[cryptography] regarding the NSA crypto "breakthrough"
grarpamp at gmail.com
Thu Sep 5 19:14:40 EDT 2013
On 9/5/13, coderman <coderman at gmail.com> wrote:
> On Thu, Sep 5, 2013 at 11:38 AM, grarpamp <grarpamp at gmail.com> wrote:
>>> however, the crypto breakthrough discussed is more mundane:
>> Source? Sure, non-PFS can be exploited.
> i asked Snowden for an authoritative copy... ;P
Didn't John just say something about journalists and
>> But extending that
>> as underlying explanation of the Bamford quote is dangerous.
>> It's Bamford's quote, ask him.
> there's lots of disinformation around this topic, comparisons and
> analogies that indicate this has been filtered through less technical
> he can't say much about specifics, remember?
>>> deployment of deep packet inspection with SSL/TLS capabilities.
>> I'd call it 'applied decrypting' not some breakthrough in
>> or 'break'ing any crypto. Words are important.
> see above regarding technical vs. non-technical. for the high ups,
> getting access to encrypted communication is "breaking encryption".
> whether that is breaking by cooperative agreement and new hardware, or
> breaking by new attacks on crypto primitives themselves, it is
> indistinguishable to them but makes all the difference to us.
> to walk through with rough ballpark but by no means representative numbers
All good extended analysis indeed. Perhaps my issue is just
with the words. I read Bamford as indicating attacks against
the crypto itself, not tricks applied downstream or around it
(regardless of how wholesale, specific, successful or profitable a
given applied approach might be in the eyes of the doers or the done).
While recently novel and profitable with centralized services,
borrowing traditional certs  or logging the PFS session keys 
is vastly different from having a working "cryptanalysis" against the
long term thought to be dependable underlings such as
RSA, AES, ECC, etc.
Surely if the cooperation to achieve  is so tight then  would
be equally doable. Then again, might as well ship the plaintext
straight off the servers.
More information about the cryptography