[Cryptography] Kindle as crypto hardware

[Bill Frantz]

On 12/11/13 at 5:17 AM, iang at iang.org (ianG) wrote:

>But now it is policy.  The DUAL_EC_DRBG is just the one we have 
>the more or less complete picture on.  A reasonable observer 
>should be able to conclude that the SSL/PKI debacle is in the 
>NSA's best interests, and this puts all of the PKIX and TLS and 
>HTTPS-everywhere efforts under a cloud [2].  As is cloud :)

The evidence from the pieces of backdoored technology that NSA 
has been involved in is that they prefer backdoors which they 
can use and no one else can. Clipper has a specific NSA key to 
encrypt the session key. DUAL_EC_DRBG had a similar feature. 
These protocols remained "secure" from those that didn't have 
the keys.

Note that many business organizations might be quite happy 
knowing that NSA could read their traffic as long as NSA 
maintains its "Never Say Anything" reputation. NSA's mistake was 
passing information about criminal activities to law enforcement 
rather than sticking to national security. That change of policy 
scared many businesses, since a clever prosecutor can find 
something illegal in almost any activity.

I think the SSL/PKI debacle speaks more of incompetence and a 
strong desire to preserve a revenue model. NSA has just taken 
advantage of what they found.

Cheers - Bill

-------------------------------------------------------------------------
Bill Frantz        | The first thing you need when  | Periwinkle
(408)356-8506      | using a perimeter defense is a | 16345 
Englewood Ave
www.pwpconsult.com | perimeter.                     | Los Gatos, 
CA 95032