[148317] in cryptography@c2.net mail archive
Re: [Cryptography] Email is unsecurable
daemon@ATHENA.MIT.EDU (ianG)
Wed Nov 27 23:36:09 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 28 Nov 2013 07:33:08 +0300
From: ianG <iang@iang.org>
To: cryptography@metzdowd.com
In-Reply-To: <D4800443-5C36-43A7-9A32-FFC5D9FE4C99@lrw.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 28/11/13 00:20 AM, Jerry Leichter wrote:
> On Nov 27, 2013, at 1:18 PM, Arnold Reinhold <agr@me.com> wrote:
>>> Fortunately, there is a solution that we have long been aware of, which
>>> is smart cards....
>> With the maker movement, open hardware, Adruino, et al, the barrier to entry for hardware has dropped dramatically.... Simple hardware systems have less space to hide backdoors. I don't want to dump on the people trying to improve existing e-mail protocols and infrastructure, but maybe we should explore different, simpler paths at the same time.
>
> Ah, the irony.
>
> NSA was for years resistant to software-based cryptography.
Is this what the NSA called the home field advantage? It seems that
there are a number of factors which align strongly in NSA's favour:
they are the ones with more money, so can outspend. Their contractors
love them for it, so congress approves too. Hardware designs are harder
to crunch at cheap costs because specialised hardware is indicated.
Hardware is oh so much easier to control (read: stop) at the border.
Hardware is oh so much easier to control (read: pervert) at the fab.
> The DES initial and final permutations were trivial in hardware, a pain in software. It's long been thought that they were in the algorithm exactly to slow software implementations. FIPS and similar standards, whose form was clearly influence by NSA, to this day, have a bias toward hardware, to the point where parts of them have to be really stretched to even make sense for software.
Yup. I suspect we are at a watershed for national standards. Following
them may no longer make any sense. Even before the Snowden revelations,
it was widely recognised that the FIPS standard process created
unnecessary bloat and expense, with no perceivable security benefit over
simpler open engineering.
If TLS moves forward with the open curve suite, this will be a big signal.
> To this day, NSA seems to be big on smart cards and encryption "black boxes" rather than software on general-purpose machines.
>
> It was fashionable for years to dismiss that NSA mindset as just a hold-over from the past - we in the software world knew better.
>
> Well ... maybe we didn't. :-(
I don't think we ever knew as much as the NSA. They employ thousands to
our 1s and 10s. However, we can also do economics, and we can also do
things that make sense in smaller teams. And in software. One thing we
do know is that good crypto still works.
iang
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography