Results 1 to 3 of 3

Thread: RSA Security tells customers to drop NSA-related encryption algorithm,

  1. #1
    Regular Member
    Join Date
    Feb 2013
    Location
    Thru Death's Door in Wisconsin
    Posts
    13,158

    RSA Security tells customers to drop NSA-related encryption algorithm,

    http://rt.com/usa/nsa-weak-cryptography-rsa-110/ An attaboy for Russia Today?

    Last week, the New York Times reported that Snowden's cache of documents from his time working for an NSA contractor showed that the agency used its public participation in the process for setting voluntary cryptography standards, run by the government's National Institute of Standards and Technology, to push for a formula that it knew it could break.

    NIST, which accepted the NSA proposal in 2006 as one of four systems acceptable for government use, this week said it would reconsider that inclusion in the wake of questions about its security.

    But RSA's warning underscores how the slow-moving standards process and industry practices could leave many users exposed to hacking by the NSA or others who could exploit the same flaw for years to come.

    http://www.nbcnews.com/technology/sn...ula-4B11212194
    NIST National Institute of Standards and Technology.

    https://news.google.com/news/rtc?ncl...1a646fdd57057d

    http://csrc.nist.gov/groups/STM/cavp...g/drbgval.html DRBG Validation List

    Trust the math https://en.wikipedia.org/wiki/DRBG
    Last edited by Nightmare; 09-20-2013 at 12:05 PM.
    I am responsible for my writing, not your understanding of it.

  2. #2
    Regular Member stealthyeliminator's Avatar
    Join Date
    Dec 2008
    Location
    Texas
    Posts
    3,318
    And they said cascaded encryption was for the paranoid...


    Man, the NSA seems pretty great at causing serious problems for Americans.

  3. #3
    Regular Member Jack House's Avatar
    Join Date
    Jun 2010
    Location
    I80, USA
    Posts
    2,661
    Quote Originally Posted by stealthyeliminator View Post
    And they said cascaded encryption was for the paranoid...


    Man, the NSA seems pretty great at causing serious problems for Americans.
    Few years ago, the tech security community was praising the efforts of the NSA for developing strong encryption methods/software and releasing it with an opensource license. I scoffed at the time, thinking who could trust a spy agency? People tried to reassure me that this was in the best interest of the NSA, after all by releasing the software they are helping to make the country safer. Putting backdoors into the encryption would destroy that security, so they wouldn't do.

    Course I still had an uneasy feeling about it and choose to go with my gut. Now we're finding out I was right all along. This is one of those times where I told you so is more of a burden than anything.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •