[cryptography] [info] The NSA Is Building the Countrybs Biggest Spy Center (Watch What You Say)

ianG iang at iang.org
Wed Mar 21 18:54:30 PDT 2012 

On 19/03/12 12:31 PM, ianG wrote:

> ... So after a lot of colour, it is not clear if they can break AES.
> Yet. OK. But that is their plan. And they think they can do it, within
> their foreseeable future.


So, step into NSA's shoes.  If there is a timeline here we (NSA) worked  
out we can break AES "soon" ... what would we do?

Would we impress everyone in the world as to how strong it was and push  
NIST to standardise it as much as possible?  Plausible given that everyone 
follows NIST's lead without question.  The Suite B sweetener is aptly 
named, nobody seems to have missed the sour taste of Suite A ;-)

Would we propose or advance some modes or protocols above others?

Where I'm getting at here is things like CTR mode.  It seems that this  
mode reduces the obfuscations of CBC to make AES the sole and only fulcrum 
of strength.  Nice, clear and simple.  But, assuming a predictable counter, 
we have lots of ciphertext with a clear relationship.  So CTR is easier to 
crack assuming a big machine that makes the local county brown-out every 
time someone wants to read a conversation.

Or, is the advantage that CBC and other modes have - obfuscation of the  
ciphertext with variation stolen from the plaintext - of such low value in 
the scheme of things that these things make no difference?  Is the choice 
of mode irrelevant if AES has a weakness?

iang



(context here is that I am examining an older protocol of mine with  
thought of replacing it, and wonder which mode to prefer...)

(thinking about it more, my normal rule of "ignore the NSA always" should 
answer this :) )
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list