<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, Dec 21, 2013 at 1:37 AM, ianG <span dir="ltr"><<a href="mailto:iang@iang.org" target="_blank">iang@iang.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 20/12/13 11:48 AM, ianG wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
What do we know?<br>
</blockquote>
...<div class="im"><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I thought that the evidence we had was an elliptic comment in a<br>
powerpoint slide that we have interpreted as being a smoking gun for the<br>
already suspect DUAL_EC_NRRNG (Not Really Random Number Generator)<br>
</blockquote>
<br>
<br>
We know more than that. They stated they were the sole editor. They<br>
claim the mission to subvert, as laid out very clearly in their goals<br>
(snippet above). They have the capability, beyond ours. There is<br>
sufficient information to show that there was a programme of convincing<br>
suppliers to prioritise in that direction.<br>
</blockquote>
<br>
<br></div>
Just on that last point, new data came out yesterday.<br>
<br>
<a href="http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220" target="_blank">http://www.reuters.com/<u></u>article/2013/12/20/us-usa-<u></u>security-rsa-<u></u>idUSBRE9BJ1C220131220</a><br>
<br>
Two snippets:<br>
<br>
"Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract."<br>
<br>
...<br>
<br>
"RSA adopted the algorithm even before NIST approved it. The NSA then cited the early use of Dual Elliptic Curve inside the government to argue successfully for NIST approval, according to an official familiar with the proceedings.<br>
<br>
RSA's contract made Dual Elliptic Curve the default option for producing random numbers in the RSA toolkit. ..."<br></blockquote><div><br></div><div>In fairness to Art et al, I very much doubt the NSA came along and said, 'here is $10 to drop a back door into BSafe'.</div>
<div><br></div><div>The deal was reported at the time, I heard it as 'NSA pays RSA $10 million to make ECC available in BSafe'. Which was not at all surprising given that we know RSA2048 (maybe RSA4096) is the end of the line for practical RSA. </div>
<div><br></div><div><br></div><div>At any rate, I very much doubt the impact was very large. Once the patents expired there was very little reason to use it in place of the open source alternatives.</div><div><br></div><div>
But the point I want to make here is we need to avoid accusing people of being in league with the devil when all they actually did was not ask the right questions or enough questions.</div><div><br></div></div><div>NSA recruitment is already down by a third. I suspect their technical recruitment is down to zero. Pre Snowden a spell at the NSA was a good thing to have on your resume. After Snowden it is like haveing a conviction for hacking.</div>
<div><br></div>-- <br>Website: <a href="http://hallambaker.com/">http://hallambaker.com/</a><br>
</div></div>