Interesting article about NSA facility and capabilities
igb at batten.eu.org
Tue Mar 27 11:21:08 BST 2012
On 27 Mar 2012, at 10:36, Brian Morrison wrote:
> I wondered if this might be an attempt to discourage the use of
> encryption for email in particular, after all they're not going to be
> able to discourage it for online commerce.
Given http://goo.gl/Yeuvx it seems that encouraging people to believe AES is broken might have some benefits.
My own view is that you can trust AES for as long as it's accredited for IL5 and above information. So long AES is in NSA Suite B, and NSA Suite B is accredited for TOP SECRET, it would be extraordinary were it to turn out that the NSA had an effective attack on AES. That would imply the deliberate use of known-broken algorithms in the hope that the opponents don't know those weaknesses and won't find them until the data ciphered with that broken algorithm is no longer sensitive. The life-span of TS could be decades, and a gamble on "the state of Chinese/Russian/etc cryptanalysis between now and 2060" seems one few bookmakers would quote odds on.
The public policy benefit (you might be able to decrypt some data from bad guys without "practical" side-channel attacks, which almost certainly exist unless the bad guys have a sophisticated IA capability) seems pretty weak compared to the public policy disbenefit (the bad guys might be able to decrypt all TS traffic, with no way for you to know it's happening).
More information about the ukcrypto