18 comments

[ 3.9 ms ] story [ 47.9 ms ] thread
I misread this as "NASA 2014 Technology".

As I was reading my thought was "Wow, NASA spends a lot of time making technology that would be really useful for spying on people."

The downvotes are because everyone else is too embarrassed to admit they made this mistake as well. :-)
And if we can't trust NSA-made or NSA-influenced technologies, what can we trust?
I really like the free USB drive they give out at events.
That's not true. SELinux is something developed by the NSA (well, one of their contractors) and it has undergone intense scrutiny. Yet, it's an important part of Android.
I would never click that link.
That optics section. Sounds like not only are they tapping into fiber, they've got the gov. equivalent of an industrial research lab working on how to do it.
Page 64: Providing a Computer User with High-Level Privileges

What could possibly go wrong?! It's like a secret handshake.

I cringed when I read that one
Any thoughts on the final line of this refers to?

AUTHENTICATED CRYPTOGRAPHY PATENT NO.: 7,827,408

Message encryption and authentication are typically performed separately. In other words, a message is encrypted using one method and then a cryptographic hash of the message is generated using a second method. This invention is a device for and method of encrypting and authenticating a message and authenticating any additional information. The present invention provides a cryptographically stronger authentication method and is more efficient to implement, than the prior art.

VALUE: Provides combined authenticated encryption in efficient manner. Does not require random numbers, two encryption keys, or checksums.

Two processes offer twice as many attack surfaces as one process...not considering interprocess communication as a surface in its own right.

A real good use case would be if you knew one of the two current processes was or was likely to become comprised.

Historically, the agency has preferred to throw hardware at the problem. They like to design ciphers that are optimized for cheap and fast hardware implementations (like Simon). And even today, they still design/build a lot of hardware encryptors. It's likely that they are using separate pieces of hardware to accomplish each task: one for message authentication, one for encryption, and one for decryption.