[Cryptography] NIST should publish Suite A
Jerry Leichter
leichter at lrw.com
Tue Nov 12 06:28:04 EST 2013
On Oct 19, 2013, at 9:25 AM, ianG wrote:
> There is one possibility to increase confidence dramatically:
>
> what's in Suite A?
>
> If we knew what Suite A used for PK work, we would then be able to triangulate. Although this is a claim based on absence of evidence, I predict that we'll be able to triangulate the question of ECC and settle the question of confidence.
The NSA would have no reason to be concerned about Suite A being attackable *by NSA*. If you're worried that NSA chose particular curves and parameters for public elliptic-curve cryptography based on secrets they hold that make it breakable ... there's no reason they couldn't do the same for Suite A. What we know about these back door techniques is that they don't seem to induce a weakness that someone *without* access to the secrets can leverage.
So while it would be interesting to see what's in Suite A, if you're concerned about snooping by the NSA, its own algorithms are the last things you'd want to use.
-- Jerry
More information about the cryptography
mailing list