[146502] in cryptography@c2.net mail archive
Re: [Cryptography] NSA and cryptanalysis
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sun Sep 1 14:05:28 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 1 Sep 2013 14:05:14 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: John Kelsey <crypto.jmk@gmail.com>
In-Reply-To: <F73B87F2-E2E7-47F8-8726-E8F198CF3B45@gmail.com>
Cc: "cryptography@metzdowd.com List" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Sat, 31 Aug 2013 17:00:01 -0400 John Kelsey <crypto.jmk@gmail.com>
wrote:
> If I had to bet, I'd bet on bad rngs as the most likely source of a
> breakthrough in decrypting lots of encrypted traffic from different
> sources.
This seems by far the most probable conclusion. Note, for example,
Heninger et al's recent work on the Taiwanese national smartcards. A
discovery that some commonly used randomness sources are dramatically
less random than supposed could dramatically lower the work factor on
an otherwise brute force attack.
That said, we simply can't know, and I think excessive speculation on
the basis of no actual concrete information isn't that productive.
Perry
--
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
