On 07/13/2013 04:20 AM, Peter Gutmann wrote: > Nico Williams <[email protected]> writes: > >> I'd like to understand what attacks NSA and friends could mount, with Intel's >> witting or unwitting cooperation, particularly what attacks that *wouldn't* >> put civilian (and military!) infrastructure at risk should details of a >> backdoor leak to the public, or *worse*, be stolen by an antagonist. > > Right. How exactly would you backdoor an RNG so (a) it could be effectively > used by the NSA when they needed it (e.g. to recover Tor keys), (b) not affect > the security of massive amounts of infrastructure, and (c) be so totally > undetectable that there'd be no risk of it causing a s**tstorm that makes the > $0.5B FDIV bug seem like small change (not to mention the legal issues, since > this one would have been inserted deliberately, so we're probably talking bet- > the-company amounts of liability there).
So your arguments are, the way I understand them: a) They are too dumb to do that, b) they are too smart to do that, and c) they don't want to be embarrassed. And yet we have Stuxnet (effective use of technology? Check. affecting the security of massive amounts of infrastructure? Check. zero liability for the perpetrators? Check.) and Prism (Check, Check, Check, with companies being shielded by gag orders based on secret law interpretations) It seems a bit anachronistic to dismiss paranoia lightly... (That being said, PC architecture chips are notoriously complex and bug ridden, why bother with a backdoor at all? Just make sure you get the inside scoop on the design flaws, and you are done.) Thanks, Marcus _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
