Hash: SHA1

On Sep 5, 2013, at 7:31 PM, Jerry Leichter <leich...@lrw.com> wrote:

> Another interesting goal:  "Shape worldwide commercial cryptography 
> marketplace to make it more tractable to advanced cryptanalytic capabilities 
> being developed by NSA/CSS."  Elsewhere, "enabling access" and "exploiting 
> systems of interest" and "inserting vulnerabilities".  These are all 
> side-channel attacks.  I see no other reference to "cryptanalysis", so I 
> would take this statement at face value:  NSA has techniques for doing 
> cryptanalysis on certain algorithms/protocols out there, but not all, and 
> they would like to steer public cryptography into whatever areas they have 
> attacks against.  This makes any NSA recommendation *extremely* suspect.  As 
> far as I can see, the bit push NSA is making these days is toward ECC with 
> some particular curves.  Makes you wonder.

Yes, but. The reason we are using those curves is because they want them for 
products they buy. 

>  (I know for a fact that NSA has been interested in this area of mathematics 
> for a *very* long time:  A mathematician I knew working in the area of 
> algebraic curves (of which elliptic curves are an example) was re
> cruited by - and went to - NSA in about 1975.  I heard indirectly from him 
> after he was at NSA, where he apparently joined an active community of people 
> with related interests.  This is a decade before the first public suggestion 
> that elliptic curves might be useful in cryptography.  (But maybe NSA was 
> just doing a public service, advancing the mathematics of algebraic curves.)

I think it might even go deeper than that. ECC was invented in the civilian 
world by Victor Miller and Neal Koblitz (independently) in 1985, so they've 
been planning for breaking it even a decade before its invention. 

> NSA has two separate roles:  Protect American communications, and break into 
> the communications of adversaries.  Just this one example shows that either 
> (a) the latter part of the mission has come to dominate the former; or (b) 
> the current definition of an adversary has become so broad as to include 
> pretty much everyone.

I definitely believe (b). However, I also think that they aren't a monolith, 
and we know that each part of the mission is the adversary of the other. I 
don't believe that the IA people would do a bad job to support SIGINT. Once you 
start down that path, it's easy to get to madness, or perhaps merely evidence 
that they have time travel.

I'll add that they have a third mission -- run the government's classified 
computer network, and that *that* mission is the one that Snowden worked for.


Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii

The cryptography mailing list

Reply via email to