On Thu, Sep 6, 2012 at 4:52 PM, Cameron Childress <[email protected]> wrote: > > On Thu, Sep 6, 2012 at 7:29 PM, Judah McAuley <[email protected]> wrote: > >> What I did say is that I do not believe that the NSA would be able to >> find a vulnerability in AES and then keep it secret while still >> allowing our own country to secure it's secrets with AES. > > > I would not even assume NSA uses AES to secure it's secrets.
The NSA reviewed all the AES finalists and declared them all safe to use. For a good decade now, it has been official US Government policy that Secret documents can use any of the AES implementations and Top Secret requires 192 or 256 bit key lengths. Obviously, this could all be a really elaborate plot by the NSA to make everyone use a crypto method that they (and only they) have conquered. For all the reasons I've previously stated, however, that seems highly unlikely. >From the NSA: http://www.nsa.gov/ia/programs/suiteb_cryptography/ "AES with 256-bit keys, Elliptic Curve Public Key Cryptography using the 384-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and SHA-384 are required to protect classified information at the TOP SECRET level. Since some products approved to protect classified information up to the TOP SECRET level will only contain algorithms with these parameters, algorithm interoperability between various products can only be guaranteed by having these parameters as options. Another suite of NSA cryptography, Suite A, contains some classified algorithms that will not be released. Suite A will be used for the protection of some categories of especially sensitive information." So, yeah, the NSA uses AES for very sensitive information but reserves a class of non-public cryptography for especially sensitive information, relying upon both security and obscurity. Cheers, Judah ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:354603 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
