Talking about timely and untimely comments.
Check out Newsweek's credulous, confused, and tech-ignorant report
about the (pre-oversight-hearing) moaning and and weeping at Fort Meade.
Consider, with Newsweek, the momentous challenge the NSA confronts in e-mail
and Internet phone calls (both "almost impossible to intercept," sez
Newsweek); and the agony with which the NSA views the insidious spread of
dangerous European cellular-phone crypto (which I presume means GSM;-)
ROFL! If there were a hall of fame for incompetent and misleading
journalism about crypto, this is a contenda!
Consider one timely one-liner:
The NSA, for instance, wanted the CIA to do more black-bag
jobs illegal break-ins to steal European technology for
encrypting mobile phones.
The embarrassment of the full text:
http://www.msnbc.com/news/342480.asp#BODY
Adi Shamir [EMAIL PROTECTED] wrote:
snip
Real-Time Cryptanalysis of GSM's A5/1 on a PC
Alex Biryukov and Adi Shamir
Computer Science Department
The Weizmann Institute
Rehovot 76100, Israel
Abstract:
A5/1 is the strong version of the encryption algorithm used
by about 100 million GSM customers in Europe to protect the
over-the-air privacy of their cellular voice and data
communication. The best published attacks against it require
between 2^40 and 2^45 steps. This level of security makes it
vulnerable to hardware-based attacks by large organizations,
but not to software-based attacks on multiple targets by hackers.
In this paper we describe a new attack on A5/1, which is based
on subtle flaws in the tap structure of the registers, their
noninvertible clocking mechanism, and their frequent resets.
The attack can find the key in less than a second on a single
PC with 128 MB RAM and two 73 GB hard disks, by analysing the
output of the A5/1 algorithm in the first two minutes of the
conversation. The attack requires a one time parallelizable
data preparation stage whose complexity can be traded-off
between 2^37 and 2^48 steps. The attack was verified with
an actual implementation, except for the preprocessing stage
which was extensively sampled rather than completely executed.
Remark: The attack is based on the unofficial description
of the A5/1 algorithm at http://www.scard.org. Discrepancies
between this description and the real algorithm may affect
the validity or performance of our attack.
snip