[148137] in cryptography@c2.net mail archive
Re: [Cryptography] NIST should publish Suite A
daemon@ATHENA.MIT.EDU (Jerry Leichter)
Tue Nov 12 15:31:14 2013
X-Original-To: cryptography@metzdowd.com
From: Jerry Leichter <leichter@lrw.com>
In-Reply-To: <52628852.1060706@iang.org>
Date: Tue, 12 Nov 2013 06:28:04 -0500
To: ianG <iang@iang.org>
Cc: Cryptography Mailing List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Oct 19, 2013, at 9:25 AM, ianG wrote:
> There is one possibility to increase confidence dramatically:
>
> what's in Suite A?
>
> If we knew what Suite A used for PK work, we would then be able to triangulate. Although this is a claim based on absence of evidence, I predict that we'll be able to triangulate the question of ECC and settle the question of confidence.
The NSA would have no reason to be concerned about Suite A being attackable *by NSA*. If you're worried that NSA chose particular curves and parameters for public elliptic-curve cryptography based on secrets they hold that make it breakable ... there's no reason they couldn't do the same for Suite A. What we know about these back door techniques is that they don't seem to induce a weakness that someone *without* access to the secrets can leverage.
So while it would be interesting to see what's in Suite A, if you're concerned about snooping by the NSA, its own algorithms are the last things you'd want to use.
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
