[Cryptography] Bruce Schneier has gotten seriously spooked
Ray Dillinger
bear at sonic.net
Sat Sep 7 14:36:13 EDT 2013
On 09/06/2013 01:25 PM, Jerry Leichter wrote:
> A response he wrote as part of a discussion at http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html:
>
> Q: "Could the NSA be intercepting downloads of open-source encryption software and silently replacing these with their own versions?"
>
> A: (Schneier) Yes, I believe so.
> -- Jerry
>
Here is another interesting comment, on the same discussion.
https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html#c1675929
Schneier states of discrete logs over ECC: "I no longer trust the constants.
I believe the NSA has manipulated them through their relationships with industry."
Is he referring to the "standard" set of ECC curves in use? Is it possible
to select ECC curves specifically so that there's a backdoor in cryptography
based on those curves?
I know that hardly anybody using ECC bothers to find their own curve; they
tend to use the standard ones because finding their own involves counting all
the integral points and would be sort of compute expensive, in addition to
being involved and possibly error prone if there's a flaw in the implementation.
But are the standard ECC curves really secure? Schneier sounds like he's got
some innovative math in his next paper if he thinks he can show that they
aren't.
Bear
More information about the cryptography
mailing list