On Tue, 10 Sep 2013 16:45:23 -0400 John Kelsey <crypto....@gmail.com> wrote: > [DBRG] seemed like a really weird place to put a backdoor, because > it was insanely slow, and it seemed unlikely to get any significant > use.
As an aside, this is just the instance we know about, partially because they screwed up, partially because the New York Times saw fit to let us have confirmation of what was suspected in public. I presume they've been more careful in other places, and that this is not their only "work". I presume that they knew this would not be used much and it was only a target of opportunity -- and that they've gotten much more interesting "fixes" in elsewhere, perhaps even in other parts of the NIST RNG standards (though it would *seem* much harder to gimmick those). > And I, at least, had internalized the idea that we weren't > going to get intentional bad advice or sabotage from another part > of the federal government. You're not the only person feeling betrayed. For many years, the NSA people appeared on our doorsteps offering help in many, many contexts -- IETF for example. The awful part is, many of them may have been completely sincere. The IA side of the house *does*, in fact, depend on COTS hardware to secure most of the Federal Government. They *do* have an interest in keeping US commercial targets safe from attack. However, even if many of the NSA people who participated in standards work were sincere, their good will has been ruined by other NSA people who used the sincere ones as cover for their machinations. We now have to be suspicious of all of them, probably permanently, and that's bad for everyone. I imagine that there are some people inside the NSA now yelling at others about how they've made it ever so much harder to fix the security of most of the Federal Government, which ineed depends on COTS hardware. Now even if they come to us with really good advice, we have no idea if we should take it because we can't know they're not lying to us. None the less, it is done, and those of us on the outside can't depend on NSA participants in standards work any longer. A set of short sighted, foolish decisions have created tragedy for all. Perry -- Perry E. Metzger pe...@piermont.com _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
