[146601] in cryptography@c2.net mail archive
Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN"
daemon@ATHENA.MIT.EDU (Lance James)
Thu Sep 5 19:59:59 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130905155804.03b6eedd@jabberwock.cb.piermont.com>
From: Lance James <lancej@gmail.com>
Date: Thu, 5 Sep 2013 19:25:52 -0400
To: "Perry E. Metzger" <perry@piermont.com>
Cc: Cryptography List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============5936617323966817528==
Content-Type: multipart/alternative; boundary=089e0115fe0e61354604e5ab3f53
--089e0115fe0e61354604e5ab3f53
Content-Type: text/plain; charset=ISO-8859-1
Hi all,
If you read the articles carefully, you'll note that at no point does the
NSA appear to have actually broken the *cryptography* in use. It's hard to
get concrete details from such vague writing and no access to the the
original documents, but it sounds like they've mostly gotten a lot of
backdoors in *systems* (not algorithms, though they may have tried that
with Dual_EC_DRBG in NIST SP 800-90 in 2006 ... which lasted barely a year
before public cryptographers flagged it).
Basically, the summary of this new information appears to be best given by
Paul Kocher, who noted that the NSA had pushed for a backdoor key escrow
system with the Clipper Chip, was denied, "... and they went and did it
anyway, without telling anyone." In this case, it wasn't a mandated key
escrow backdoor, but through a combination of targeted interception and
strong-arming companies like Google and Microsoft, they got enough.
It's the same old story of crypto in the real world: Don't attack the
algorithm; Attack the system.
Better story here:
http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html
On Thu, Sep 5, 2013 at 3:58 PM, Perry E. Metzger <perry@piermont.com> wrote:
> I would like to open the floor to *informed speculation* about
> BULLRUN.
>
> Informed speculation means intelligent, technical ideas about what
> has been done. It does not mean wild conspiracy theories and the
> like. I will be instructing the moderators (yes, I have help these
> days) to ruthlessly prune inappropriate material.
>
> At the same time, I will repeat that reasonably informed
> technical speculation is appropriate, as is any solid information
> available.
>
>
> Perry
> --
> Perry E. Metzger perry@piermont.com
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
--
Lance James
http://soundcloud.com/lancejames
Office: 760-262-4141
l <lancej@securescience.net>ancej@gmail.com
--089e0115fe0e61354604e5ab3f53
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">
<p class=3D"">Hi all,</p><p class=3D""><br></p><p class=3D"">If you read th=
e articles carefully, you'll note that at no point does the NSA appear =
to have actually broken the *cryptography* in use.=A0 It's hard to get =
concrete details from such vague writing and no access to the the original =
documents, but it sounds like they've mostly gotten a lot of backdoors =
in *systems* (not algorithms, though they may have tried that with Dual_EC_=
DRBG in NIST SP 800-90 in 2006 ... which lasted barely a year before public=
cryptographers flagged it).<br>
</p>
<p class=3D""><br></p>
<p class=3D"">Basically, the summary of this new information appears to be =
best given by Paul Kocher, who noted that the NSA had pushed for a backdoor=
key escrow system with the Clipper Chip, was denied, "... and they we=
nt and did it anyway, without telling anyone."=A0 In this case, it was=
n't a mandated key escrow backdoor, but through a combination of target=
ed interception and strong-arming companies like Google and Microsoft, they=
got enough.</p>
<p class=3D""><br></p>
<p class=3D"">It's the same old story of crypto in the real world: Don&=
#39;t attack the algorithm; Attack the system.</p><p class=3D""><br></p><p =
class=3D"">Better story here:=A0<a href=3D"http://www.schneier.com/blog/arc=
hives/2013/09/the_nsa_is_brea.html">http://www.schneier.com/blog/archives/2=
013/09/the_nsa_is_brea.html</a></p>
<div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Thu, Sep 5=
, 2013 at 3:58 PM, Perry E. Metzger <span dir=3D"ltr"><<a href=3D"mailto=
:perry@piermont.com" target=3D"_blank">perry@piermont.com</a>></span> wr=
ote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">I would like to open the floor to *informed =
speculation* about<br>
BULLRUN.<br>
<br>
Informed speculation means intelligent, technical ideas about what<br>
has been done. It does not mean wild conspiracy theories and the<br>
like. I will be instructing the moderators (yes, I have help these<br>
days) to ruthlessly prune inappropriate material.<br>
<br>
At the same time, I will repeat that reasonably informed<br>
technical speculation is appropriate, as is any solid information<br>
available.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
Perry<br>
--<br>
Perry E. Metzger =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0<a href=3D"mailto:perry@pie=
rmont.com">perry@piermont.com</a><br>
_______________________________________________<br>
The cryptography mailing list<br>
<a href=3D"mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><=
br>
<a href=3D"http://www.metzdowd.com/mailman/listinfo/cryptography" target=3D=
"_blank">http://www.metzdowd.com/mailman/listinfo/cryptography</a><br>
</font></span></blockquote></div><br><br clear=3D"all"><div><br></div>-- <b=
r><div dir=3D"ltr">Lance James<br><a href=3D"http://soundcloud.com/lancejam=
es" target=3D"_blank">http://soundcloud.com/lancejames</a><br><span>Office:=
<span id=3D"gc-number-0" class=3D"gc-cs-link" title=3D"Call with Google Vo=
ice">760-262-4141</span></span><br>
<a href=3D"mailto:lancej@securescience.net" target=3D"_blank">l</a><a href=
=3D"mailto:ancej@gmail.com" target=3D"_blank">ancej@gmail.com</a><br><br></=
div>
</div></div>
--089e0115fe0e61354604e5ab3f53--
--===============5936617323966817528==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============5936617323966817528==--
