[148563] in cryptography@c2.net mail archive
Re: [Cryptography] What do we know? (Was 'We cannot trust' ...)
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Sun Dec 22 01:37:17 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20131221222123.GB28787@acooke.org>
Date: Sat, 21 Dec 2013 22:06:41 -0500
From: Phillip Hallam-Baker <hallam@gmail.com>
To: andrew cooke <andrew@acooke.org>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============5621365322084490032==
Content-Type: multipart/alternative; boundary=001a11c21fbae5ffd404ee16cc04
--001a11c21fbae5ffd404ee16cc04
Content-Type: text/plain; charset=ISO-8859-1
On Sat, Dec 21, 2013 at 5:21 PM, andrew cooke <andrew@acooke.org> wrote:
> On Sat, Dec 21, 2013 at 12:59:25PM -0500, Phillip Hallam-Baker wrote:
> > The deal was reported at the time, I heard it as 'NSA pays RSA $10
> million
> > to make ECC available in BSafe'. Which was not at all surprising given
> that
> > we know RSA2048 (maybe RSA4096) is the end of the line for practical RSA.
>
> do you have any reference for that? i am trying to find support using
> google's search with date constraints, but am not finding anything.
>
> the nsa paid $25m for certicom's patents according to
> http://www.securityfocus.com/columnists/324 - maybe that is what you
> remember?
>
> all the reports on the $10m deal emphasise that it is new information; if
> it
> was reportd at the time then that is quite significant.
>
I don't remember the source, sorry. It was quite likely verbal.
They put out this PR when the SuiteB came out.
http://www.thefreelibrary.com/U.S.+Department+of+Defense+Agency+Selects+RSA+Security+Encryption...-a0143764730
But I remembered the deal when the first round of the DUAL_EC thing came
out. And no, it was not the certicom deal which was completely different.
The NSA was pushing ECC at the time hard. They didn't have any reason to
hide the deal.
What would be new data is confirming that the DUAL_EC RNG was the
compromise hinted at in the previous report. We had a report that the NSA
had bongoed some standard and there was consensus that the DUAL_EC was
bongoed.
--
Website: http://hallambaker.com/
--001a11c21fbae5ffd404ee16cc04
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On S=
at, Dec 21, 2013 at 5:21 PM, andrew cooke <span dir=3D"ltr"><<a href=3D"=
mailto:andrew@acooke.org" target=3D"_blank">andrew@acooke.org</a>></span=
> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex"><div class=3D"im">On Sat, Dec 21, 2013 at 12:59:25PM -0500=
, Phillip Hallam-Baker wrote:<br>
> The deal was reported at the time, I heard it as 'NSA pays RSA $10=
million<br>
> to make ECC available in BSafe'. Which was not at all surprising g=
iven that<br>
> we know RSA2048 (maybe RSA4096) is the end of the line for practical R=
SA.<br>
<br>
</div>do you have any reference for that? =A0i am trying to find support us=
ing<br>
google's search with date constraints, but am not finding anything.<br>
<br>
the nsa paid $25m for certicom's patents according to<br>
<a href=3D"http://www.securityfocus.com/columnists/324" target=3D"_blank">h=
ttp://www.securityfocus.com/columnists/324</a> - maybe that is what you rem=
ember?<br>
<br>
all the reports on the $10m deal emphasise that it is new information; if i=
t<br>
was reportd at the time then that is quite significant.<br></blockquote><di=
v><br></div><div>I don't remember the source, sorry. It was quite likel=
y verbal.=A0</div><div><br></div><div>They put out this PR when the SuiteB =
came out.</div>
<div><br></div><div><a href=3D"http://www.thefreelibrary.com/U.S.+Departmen=
t+of+Defense+Agency+Selects+RSA+Security+Encryption...-a0143764730">http://=
www.thefreelibrary.com/U.S.+Department+of+Defense+Agency+Selects+RSA+Securi=
ty+Encryption...-a0143764730</a><br>
</div><div><br></div><div><br></div><div>But I remembered the deal when the=
first round of the DUAL_EC thing came out. And no, it was not the certicom=
deal which was completely different.</div><div><br></div><div>The NSA was =
pushing ECC at the time hard. They didn't have any reason to hide the d=
eal.=A0</div>
<div><br></div><div><br></div><div>What would be new data is confirming tha=
t the DUAL_EC RNG was the compromise hinted at in the previous report. We h=
ad a report that the NSA had bongoed some standard and there was consensus =
that the DUAL_EC was bongoed.</div>
<div><br></div></div><div><br></div>-- <br>Website: <a href=3D"http://halla=
mbaker.com/">http://hallambaker.com/</a><br>
</div></div>
--001a11c21fbae5ffd404ee16cc04--
--===============5621365322084490032==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============5621365322084490032==--
