Re: [cryptography] Bruce Schneier on BULLRUN and related NSA programs
----- Forwarded message from ianG
select quotes from
"The NSA Is Breaking Most Encryption on the Internet" http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html
""" Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted.
Nice quote!
Bruce Schneier • September 5, 2013 7:32 PM
"You recommended to 'Prefer symmetric cryptography over public-key cryptography.' Can you elaborate on why?"
Some of us have been saying this for a while. E.g., " #2.4 Avoid Public Key Cryptography like the Plague Public key cryptography is the kiss of death to simplicity. The problem is that it is not simple, not amenable to KISS, and full of traps that will swallow a battleship. Although the very basic idea is understandable and elegant, none of the instantiations of public key cryptography can create simple interfaces that are free of minefields. ..." http://iang.org/ssl/h2_divide_and_conquer.html#h2.4
It is more likely that the NSA has some fundamental mathematical advance in breaking public-key algorithms than symmetric algorithms.
It is more likely that the implementors made a mistake. This can be seen also in that all the symmetric algorithms are amenable to black-box and deterministic testing, whereas the asymmetric ones are not so amenable. Oh, and forget the key sizes. This is not about the key sizes. iang _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
participants (1)
-
Eugen Leitl