the US government (or any government for that matter) could be hidden under the same argument. We live in a democracy. It is impossible to change the government if we don't know what our government is doing in secret. Put succinctly, you advocate we shoot the messenger. Have you consider that it is the government who has placed the troops in harm's way by undertaking such outrageous, immoral, and illegal actions as opposed to the guy who merely told us about it.


Have you considered the idea that Snowden is working for the Russians?

He is in Russia, you know. That's a bit... odd, yeah?

What better post-cold war tactic than to weaken the capabilities of an organization that spies on Russia than by decreasing its public approval.


What other strong countries are there, that wouldn't give into US threats, that'd offer him a place to live worth living in? China? Just curious how the case of a true whistleblower would look different from a secret agent.


China is actually a great example. They are today stronger than Russia, they are a target themselves of NSA spying, and like Russia they are resentful of the "U.S. led international order". So much as China thumbs its nose at the U.S. by pushing back against U.S. presence in the Western Pacific, they'd have every reason to host Snowden as a cause célèbre. That would certainly have involved less air travel for Snowden as well!

But Wikileaks told Snowden to go to Russia, and in any event China told Snowden to leave. Why would China do that? Because Snowden wasn't their asset...


> Put succinctly, you advocate we shoot the messenger.

That is not my claim, succinctly or otherwise. The fact that you believe my comment reduces to that claim means that you did not understand my comment. That may be my fault in making it unclear or your fault in not trying to read and understand what I was actually saying (instead of simply seeing what you thought I meant), but either way you're replying to something I didn't say.

My comment was in response to someone who felt mentioning essentially that why are we even mad at Snowden, it's not like anything bad happened. You seem to agree with me that his actions did result in real negative consequences, so in that regard you agree with me about the only substantive thing I mentioned in my own reply.

But to address what you brought up, let's say it's true that Snowden revealed government wrongdoing. I happen to be of the opinion that merely revealing government wrongdoing doesn't excuse every other possible wrong that may have been committed by a 'whistleblower'. Especially in cases like Snowden's where any "whistleblowing" portion of his leaks is dwarfed in magnitude by leaks that don't indicate any government wrongdoing at all, but still result in disastrous effects that you admit occurred as a result of his actions.

Otherwise a spy would be able to leak whatever they wished by simply throwing a scrap to the media while they tunnel the real secrets to their political masters. And at this point we still can't prove Snowden did something like this: The secrets he revealed to the world via the media were all (but one) stolen while he worked at Dell, but before leaving the NSA he deliberately took a position at Booz-Allen Hamilton in order to take higher-level ("Tier 3") secrets. That Tier 3 was the source of the "NSA spying on these specific Chinese IPs" story soon after Snowden landed in Hong Kong, but those Tier 3 secrets have been revealed to no other journalists (or even angry Internet bloggers...).

Why did Snowden need Tier 3 secrets if he wasn't going to give them to journalists? Who did he give them to, if not journalists?


I think Manning's leaks are a better example of a data breach that would have adversely affected troops in combat now. However any data on what damage they did is certainly not public, if it's even measurable.

As for being picky about how people think about what the military does, "serving" or "working", you've got to think about it again. It's definitely a service. It should be apparent from overwhelming consensus on the matter. However, if you want to make the argument that "oh hey, you volunteered for it" -- sure, keep in mind that if there weren't volunteers, we'd have conscription, and the US would be a significantly less free country than it is today. Freedom is choice. Volunteer soldiers means you choose, which means we have freedom.

I am sorry to hear that your cousin was chewed up and spit out. In this way the military is exactly like a corporation. Not everyone gets what they deserve, but I would like to think most people are compensated fairly.

Should probably disclose, I am in the Army.


While I believe you're very much correct in your first statement, I do disagree with your other statements.

Some of us believe that the best way of protecting our service members is by not putting them in harms way in the first place.

This also entails after service privileges. We should be spending infinitely more on our service members, not less (in terms of healthcare, education, housing, everything.) Instead, were spending an incredibly large amount of money on corporate welfare for things that will probably be either useless, or worse than useless (in that they are dangerous to our troops, for just one example, the infamous A-10 vs JSF debacle. One is a proven way of saving US lives on the ground, the other is a giant waste of money.)

Second, we may also feel that the service members (our friends and family) are here to protect the People, not the Government, and thus enforce the ideals behind the Constitution. This entails protecting our (I would go so far as to say everyone's, but I know that's a rather radical interpretation) freedom, from illegal search and seizure that the NSA has very obviously been violating all of our rights, including our soldiers.

Secrecy of communications is one thing, but the NSA (and the military) has shown that they care less about that, than they do in actually spying on everyone. The US military's communications system is such a clusterfuck that you often times have troops that are within a mile (in 3d space, so this very much applies to aircraft), that cannot communicate with one another.

Maybe I took your comment out of context, but I believe that we should take care of and protect our troops. But that doesn't mean we subvert the ideals of the country that our troops are theoretically fighting for.


The closest thing I had to a friend serving, switched from a barely tolerable racist to a fellow who was proud he was protecting our oil interests by shooting hadjis.

Difficult to understand how creating enemies abroad is protecting us here.


Did he actually serve? It says more about the friends you've kept than the quality of your average service member. The military is huge: there are criminals in it. We have our own justice system for that reason.

However I can assure you that is not the case man. I am in the Army and I have never been in a place with as many sane people as this...

Extreme beliefs are not even close to being the norm. Most people are just concerned about taking care of their families and are quite moderate politically.


>The military is huge: there are criminals in it. We have our own justice system for that reason.

Are you talking about the justice systems before or after their tour?

The first independent justice system that the service(s) use is a concept from Roman times [0], that predates any form of 'Court of Justice' we have in the states, and is really just there to punish soldiers that rebel, not really anything having to do with a split between civilian and soldier.

The second form, post tour 'veteran's court', is really just a way to damage-control dependancy-stricken veterans from causing too much publicity in public courts, and as a way to fast-track such people into lighter sentences than their civilian counterparts.[1] 90 percent completion rate and zero percent recidivism! Remarkable, it must be those values instilled by the service(s).. (the same values that lead them to that court, by the way..)

[1]: http://www.nytimes.com/2010/11/11/opinion/11castille.html?_r... [0]: http://content.time.com/time/nation/article/0,8599,1940201,0...


I didn't keep him.

He did serve.

I am as skeptical of your anecdotal assurances as you are of mine.


Who is this "the enemy" of which you speak? "Filthy Commies"? "Ragheads"? The Hun?

Come on, if you're going to go all nationalist on us do it wholeheartedly.


now that you mention it, the red threat of the 1950s and the civil rights movement are quite similar to the dangers posed by the American populace since 911.


i can only conclude that the downvoters must feel that: the red threat was real and the civil rights movement was a real and present danger.


A Markov model can be represented as a finite state machine where transitions are probability driven (suppose I'm in a state 'a' and I can transition to state 'b' or 'c' where the probability of transitioning from 'a'->'b' is 30% and 'a'->'c' is 70%). The diagram on page 14 definitely looks like some sort of finite state machine but I don't know which classification it falls under. It doesn't switch states randomly so it's not a Markov chain.


It's deterministic. Basically it's a state machine and the state transition table itself is the key, iiuc.

A few years ago I implemented it with software: http://blog.practical-scheme.net/gauche/20120715-nash-cipher...


"Dr. Campaigne has been informed that the reply has been written and is not interested in further coordination."

This seems a bit harsh!


Jesus Fuck! Did I just download a PDF from the NSA!? Derp.


This is why I always read the comments first.


The NSA publishes a lot of useful literature, such as guides for hardening network equipment or RHEL servers.



Thanks for sharing such a great information..Its really nice and informative. http://www.joinfita.com/django-python-training-institutes-in...


A true genius of his time to us public folk, yet still behind NSA standards for security. I'm sure we will be seeing transformer-esque AI with Tesla batteries and gravity guns in the next XX (or X?) years.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: