[cryptography] The NSA and secure VoIP
case at SDF.ORG
Thu Mar 1 23:22:33 EST 2012
On Thu, 1 Mar 2012, Jeffrey Walton wrote:
> On Thu, Mar 1, 2012 at 10:27 PM, Steven Bellovin <smb at cs.columbia.edu> wrote:
>> makes for interesting reading. I was particularly intrigued by this:
>> Voice calls are encrypted twice in accordance with NSA policy,
>> using IPSEC and SRTP, meaning a failure requires “two independent
>> bad things to happen,” Salter said.
>> Margaret Salter is the head of the Information Assurance Directorate
>> of the NSA.
> Interesting. I seem to recall that cascading ciphers is frowned upon
> on sci.crypt. I wonder if this is mis-information....
Yes, I've had that beaten into my head from books/talks/posts forever now,
but I never quite understood it.
If the end result of your ciphertext has headers or metadata that can be
used for known-plaintext attack, then it makes sense, but if you are just
feeding raw ciphertext into the next algorithm, it shouldn't be a
danger... right ?
More information about the cryptography