[Cryptography] Opening Discussion: Speculation on "BULLRUN"

[Perry E. Metzger]

On Thu, 5 Sep 2013 15:58:04 -0400 "Perry E. Metzger"
<perry at piermont.com> wrote:
> I would like to open the floor to *informed speculation* about
> BULLRUN.

Here are a few guesses from me:

1) I would not be surprised if it turned out that some people working
for some vendors have made code and hardware changes at the NSA's
behest without the knowledge of their managers or their firm. If I
were running such a program, paying off a couple of key people here
and there would seem only rational, doubly so if the disclosure of
their involvement could be made into a crime by giving them a
clearance or some such.

2) I would not be surprised if some of the slow speed at which
improved/fixed hashes, algorithms, protocols, etc. have been adopted
might be because of pressure or people who had been paid off.

At the very least, anyone whining at a standards meeting from now on
that they don't want to implement a security fix because "it isn't
important to the user experience" or adds minuscule delays to an
initial connection or whatever should be viewed with enormous
suspicion. Whether I am correct or not, such behavior clearly serves
the interest of those who would do bad things.

3) I would not be surprised if random number generator problems in a
variety of equipment and software were not a very obvious target,
whether those problems were intentionally added or not.

4) Choices not to use things like Diffie-Hellman in TLS connections
on the basis that it damages user experience and the like should be
viewed with enormous suspicion.

5) Choices not to make add-ons available in things like chat clients
or mail programs that could be used for cryptography should be viewed
with suspicion.

Perry
-- 
Perry E. Metzger		perry at piermont.com