[cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"

Marcus Brinkmann marcus.brinkmann at ruhr-uni-bochum.de
Sun Jul 14 18:54:57 EDT 2013


On 07/13/2013 04:20 AM, Peter Gutmann wrote:
> Nico Williams <nico at cryptonector.com> writes:
> 
>> I'd like to understand what attacks NSA and friends could mount, with Intel's
>> witting or unwitting cooperation, particularly what attacks that *wouldn't*
>> put civilian (and military!) infrastructure at risk should details of a
>> backdoor leak to the public, or *worse*, be stolen by an antagonist.  
> 
> Right.  How exactly would you backdoor an RNG so (a) it could be effectively
> used by the NSA when they needed it (e.g. to recover Tor keys), (b) not affect
> the security of massive amounts of infrastructure, and (c) be so totally
> undetectable that there'd be no risk of it causing a s**tstorm that makes the
> $0.5B FDIV bug seem like small change (not to mention the legal issues, since
> this one would have been inserted deliberately, so we're probably talking bet-
> the-company amounts of liability there).

So your arguments are, the way I understand them: a) They are too dumb
to do that, b) they are too smart to do that, and c) they don't want to
be embarrassed.

And yet we have Stuxnet (effective use of technology? Check.  affecting
the security of massive amounts of infrastructure? Check.  zero
liability for the perpetrators? Check.) and Prism (Check, Check, Check,
with companies being shielded by gag orders based on secret law
interpretations)

It seems a bit anachronistic to dismiss paranoia lightly...

(That being said, PC architecture chips are notoriously complex and bug
ridden, why bother with a backdoor at all?  Just make sure you get the
inside scoop on the design flaws, and you are done.)

Thanks,
Marcus



More information about the cryptography mailing list