[147189] in cryptography@c2.net mail archive
Re: [Cryptography] paranoid cryptoplumbing is a probably not
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Tue Sep 17 13:42:42 2013
X-Original-To: cryptography@metzdowd.com
Date: Tue, 17 Sep 2013 13:42:34 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Tony Arcieri <bascule@gmail.com>
In-Reply-To: <CAHOTMVJCepADrervADSYZqn4L-m8qCuJWeeynvphJ5teyNotvQ@mail.gmail.com>
Cc: Jerry Leichter <leichter@lrw.com>, Crypto <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Tue, 17 Sep 2013 10:07:38 -0700 Tony Arcieri <bascule@gmail.com>
wrote:
> The NSA of course participated in active attacks too, but it seems
> their main MO was passive traffic collection.
That's not what I've gotten out of the most recent revelations. It
would seem that they've been evading rather than breaking the crypto:
putting back doors in protocols, stealing keys, encouraging weak
RNGs, adding flaws to hardware, etc. -- as well as doing active
attacks using stolen or broken CA keys.
I don't doubt that they archive everything they can forever, of
course.
Perry
--
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
