Fwd: [Cryptography] Proof that the NSA does not have a quantum computer capable of attacking public key crypto (yet)
---------- Forwarded message ---------- From: Phillip Hallam-Baker <phill@hallambaker.com> Date: Tue, 9 Feb 2016 23:49:40 -0500 Subject: [Cryptography] Proof that the NSA does not have a quantum computer capable of attacking public key crypto (yet) To: "cryptography@metzdowd.com" <cryptography@metzdowd.com> Proof that the NSA does not have a quantum computer capable of attacking public key crypto (yet) A) Assume that the NSA has such a machine.
From A it follows that the machine can be used to forge bitcoin transfers.
B) Large areas of the bitcoin mining pool have never been spent. A,B) Anyone with a QC could use it to break the keys of the wallets holding $500 million. C) This has not happened. D) The NSA has awful internal security, (see Snowden). NSA resources are known to have been diverted for LOVINT. It is unlikely NSA employees are more honest than those of federal law enforcement whose investigator ripped off the Silk Road operator for at least half a million. The third in command at the CIA was recently prosecuted and copped a plea for participating in the 'Duke' Cunningham bribery ring poker and prostitutes parties at the Watergate. Oh and Secret Service... need I go on. C,D) it follows that the NSA is not capable of breaking bitcoin Therefore NSA does not have a quantum computer (yet). _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
While I believe the NSA does not have such a machine for different reasons, in particular that I don't think it's possible for them to get that far ahead of the state-of-the-art, I think it's something of a leap from "NSA doesn't have good internal security" to "NSA wouldn't provide good internal security to a computer system that far ahead of the state of the art." If they ARE hiding a quantum computer, that would make it more likely that there is an extremely strong compartment where they put their most precious secrets, while they lead the rest of the world to think the compartment Snowden had access to *was* that compartment. On Wed, Feb 10, 2016 at 11:16 AM grarpamp <grarpamp@gmail.com> wrote:
---------- Forwarded message ---------- From: Phillip Hallam-Baker <phill@hallambaker.com> Date: Tue, 9 Feb 2016 23:49:40 -0500 Subject: [Cryptography] Proof that the NSA does not have a quantum computer capable of attacking public key crypto (yet) To: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Proof that the NSA does not have a quantum computer capable of attacking public key crypto (yet)
A) Assume that the NSA has such a machine.
From A it follows that the machine can be used to forge bitcoin transfers.
B) Large areas of the bitcoin mining pool have never been spent.
A,B) Anyone with a QC could use it to break the keys of the wallets holding $500 million.
C) This has not happened.
D) The NSA has awful internal security, (see Snowden). NSA resources are known to have been diverted for LOVINT. It is unlikely NSA employees are more honest than those of federal law enforcement whose investigator ripped off the Silk Road operator for at least half a million. The third in command at the CIA was recently prosecuted and copped a plea for participating in the 'Duke' Cunningham bribery ring poker and prostitutes parties at the Watergate. Oh and Secret Service... need I go on.
C,D) it follows that the NSA is not capable of breaking bitcoin
Therefore NSA does not have a quantum computer (yet). _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
On 2/10/16, Sean Lynch <seanl@literati.org> wrote:
If they ARE hiding a quantum computer, that would make it more likely that there is an extremely strong compartment where they put their most precious secrets, while they lead the rest of the world to think the compartment Snowden had access to *was* that compartment.
Snowden clearly didn't have access to the crypto compartment. Or... the journos, himself (and even unrelated deathbed retirees talking to the likes of Bamford...) are all too afraid (or too, omg, yay we can read AES patriotic advantage USA) to leak it. Ops and compute can be extrapolated from military and commercial sector physical stuff these days. But crypto, maths, algos... brain stuff... has always been their jewels. Question is... will the new generation of leaksphere... wikileaks, anonymous, darknets, the poitras / greenwalds, ecuadors, technology, ethos, philosophy, rockstar, etc... begin to elicit cracks in that?
On Wed, Feb 10, 2016 at 9:03 PM grarpamp <grarpamp@gmail.com> wrote:
Question is... will the new generation of leaksphere... wikileaks, anonymous, darknets, the poitras / greenwalds, ecuadors, technology, ethos, philosophy, rockstar, etc... begin to elicit cracks in that?
I certainly hope so, though it only really matters if their capabilities are beyond what the general public already believes them to be. In the realm of their pure crypto/cryptanalysis operations, there may not be much going on that's unexpected or even unethical. That stuff may happen in the social engineering department, e.g. the RSA bribe, which we found out about.
On Thu, Feb 11, 2016 at 07:29:40PM +0000, Sean Lynch wrote:
On Wed, Feb 10, 2016 at 9:03 PM grarpamp <grarpamp@gmail.com> wrote:
Question is... will the new generation of leaksphere... wikileaks, anonymous, darknets, the poitras / greenwalds, ecuadors, technology, ethos, philosophy, rockstar, etc... begin to elicit cracks in that?
I certainly hope so, though it only really matters if their capabilities are beyond what the general public already believes them to be. In the realm of their pure crypto/cryptanalysis operations, there may not be much going on that's unexpected or even unethical. That stuff may happen in the social engineering department, e.g. the RSA bribe, which we found out about.
It would be really funny to find out that Bitcoin is a crowdsourced rainbow-table like mechanism for the NSA to crack similiar keys for the particular EC curve used. The one thing Bitcoin is probably good for is putting out a testable lure for any quantum computing DSA crackers. If you could, in theory crack a $500million wallet, you have to find someone stupid enough to have $500million worth of buy orders *on the market* if you wanted out fast, or you'd have to pull it out with a straw over months or years, all the while knowing that someone else could just crack the keys you just cracked. That single wallet is worth less than $50M if you succeed in cracking it. Seems far easier to rob a bank or blackmail some executives. If you start cracking a bunch of smaller wallets, that might be more profitable, but would really probably take a whole team of people to manage. Now, if Coinbase, and all the other bitcoin mafioso that paid off the right folks to exchange it for dollars would get Lloyds of London to underwrite a policy guaranteeing a $500 million (dollar) prize to the first proven key cracking, I expect you'd see a QC key cracker a lot sooner than if the NSA is funding it.
participants (3)
-
grarpamp -
Sean Lynch -
Troy Benjegerdes