Hi all,

If you read the articles carefully, you'll note that at no point does the
NSA appear to have actually broken the *cryptography* in use.  It's hard to
get concrete details from such vague writing and no access to the the
original documents, but it sounds like they've mostly gotten a lot of
backdoors in *systems* (not algorithms, though they may have tried that
with Dual_EC_DRBG in NIST SP 800-90 in 2006 ... which lasted barely a year
before public cryptographers flagged it).

Basically, the summary of this new information appears to be best given by
Paul Kocher, who noted that the NSA had pushed for a backdoor key escrow
system with the Clipper Chip, was denied, "... and they went and did it
anyway, without telling anyone."  In this case, it wasn't a mandated key
escrow backdoor, but through a combination of targeted interception and
strong-arming companies like Google and Microsoft, they got enough.

It's the same old story of crypto in the real world: Don't attack the
algorithm; Attack the system.

Better story here:

On Thu, Sep 5, 2013 at 3:58 PM, Perry E. Metzger <pe...@piermont.com> wrote:

> I would like to open the floor to *informed speculation* about
> Informed speculation means intelligent, technical ideas about what
> has been done. It does not mean wild conspiracy theories and the
> like. I will be instructing the moderators (yes, I have help these
> days) to ruthlessly prune inappropriate material.
> At the same time, I will repeat that reasonably informed
> technical speculation is appropriate, as is any solid information
> available.
> Perry
> --
> Perry E. Metzger                pe...@piermont.com
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography

Lance James
Office: 760-262-4141
l <lan...@securescience.net>an...@gmail.com
The cryptography mailing list

Reply via email to