“Fool me once, shame on you. Fool me twice, shame on me.” Sorry, but they have ruined their trust reputation when it comes to these matters. Anyone that remembers their past shenanigans should take this announcement with an entire pillar of salt.
"We swear that our mathematicians don't know of any way to make those standards weak and reasonably breakable, that even before being published. Yes, really, we swear.... truuuuust uuuuuus!
And with 0-d... err... 0 "convenient bugs" in our hardware without toxic IP and lean and sane software (including our back-door generators... err... we meant the gcc/llvm/icc compilers), this will give us a bright and very secure (for our interests... err... "common" interests) digital future."
What's with the FUD here? Read the post quantum crypto NIST candidates [0]. They're all academic teams. NSA had a submission (Simon/speck) to the lightweight crypto competition (which by the way got absolutely trashed for lack of transparency). No submissions to the post quantum competition.
If you wanna see some valid criticisms of the existing PQC schemes, read the mailing lists. They're spicy.
Ok someone please make a concrete claim about what they fear has happened or will happen. Example: "I'm afraid the NSA hacked a submitter's email and used it to access their GitHub and change constants in the encryption algorithm."
From the article: “In 2013, it was reported that the NSA had paid $10 million to the security company RSA, in exchange for which, RSA allegedly implanted a compromised encryption algorithm into its products’ software called Dual_EC_DRBG. This algorithm is widely believed to have acted as a backdoor for the NSA.
In 2014, it was reported that the NSA had been intercepting U.S.-made hardware that was being sent abroad. NSA operatives would allegedly implant the products with backdoors, repackage them, then send them on their way.
In 2015, networking products manufacturer Juniper Networks announced that a suspected backdoor had been discovered inside the operating system that runs its firewalls. The NSA is long suspected of having been involved or having been inadvertently responsible for security weaknesses that allowed hackers to get inside the devices.
In 2020, Congress tried to get a straight answer out of the NSA as to whether it was still planting backdoors in U.S.-made hardware and software. Then NSA staffer Anne Neuberger said: “We don’t share specific processes and procedures.”
In February, it was reported that a backdoor affecting most Linux distributions had been discovered. The backdoor, dubbed “Bvp47,” was reportedly “linked” to the Equation Group, a well-known hacking group inside the NSA.”
There has been a constant barrage in congress against cryptography and hard encryption. They have lowered the standard algorithms used for things like Wi-Fi in the past.
8 comments
[ 4.6 ms ] story [ 23.1 ms ] threadAnd with 0-d... err... 0 "convenient bugs" in our hardware without toxic IP and lean and sane software (including our back-door generators... err... we meant the gcc/llvm/icc compilers), this will give us a bright and very secure (for our interests... err... "common" interests) digital future."
...
If you wanna see some valid criticisms of the existing PQC schemes, read the mailing lists. They're spicy.
[0] https://csrc.nist.gov/projects/post-quantum-cryptography/rou...
There has been a constant barrage in congress against cryptography and hard encryption. They have lowered the standard algorithms used for things like Wi-Fi in the past.