NSA Crypto Backdoors
The cluster focuses on discussions of the NSA's alleged history of weakening or backdooring cryptographic standards, particularly Dual_EC_DRBG, DES, and elliptic curves, with references to past scandals and skepticism toward government-influenced crypto.
Activity Over Time
Top Contributors
Keywords
Sample Comments
Yeah the NSA would never try to break crypto anyhow coughDual_EC_DRBGcough
Like the Dual_EC_DRBG issue involving the NSA?
TIL that the NSA designed SHA and there is at least a chance they implementation of the elliptic curve has a back-door[1][1] https://arstechnica.com/information-technology/2014/01/how-t...
The NSA will never do that as it would be tipping their hand about whatever novel technique they reveal. In the past the NSA actually did provide some constants that went into DES and people were suspicious as the constants weren't randomly chosen. Later on it came out that differential cryptanalysis would have broken the original constants but the NSA provided ones were chosen to thwart this. They clearly knew about it well ahead of it being discovered in academia. Then you have the NSA&#x
The NSA deliberately weakened crypto keys/code. How is that any different?
Nope, see: https://en.wikipedia.org/wiki/Dual_EC_DRBG
The NSA has definitely weakened or back-doored crypto. It’s not a conspiracy or even a secret! It was a matter of (public) law in the 90s, such as “export grade” crypto.Most recently Dual_EC_DRBG was forced on American vendors by the NSA, but the backdoor private key was replaced by Chinese hackers in some Juniper devices and used by them to spy on westerners.Look up phrase likes “nobody but us” (NOBUS), which is the aspirational goal of these approaches, but often fails, leaving everyone
If the universe uses Dual_EC_DRBG then the NSA can read your mind.
This is the same NSA which backdoored Dual_EC_DRBG right?
Or maybe the choice of Dual EC DRBG constants are intended to protect against a new cryptanalysis technique known only to the NSA