From eugen@leitl.org Fri Sep 27 13:08:39 2013 From: Eugen Leitl To: cypherpunks@lists.cpunks.org Subject: Re: [tt] How a Crypto =?utf-8?b?4oCYQmFja2Rvb3LigJk=?= Pitted the Tech World Against the NSA Date: Fri, 27 Sep 2013 19:08:34 +0200 Message-ID: <20130927170834.GG10405@leitl.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5635290738731889236==" --===============5635290738731889236== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable ----- Forwarded message from Christian Weisgerber ----- Date: Fri, 27 Sep 2013 16:11:47 +0000 (UTC) From: Christian Weisgerber To: tt(a)postbiota.org Subject: Re: [tt] How a Crypto =E2=80=98Backdoor=E2=80=99 Pitted the Tech Wor= ld Against the NSA Eugen Leitl wrote: > http://www.wired.com/threatlevel/2013/09/nsa-backdoor/all/ These articles from Matthew Green's Blog offer a better understanding instead of cutesy writing and soundbites: The Many Flaws of Dual_EC_DRBG http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.= html RSA warns developers not to use RSA products=20 http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-= its-own.html --=20 Christian "naddy" Weisgerber naddy(a)mips.inka.de _______________________________________________ tt mailing list tt(a)postbiota.org http://postbiota.org/mailman/listinfo/tt ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5 --===============5635290738731889236==-- From yersinia.spiros@gmail.com Fri Sep 27 15:33:43 2013 From: yersinia To: cypherpunks@lists.cpunks.org Subject: Re: [tt] How a Crypto =?utf-8?b?4oCYQmFja2Rvb3LigJk=?= Pitted the Tech World Against the NSA Date: Fri, 27 Sep 2013 21:33:35 +0200 Message-ID: In-Reply-To: <20130927170834.GG10405@leitl.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1360952368174767586==" --===============1360952368174767586== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Fri, Sep 27, 2013 at 7:08 PM, Eugen Leitl wrote: > ----- Forwarded message from Christian Weisgerber > ----- > > Date: Fri, 27 Sep 2013 16:11:47 +0000 (UTC) > From: Christian Weisgerber > To: tt(a)postbiota.org > Subject: Re: [tt] How a Crypto =E2=80=98Backdoor=E2=80=99 Pitted the Tech W= orld Against > the NSA > > Eugen Leitl wrote: > > > http://www.wired.com/threatlevel/2013/09/nsa-backdoor/all/ > > These articles from Matthew Green's Blog offer a better understanding > instead of cutesy writing and soundbites: > > The Many Flaws of Dual_EC_DRBG > > http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrb= g.html I have posted this before in a linkedin group. It is really interesting the Mr, *Blaine Bateman* (also linkedin group member) "Then what happened is some arrogant scientist at NIST (full disclosure--I was formerly a NIST employee, and the terms of my departure still burn as a fire in the pit of my stomach) conveniently "forgot" to put the correct ones in the standard, or did it on purpose since "Anyone of modest skill in cryptography will detect the problem and come up with their own P-Q pair correctly. Anyone who doesn't deserves what they get." There are, in my estimation, people that arrogant employed by NIST." No good. No. --===============1360952368174767586== Content-Type: text/html Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="attachment.html" MIME-Version: 1.0 PGRpdiBkaXI9Imx0ciI+T24gRnJpLCBTZXAgMjcsIDIwMTMgYXQgNzowOCBQTSwgRXVnZW4gTGVp dGwgPHNwYW4gZGlyPSJsdHIiPiZsdDs8YSBocmVmPSJtYWlsdG86ZXVnZW5AbGVpdGwub3JnIiB0 YXJnZXQ9Il9ibGFuayI+ZXVnZW5AbGVpdGwub3JnPC9hPiZndDs8L3NwYW4+IHdyb3RlOjxicj48 ZGl2IGNsYXNzPSJnbWFpbF9leHRyYSI+PGRpdiBjbGFzcz0iZ21haWxfcXVvdGUiPjxibG9ja3F1 b3RlIGNsYXNzPSJnbWFpbF9xdW90ZSIgc3R5bGU9Im1hcmdpbjowcHggMHB4IDBweCAwLjhleDti b3JkZXItbGVmdC13aWR0aDoxcHg7Ym9yZGVyLWxlZnQtY29sb3I6cmdiKDIwNCwyMDQsMjA0KTti b3JkZXItbGVmdC1zdHlsZTpzb2xpZDtwYWRkaW5nLWxlZnQ6MWV4Ij4KLS0tLS0gRm9yd2FyZGVk IG1lc3NhZ2UgZnJvbSBDaHJpc3RpYW4gV2Vpc2dlcmJlciAmbHQ7PGEgaHJlZj0ibWFpbHRvOm5h ZGR5QG1pcHMuaW5rYS5kZSI+bmFkZHlAbWlwcy5pbmthLmRlPC9hPiZndDsgLS0tLS08YnI+Cjxi cj4KRGF0ZTogRnJpLCAyNyBTZXAgMjAxMyAxNjoxMTo0NyArMDAwMCAoVVRDKTxicj4KRnJvbTog Q2hyaXN0aWFuIFdlaXNnZXJiZXIgJmx0OzxhIGhyZWY9Im1haWx0bzpuYWRkeUBtaXBzLmlua2Eu ZGUiPm5hZGR5QG1pcHMuaW5rYS5kZTwvYT4mZ3Q7PGJyPgpUbzogPGEgaHJlZj0ibWFpbHRvOnR0 QHBvc3RiaW90YS5vcmciPnR0QHBvc3RiaW90YS5vcmc8L2E+PGJyPgpTdWJqZWN0OiBSZTogW3R0 XSBIb3cgYSBDcnlwdG8gkUJhY2tkb29ykiBQaXR0ZWQgdGhlIFRlY2ggV29ybGQgQWdhaW5zdCB0 aGUgTlNBPGJyPgo8YnI+CkV1Z2VuIExlaXRsICZsdDs8YSBocmVmPSJtYWlsdG86ZXVnZW5AbGVp dGwub3JnIj5ldWdlbkBsZWl0bC5vcmc8L2E+Jmd0OyB3cm90ZTo8YnI+Cjxicj4KJmd0OyA8YSBo cmVmPSJodHRwOi8vd3d3LndpcmVkLmNvbS90aHJlYXRsZXZlbC8yMDEzLzA5L25zYS1iYWNrZG9v ci9hbGwvIiB0YXJnZXQ9Il9ibGFuayI+aHR0cDovL3d3dy53aXJlZC5jb20vdGhyZWF0bGV2ZWwv MjAxMy8wOS9uc2EtYmFja2Rvb3IvYWxsLzwvYT48YnI+Cjxicj4KVGhlc2UgYXJ0aWNsZXMgZnJv bSBNYXR0aGV3IEdyZWVuJiMzOTtzIEJsb2cgb2ZmZXIgYSBiZXR0ZXIgdW5kZXJzdGFuZGluZzxi cj4KaW5zdGVhZCBvZiBjdXRlc3kgd3JpdGluZyBhbmQgc291bmRiaXRlczo8YnI+Cjxicj4KVGhl IE1hbnkgRmxhd3Mgb2YgRHVhbF9FQ19EUkJHPGJyPgo8YSBocmVmPSJodHRwOi8vYmxvZy5jcnlw dG9ncmFwaHllbmdpbmVlcmluZy5jb20vMjAxMy8wOS90aGUtbWFueS1mbGF3cy1vZi1kdWFsZWNk cmJnLmh0bWwiIHRhcmdldD0iX2JsYW5rIj5odHRwOi8vYmxvZy5jcnlwdG9ncmFwaHllbmdpbmVl cmluZy5jb20vMjAxMy8wOS90aGUtbWFueS1mbGF3cy1vZi1kdWFsZWNkcmJnLmh0bWw8L2E+PC9i bG9ja3F1b3RlPjxkaXY+PGJyPjwvZGl2Pgo8ZGl2PkkgaGF2ZSBwb3N0ZWQgdGhpcyBiZWZvcmUg aW4gYSBsaW5rZWRpbiBncm91cC4gSXQgaXMgcmVhbGx5IGludGVyZXN0aW5nIKB0aGUgTXIsoDxm b250IGNvbG9yPSIjMzc3OGNkIiBmYWNlPSJBcmlhbCwgVGFob21hLCBIZWx2ZXRpY2EsIEZyZWVT YW5zLCBzYW5zLXNlcmlmIj48c3BhbiBzdHlsZT0ibGluZS1oZWlnaHQ6MThweCI+PGI+QmxhaW5l IEJhdGVtYW48L2I+PC9zcGFuPjwvZm9udD6gKGFsc28gbGlua2VkaW4gZ3JvdXAgbWVtYmVyKTwv ZGl2Pgo8ZGl2PiZxdW90OzxzcGFuIHN0eWxlPSJjb2xvcjpyZ2IoNjgsNjgsNjgpO2ZvbnQtZmFt aWx5OkFyaWFsLFRhaG9tYSxIZWx2ZXRpY2EsRnJlZVNhbnMsc2Fucy1zZXJpZjtmb250LXNpemU6 MTNweDtsaW5lLWhlaWdodDoxOHB4O3RleHQtYWxpZ246anVzdGlmeSI+VGhlbiB3aGF0IGhhcHBl bmVkIGlzIHNvbWUgYXJyb2dhbnQgc2NpZW50aXN0IGF0IE5JU1QgKGZ1bGwgZGlzY2xvc3VyZS0t SSB3YXMgZm9ybWVybHkgYSBOSVNUIGVtcGxveWVlLCBhbmQgdGhlIHRlcm1zIG9mIG15IGRlcGFy dHVyZSBzdGlsbCBidXJuIGFzIGEgZmlyZSBpbiB0aGUgcGl0IG9mIG15IHN0b21hY2gpIGNvbnZl bmllbnRseSAmcXVvdDtmb3Jnb3QmcXVvdDsgdG8gcHV0IHRoZSBjb3JyZWN0IG9uZXMgaW4gdGhl IHN0YW5kYXJkLCBvciBkaWQgaXQgb24gcHVycG9zZSBzaW5jZSAmcXVvdDtBbnlvbmUgb2YgbW9k ZXN0IHNraWxsIGluIGNyeXB0b2dyYXBoeSB3aWxsIGRldGVjdCB0aGUgcHJvYmxlbSBhbmQgY29t ZSB1cCB3aXRoIHRoZWlyIG93biBQLVEgcGFpciBjb3JyZWN0bHkuIEFueW9uZSB3aG8gZG9lc24m IzM5O3QgZGVzZXJ2ZXMgd2hhdCB0aGV5IGdldC4mcXVvdDsgVGhlcmUgYXJlLCBpbiBteSBlc3Rp bWF0aW9uLCBwZW9wbGUgdGhhdCBhcnJvZ2FudCBlbXBsb3llZCBieSBOSVNULiZxdW90Ozwvc3Bh bj48L2Rpdj4KPGRpdj48c3BhbiBzdHlsZT0iY29sb3I6cmdiKDY4LDY4LDY4KTtmb250LWZhbWls eTpBcmlhbCxUYWhvbWEsSGVsdmV0aWNhLEZyZWVTYW5zLHNhbnMtc2VyaWY7Zm9udC1zaXplOjEz cHg7bGluZS1oZWlnaHQ6MThweDt0ZXh0LWFsaWduOmp1c3RpZnkiPjxicj48L3NwYW4+PC9kaXY+ PGRpdj5ObyBnb29kLiBOby48L2Rpdj48ZGl2Pjxicj48L2Rpdj48L2Rpdj48L2Rpdj48L2Rpdj4K --===============1360952368174767586==--