[Cryptography] Suite B after today's news
Ray Dillinger
bear at sonic.net
Sat Sep 7 22:19:09 EDT 2013
On 09/05/2013 07:00 PM, Jon Callas wrote:
> I don't think they're actively bad, though. For the purpose they were created for --
> parallelizable authenticatedencryption -- it serves its purpose. You can have a
> decent implementor implement them right in hardware and walk away.
Given some of the things in the Snowden files, I think it has become the case
that one ought not trust any mass-produced crypto hardware. It is clearly on
the agenda of the NSA to weaken the communications infrastructure of American
and other business, specifically at the level of chip manufacturers. And
chips are too much of a black-box for anyone to easily inspect and too much
subject to IP/Copyright issues for anyone who does to talk much about what
they find. Seriously; microplaning, micrography, analysis, and then you get
sued if you talk about what you find? It's a losing game.
Given good open-source software, an FPGA implementation would provide greater
assurance of security. An FPGA burn-in rig can be built by hand if necessary,
or at the very least manufactured in a way that is subject to visual inspection
(ie, on a one-layer circuit board with dead-simple 7400-series logic chips).
It would be a bit of a throwback these days, but we're deep into whom-can-you-
trust territory at this point and going for lower tech is worth it if it means
tech that you can still inspect and verify.
Bear
More information about the cryptography
mailing list