That's not true. SELinux is something developed by the NSA (well, one of their contractors) and it has undergone intense scrutiny. Yet, it's an important part of Android.
That optics section. Sounds like not only are they tapping into fiber, they've got the gov. equivalent of an industrial research lab working on how to do it.
Message encryption and authentication are typically performed separately. In other words,
a message is encrypted using one method and then a cryptographic hash of the message is generated
using a second method.
This invention is a device for and method of encrypting and authenticating a message and authenticating any additional
information. The present invention provides a cryptographically stronger authentication method and is more efficient to implement, than the prior art.
VALUE:
Provides combined authenticated encryption in efficient manner. Does not require random numbers, two encryption keys, or checksums.
Historically, the agency has preferred to throw hardware at the problem. They like to design ciphers that are optimized for cheap and fast hardware implementations (like Simon). And even today, they still design/build a lot of hardware encryptors. It's likely that they are using separate pieces of hardware to accomplish each task: one for message authentication, one for encryption, and one for decryption.
18 comments
[ 3.9 ms ] story [ 47.9 ms ] threadJoe Witt is a smart guy who put a lot of work into making a robust workflow tool there.
As I was reading my thought was "Wow, NASA spends a lot of time making technology that would be really useful for spying on people."
What could possibly go wrong?! It's like a secret handshake.
AUTHENTICATED CRYPTOGRAPHY PATENT NO.: 7,827,408
Message encryption and authentication are typically performed separately. In other words, a message is encrypted using one method and then a cryptographic hash of the message is generated using a second method. This invention is a device for and method of encrypting and authenticating a message and authenticating any additional information. The present invention provides a cryptographically stronger authentication method and is more efficient to implement, than the prior art.
VALUE: Provides combined authenticated encryption in efficient manner. Does not require random numbers, two encryption keys, or checksums.
A real good use case would be if you knew one of the two current processes was or was likely to become comprised.