Quantum computers may soon be able to crack encryption methods in use today, so plans are already under way to replace them with new, secure algorithms. Now it seems the US National Security Agency may be undermining that process
Daniel Bernstein at the University of Illinois Chicago says that the US National Institute of Standards and Technology (NIST) is deliberately obscuring the level of involvement the US National Security Agency (NSA) has in developing new encryption standards for “post-quantum cryptography” (PQC). He also believes that NIST has made errors – either accidental or deliberate – in calculations describing the security of the new standards. NIST denies the claims.
“NIST isn’t following procedures designed to stop NSA from weakening PQC,” says Bernstein. “People choosing cryptographic standards should be transparently and verifiably following clear public rules so that we don’t need to worry about their motivations. NIST promised transparency and then claimed it had shown all its work, but that claim simply isn’t true.”
Also, is this the same Daniel Bernstein from the 95' ruling?
The export of cryptography from the United States was controlled as a munition starting from the Cold War until recategorization in 1996, with further relaxation in the late 1990s.[6] In 1995, Bernstein brought the court case Bernstein v. United States. The ruling in the case declared that software was protected speech under the First Amendment, which contributed to regulatory changes reducing controls on encryption.[7] Bernstein was originally represented by the Electronic Frontier Foundation.[8] He later represented himself.[9]
WHAT THE FUCK? This guys a stone cold fuckin gangster!
At 24 he took the largest surveillance apparatus in history to court... and won! He even raw dogged it — representing himself for a portion of the trial.
Honestly, I think his communication here is fine. He's probably going to offend some people at NIST, but it seems like he's already tried the cooperative route and is now willing to burn some bridges to bring things to light.
It reads like he's playing mathematics and not politics, which is exactly what you want from a cryptography researcher.
Sadly not new. The USA considers encryption to be a weapon of war (thanks Germany), so they do whatever they can to interfere with it. If you are making a new encryption scheme it will be illegal if the government doesn't have an easy way to break it.
Edit: the guy that made pgp got in a stink with the government if memory serves they tried to bop him with something to do with itar.
I have a pet theory that a lot of our passionate "movements" that get us all angry and upset are only those movements that benefit someone powerful.
I see stuff like this and think, "well that's another coin in that jar"
Like this should piss so many people off. Its something enough people know about. It's something that you would think would have all kinds of groups up in arms about. Like ask any self respecting 2A enthusiasts if the government should keep skeleton key to every lock in their house.
it will be illegal if the government doesn’t have an easy way to break it
Aren't there a lot of existing standards already can't be broken easily (by anyone)? That's why we have all these recent attempts to force backdoors into encrypted apps
Or is it just extra scrutiny if you're trying to make a new one
They seem to have calmed that down in recent years, and rely on the dumb public to store all their secrets on readily accessible corporate servers.
The maths war is hard to win (bigger keys handle most of that), and I honestly doubt most current encryption can be beaten reliably even with quantum computing.
How do you remove the paywall from the article? Just copy the URL of the article and provide it to archive.today, and that website just bypassed the paywall? How do they manage to bypass it? O.o
They need the content to be available for Google indexing reasons, it can only really be blocked through the client.
A smart enough backend system can access/crawl/index it, just like Google can. And then make it available to the public without the front end annoyance.
Before, elliptical curve encryption has been hailed as the new golden standard, only too bad there is a serious weakness where if you know the seed you can crack the code. And guess who has the seed? Starts with N and ends with SA.
Yeah you can observe this with letsencrypt failing to generate a certificate if you change the elliptic curve from an NSA generated curve to a generic/known safe one. Changing between different NSA curves are functionally fine. Forces all signed certificates to use curves that are known to have issues, deliberate or otherwise - i.e. backdoored.
You can't use arbitrary curves with certificates, only those which are standardized because the CA will not implement anything which isn't unambiguously defined in a standard with support by clients.
My point is that there is a documented listed of supported curves for ECDSA but attempting to use any other safe curve in the list results in a failure. I am not trying to use some arbitrary curve.
If your point is that no safe curve is permitted because the powers that be don't permit it, TLS is doomed.
Looking at the history of the any of the Clandestine US orgs should probably remind us these people will do literally anything that they can, like give people LSD in an attempt to control their mind, or put microphones in Russian cats.