Coderman wrote...
with that said, i think it's clear that a properly designed crypto system could be considered secure. the government still uses AES256 for their top secret datum, and the NSA license of ECC could be interpreted as a vote of confidence in that PK system. (or is this just another ruse? :)
Well, I'd consider it secure in the following sense: NSA can probably break it via manipulating some microscopic vulnerability, but it will take time and money. For all but Al Qaeda, that's going to be good enough: NSA won't reveal what it's got to even local law enforcement, unless it's really really necessary (ie, they'll lose lots of funding or bigshot jobs). This means that, unless I've got a special delivery for the beltway area, local thugs won't come pounding at my door. (And if I did have such a special delivery, I won't be using any technological channels at all.) -TD