ISO Rejects NSA Encryption Algorithms(schneier.com)
schneier.com
ISO Rejects NSA Encryption Algorithms
https://www.schneier.com/blog/archives/2017/09/iso_rejects_nsa.html
16 comments
Boy, those Trojans really got us with that last horse, hoowee, but this one looks solid.
Previous HN discussion on the same topic (different source): https://news.ycombinator.com/item?id=15302662
I felt that tptacek's top comment in that thread was the best synopsis for the whole situation.
I felt that tptacek's top comment in that thread was the best synopsis for the whole situation.
tptacek's comment lower down is interesting:
> I've already stipulated the politics of the story, which are deeply boring to me.
I'm not sure it's possible to be bored by "politics"-- i.e., to be bored by evidence from the Snowden leaks that the NSA is interested in pushing and has pushed kleptographic cryptography to undermine standards-- and be seriously engaged in a technical analysis.
It's like saying you're only interested in the code of the winning entry of the Underhanded C Contest, but not at all interested in the rules of the challenge. If someone's analysis under those circumstances is that the code looks like it does a fine job of completing its task, one should be skeptical.
[1] http://www.underhanded-c.org/
> I've already stipulated the politics of the story, which are deeply boring to me.
I'm not sure it's possible to be bored by "politics"-- i.e., to be bored by evidence from the Snowden leaks that the NSA is interested in pushing and has pushed kleptographic cryptography to undermine standards-- and be seriously engaged in a technical analysis.
It's like saying you're only interested in the code of the winning entry of the Underhanded C Contest, but not at all interested in the rules of the challenge. If someone's analysis under those circumstances is that the code looks like it does a fine job of completing its task, one should be skeptical.
[1] http://www.underhanded-c.org/
His point is that he wanted to discuss the technical details of the cipher design and not the political background story. He specifically said he agrees that it seems sensible ISO has not adopted this standard in light of NSA's subversive Dual EC DRBG deception, but that it also is very unlikely these ciphers contain or could contain a backdoor.
He's not at all arguing that ISO is in the wrong to decline accepting the algorithms or that the politics don't matter; just that they probably didn't backdoor these 2 particular algorithms. NSA has voided all of their goodwill, no doubt, but that's not what he was addressing.
I imagine the cryptographers working at NSA who are genuinely trying to design secure, non-backdoored algorithms are very unhappy at how badly their organization shot themselves in the foot.
He's not at all arguing that ISO is in the wrong to decline accepting the algorithms or that the politics don't matter; just that they probably didn't backdoor these 2 particular algorithms. NSA has voided all of their goodwill, no doubt, but that's not what he was addressing.
I imagine the cryptographers working at NSA who are genuinely trying to design secure, non-backdoored algorithms are very unhappy at how badly their organization shot themselves in the foot.
mtgx(4)
Good. Best case scenario was still bad: establishing precedent and credence in favor of the NSA.