At 12:09 PM 9/7/2013, Chris Palmer wrote:
On Sat, Sep 7, 2013 at 1:33 AM, Brian Gladman b...@gladman.plus.com wrote:
Why would they perform the attack only for encryption software? They
could compromise people's laptops by spiking any popular app.
Because NSA and GCHQ are much more
On 2013-09-08 4:36 AM, Ray Dillinger wrote:
But are the standard ECC curves really secure? Schneier sounds like
he's got
some innovative math in his next paper if he thinks he can show that they
aren't.
Schneier cannot show that they are trapdoored, because he does not know
where the magic
On Sep 7, 2013, at 6:30 PM, James A. Donald jam...@echeque.com wrote:
On 2013-09-08 4:36 AM, Ray Dillinger wrote:
But are the standard ECC curves really secure? Schneier sounds like he's got
some innovative math in his next paper if he thinks he can show that they
aren't.
Schneier
On 07/09/2013 01:48, Chris Palmer wrote:
Q: Could the NSA be intercepting downloads of open-source encryption
software and silently replacing these with their own versions?
Why would they perform the attack only for encryption software? They
could compromise people's laptops by spiking any
On 09/06/2013 01:25 PM, Jerry Leichter wrote:
A response he wrote as part of a discussion at
http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html:
Q: Could the NSA be intercepting downloads of open-source encryption software and
silently replacing these with their own versions?
On Sep 7, 2013, at 2:36 PM, Ray Dillinger wrote:
SNIP!
Schneier states of discrete logs over ECC: I no longer trust the constants.
I believe the NSA has manipulated them through their relationships with
industry.
Is he referring to the standard set of ECC curves in use? Is it possible
On 09/07/2013 02:53 PM, Ray Dillinger wrote:
Is he referring to the standard set of ECC curves in use? Is it possible
to select ECC curves specifically so that there's a backdoor in cryptography
based on those curves?
I know that hardly anybody using ECC bothers to find their own curve; they
On Sat, Sep 7, 2013 at 1:33 AM, Brian Gladman b...@gladman.plus.com wrote:
Why would they perform the attack only for encryption software? They
could compromise people's laptops by spiking any popular app.
Because NSA and GCHQ are much more interested in attacking communictions
in transit
On 09/07/2013 07:32 PM, Brian Gladman wrote:
I don't have experience of how the FBI operates so my comments were
directed specifcally at NSA/GCHQ interests. I am doubtful that very
large organisations change their direction of travel very quickly so I
see the huge investments being made in
On Fri, Sep 06, 2013 at 04:25:12PM -0400, Jerry Leichter wrote:
A response he wrote as part of a discussion at
http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html:
Q: Could the NSA be intercepting downloads of open-source encryption
software and silently replacing these with
A response he wrote as part of a discussion at
http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html:
Q: Could the NSA be intercepting downloads of open-source encryption software
and silently replacing these with their own versions?
A: (Schneier) Yes, I believe so.
On 6 September 2013 16:25, Jerry Leichter leich...@lrw.com wrote:
Q: Could the NSA be intercepting downloads of open-source encryption
software and silently replacing these with their own versions?
http://c2.com/cgi/wiki?TheKenThompsonHack
(and many other references)
Q: Could the NSA be intercepting downloads of open-source encryption
software and silently replacing these with their own versions?
Why would they perform the attack only for encryption software? They
could compromise people's laptops by spiking any popular app.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/06/2013 08:48 PM, Chris Palmer wrote:
Why would they perform the attack only for encryption software?
They could compromise people's laptops by spiking any popular app.
What is more important to them: A single system, or all of the comms
14 matches
Mail list logo
