this post was submitted on 19 Oct 2023
410 points (97.2% liked)

Technology

59292 readers
4136 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Mathematician warns NSA may be weakening next-gen encryption::Quantum computers may soon be able to crack encryption methods in use today, so plans are already under way to replace them with new, secure algorithms. Now it seems the US National Security Agency may be undermining that process

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 115 points 1 year ago* (last edited 1 year ago) (4 children)

Daniel Bernstein (djb) is a well known and respected cryptography researcher so his claim carries a lot of weight. It's also worth noting that NIST didn't invent these post quantum encryption algorithm. Instead, they run a competition and select a winner. Djb's algorithm got a second place, so people were wondering if he's just being salty about it, though if NIST were really compromised, it's not hard to imagine they'll select a weaker algorithm as the winner instead. NIST has posted a response which might be worth a read.

Edit: added links to djb's original post

[–] [email protected] 30 points 1 year ago

They did it before and they'll do it again.

[–] [email protected] 13 points 1 year ago* (last edited 1 year ago)

I wish I could understand that math in that thread.

I have great respect for djb, but he was an ass here.

[–] [email protected] 7 points 1 year ago (1 children)

Thanks for that link - this whole story is massively overblown clickbait.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

The second link has replies that even say the OPs link contains conspiracy theory. The discussion there is better than all else, IMO.

Note: not denying Dan's claim as I'm not an expert here, just reiterating what I'm reading.

[–] [email protected] 4 points 1 year ago (1 children)

Yeah - at the very list it shows that this is more "reasonable people disagreeing about a detail" than it is "OMG THE NSA IS DESTROYING CRYPTO!"

[–] [email protected] 1 points 1 year ago (1 children)

I mean, DJB does mention NSA has more involvement over NIST than he expected, but that also doesn't mean their would be collaboration.

In my non-expert reading, NIST made it seem better than it was, DJB disagreed but overestimated how bad it was, and NIST "sort of" said "yea OK we may have bragged."

Either way, DJB is right to call out something being weaker than it should be. False confidence in encryption is about the worse thing that could happen in the digital age.

[–] [email protected] 2 points 1 year ago

Yeah - DJB definitely has a point to make and deserves to be listened to. But "Mathematician has questions about crypto complexity guidelines from NIST" isn't click-baity enough.