[cryptography] Bruce Schneier on BULLRUN and related NSA programs

John Young jya at pipeline.com
Fri Sep 6 04:43:49 EDT 2013

Thanks for this pointer which leads to Schneier's two reports
in the Guardian about cooperating with Greenwald.

As head of BT security it is hard to believe that Schneier did not
know about BT's covert cooperation with GCHQ and NSA.
His NDA with BT would likely prevent disclosing that knowledge
along with protection of his vaunted rep as an incorruptible FOI

Similarly with other notable comsec wizards, the duplicity of
NSA and GCHQ should not be a surprise unless pretense of
surprise is part of the highly rewarding covert cooperation.

Cryptographers are of necessity shady operators, the louder
they profess trustworthiness the more likely not, NSA and
GCHQ role models and dispensers of lucre the role model.

I seem to recall that there is an inverse relationship between
advertized trust and deserved. Modest and quiet cryptographers
have superior ethics over word artists. So a good match
between commercially successful essayists Schneier and
Greenwald. Let the haughty rhetoric gush.

And as Schneier blogs, wise to keep secrets in their pocket(book)s.
And as he demurs to the Guardian and others on why not
release all the Snowden docs, presumably the docs need careful
vetting to prevent embarassing disclosures of duplicity of
media and comsec wizards, a tradition as old as comsec.

Schneier's aptly revealing humor about crypto weakness:
it's never the math, its the agents of the code.

At 03:49 AM 9/6/2013, you wrote:
>select quotes from
>"The NSA Is Breaking Most Encryption on the Internet"
>    http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html
>Remember this: The math is good, but math has no agency. Code has
>agency, and the code has been subverted.
>[regarding magic curve constants]
>Bruce Schneier • September 5, 2013 4:07 PM
>I no longer trust the constants. I believe the NSA has manipulated
>them through their relationships with industry.
>Bruce Schneier • September 5, 2013 7:32 PM
>"You recommended to 'Prefer symmetric cryptography over public-key
>cryptography.' Can you elaborate on why?"
>It is more likely that the NSA has some fundamental mathematical
>advance in breaking public-key algorithms than symmetric algorithms.
>[EDITOR: the safety margin for key lengths over time is definitely
>more reassuring for symmetric ciphers*. and aggravating that hardware
>security products and other encryption appliances and systems do not
>accomodate 4k or even 2k keys well, not to mention the varied cipher
>suites you may prefer...]
>Bruce Schneier • September 5, 2013 4:58 PM
>"Why are you not going to write about those 'other few things'? Can
>you write about the here please?
>I want to keep some secrets in my back pocket.
>* key length recommendations in bits
>Lenstra and Verheul Equations (2000)
>symmetric: 70
>pubkey. 952
>hash: 140
>compare to: ECRYPT II 2011-2015
>symmetric: 80
>pubkey: 1248
>hash: 160
>and considering projection: ECRYPT II  >2041
>symmetric: 256
>pubkey: 15424
>hash: 512

More information about the cryptography mailing list