Is it possible?
Sure. Is it likely? No.
The NSA, and all other similar government agencies
throughout the world, have a dual role as both poacher and gamekeeper. In Australia, the public mission of the
Australian Signals Directorate is "Reveal Their Secrets – Protect Our
Own". The critical point is that
balance between attack and defence. Any
security agency that intentionally weakened a cryptographic algorithm that was
used to protect their own secrets, is fundamentally failing its mission. These agencies are full of the smartest
mathematical minds on the planet, and the idea that no other country will ever
discover the backdoor is fanciful at best.
Remember that the NSA has influenced cryptographic
algorithms in the past. DES was proposed
in 1975, and the NSA changed some of the ways that it worked. No-one knew why until 1990, when the
independent discovery of differential cryptanalysis showed that they had
strengthened the algorithm against a then unknown attack.
Occam's razor says that among competing hypotheses, the
hypothesis with the fewest assumptions should be selected. Which in this case is that the same thing has
happened with ECC and Dual-EC-DRBG that happened with DES.
There is ironically a side benefit to the NSA of all the
tin-foil-hat musings. People who worry
about non-existent backdoors will start to move to less secure cryptosystems,
which actually helps the NSA!
Phil Kernick Chief Technology Officer
@philkernick www.cqr.com
Phil Kernick Chief Technology Officer
@philkernick www.cqr.com
No comments:
Post a Comment