[Cryptography] What do we know? (Was 'We cannot trust' ...)

Sat Dec 21 12:59:25 EST 2013

On Sat, Dec 21, 2013 at 1:37 AM, ianG <iang at iang.org> wrote:

> On 20/12/13 11:48 AM, ianG wrote:
>
>> What do we know?
>>
> ...
>
>  I thought that the evidence we had was an elliptic comment in a
>>> powerpoint slide that we have interpreted as being a smoking gun for the
>>> already suspect DUAL_EC_NRRNG (Not Really Random Number Generator)
>>>
>>
>>
>> We know more than that.  They stated they were the sole editor.  They
>> claim the mission to subvert, as laid out very clearly in their goals
>> (snippet above).  They have the capability, beyond ours.  There is
>> sufficient information to show that there was a programme of convincing
>> suppliers to prioritise in that direction.
>>
>
>
> Just on that last point, new data came out yesterday.
>
> http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-
> idUSBRE9BJ1C220131220
>
> Two snippets:
>
>    "Undisclosed until now was that RSA received $10 million in a deal that
> set the NSA formula as the preferred, or default, method for number
> generation in the BSafe software, according to two sources familiar with
> the contract."
>
> ...
>
>    "RSA adopted the algorithm even before NIST approved it. The NSA then
> cited the early use of Dual Elliptic Curve inside the government to argue
> successfully for NIST approval, according to an official familiar with the
> proceedings.
>
>    RSA's contract made Dual Elliptic Curve the default option for
> producing random numbers in the RSA toolkit.  ..."
>

In fairness to Art et al, I very much doubt the NSA came along and said,
'here is $10 to drop a back door into BSafe'.

The deal was reported at the time, I heard it as 'NSA pays RSA $10 million
to make ECC available in BSafe'. Which was not at all surprising given that
we know RSA2048 (maybe RSA4096) is the end of the line for practical RSA.

At any rate, I very much doubt the impact was very large. Once the patents
expired there was very little reason to use it in place of the open source
alternatives.

But the point I want to make here is we need to avoid accusing people of
being in league with the devil when all they actually did was not ask the
right questions or enough questions.

NSA recruitment is already down by a third. I suspect their technical
recruitment is down to zero. Pre Snowden a spell at the NSA was a good
thing to have on your resume. After Snowden it is like haveing a conviction
for hacking.

-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131221/4c378c30/attachment.html>