[Cryptography] RC4 again (actual security, scalability and other discussion)

John Gilmore gnu at toad.com
Mon Mar 10 17:47:05 EDT 2014

> The people attacking our systems, now and (especially) in the future,
> are *smarter than we are*.

Well, that's going a bit far.  My take is that nation-state attackers:

*  Are about as smart as we are -- they're recruiting from the same pool.
*  Have much better funding than we do.
*  Persevere more than we do.
*  Have operational experience at cracking codes and protocols in real

I think the last two are the most important.  There is just no substitute
for sitting in the traffic flow, trying to extract useful information from
it.  And evolving your tools over years, to do a better and better job.  

We can help to catch up with and surpass them by:

*  Defunding them and funding us.  (Politically & socially)
*  Becoming more persistent.
*  Doing "red team" style attacks on our own infrastructure, and learning
   from them.  Do some packet capturing on your OWN internet, and see what
   you can learn.  Build some free software tools for doing that learning;
   see how far you can evolve them.


PS: With your packet capturing tools, look for UDP packets containing
encrypted stuff that you don't recognize.  When you find the code
that's generating them, see if it contains an RC6 implementation.
Congratulations, you've probably found an NSA implant!  (Thanx2Jake at 2013CCC.)

More information about the cryptography mailing list