Rich Freeman on 18 Sep 2013 06:49:22 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] encryption

On Wed, Sep 18, 2013 at 9:35 AM, Aaron Mulder
<> wrote:
> On Wed, Sep 18, 2013 at 9:15 AM, Rich Freeman <> wrote:
>> If they have a goal of cracking 256-bit AES, and they're spending
>> billions on a supercomputer to implement it, then I think there is a
>> pretty high likelihood that they know of a weakness in the cipher that
>> they can exploit.
> On the other hand, you really have to ask yourself, if they could
> break AES-256, why would they say so?  If they're going out of their
> way to convince you NOT to use it, maybe it's *because* they can't
> crack it?

That thought crossed my mind which is why I was surprised they put
something like that on a webpage.  That does tend to make me think
that this is a cover for something else.  I'm not sure what other
problems are so demanding of supercomputer time - it could just be for
a cipher other than AES - perhaps one that everybody is likely to
switch to if they shun AES.

> (His other advice was to avoid ECC because
> whoever provides the constants may be holding a "private key" allowing
> them to crack it, and the NSA provided the recommended constants.)

I'm not a cryptographer, but my understanding is that this concern is
limited to the ECC-based PRNG that the NSA developed.  Apparently NIST
just announced they're discouraging anybody else from using it for the
same reason.

The real challenge is that the NSA spends a LOT of money on
cryptography R&D.  The "academic world" for cryptography largely
exists behind closed doors.  For every paper published in a journal,
there may be 100 published in some NSA-only journal.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --