Viewpoint: Foiling Quantum Hackers

Viewpoint: Foiling Quantum Hackers.

-- Tom

 

Looks promising, but don't ever expect this technology to filter down to the common people. Governments will not allow us to have unbreakable encryption. Ever.

 

Regardless of what governments allow or don't allow, there will always be an above ground effort to take up the challenge of providing an open alternative to it.

-- Tom

 

We already have it .
(no, they can NOT 'break' AES, twofish, blowfish etc etc)

Not even the NSA are arrogant enough to think they can back-door crypto-algorithms without anybody else being able to use the door
- And they ARE smart enough to realize just how dangerous it would be .

 

Yeah right, with their record I wouldn't put it past them to backdoor it. Who knows what has backdoor's in it now, it's really anything and everything now has a chance of being backdoored. & I doubt Snowden had TOP HIGH CLASSIFIED clerence so the doc's we are getting are not all that there is to be told.

 

Ever think ECC encryption is built with flaws? Why is it being pushed so suddenly so fast. I would say the old encryption methods are more secure because going by public image of encryption, everyone is saying to get away from the old and push forth toward ECC. I believe its a double bluff to get people off old mathematics and into new more complex mathematics with less testing and more holes.

 

I don't think that's the case. NSA does believe internally that ECC is more secure. The question is, did they find a classified flaw with RSA, DH, etc which made them make a change to their own systems (which are now ECC)?

If ECC has holes it will be because NSA has chosen weak curves with "magic" constants as it is now speculated they did with the NIST curves. This would allow everyone else to use strong ECC with a flaw that only NSA would be able to exploit. Thus, it's a win-win for NSA -- they protect American data from everyone else while still being able to break in themselves. This is why I don't think the NIST curves should be trusted, as there is some debate about how the curves were generated.

Perhaps this is a bit "paranoid" but after the Snowden revelations (where it is made clear that NSA spends millions a year tampering with products and standards), one cannot be too careful. I now question even the AES because, by all accounts, it was the least secure of the 5 finalists. However, the one thing it has going for it is that the community at large voted it as the standard, so it seems unlikely NSA would be able to influence that many people.

So, while I am suspicious of AES, it is the least of my worries. I think public-key algorithms are much more likely to have intentional flaws in them because public-key algorithms are what protect the vast majority of data going across the Internet.

But. ultimately, I think the biggest pay-off for NSA comes in the form of hardware and software tampering more than it does in weak algorithms. The documents revealed that they have recently put a backdoor in some VPN encryption chips (used in router appliances). This is no doubt how they were able to "break VPN." Why do cryptanalysis when you can merely cheat?