[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[guardian-dev] pgp, nsa, rsa

To: [email protected], [email protected], [email protected]
Subject: [guardian-dev] pgp, nsa, rsa
From: [email protected] (Eugen Leitl)
Date: Wed, 11 Sep 2013 10:38:42 +0200

----- Forwarded message from Billy Gray <[email protected]> -----

Date: Tue, 10 Sep 2013 14:32:02 -0400
From: Billy Gray <[email protected]>
To: Aaron Lux <[email protected]>
Cc: Guardian Dev <[email protected]>
Subject: Re: [guardian-dev] pgp, nsa, rsa

Do you guys follow Matthew Green? Great stuff:

http://blog.cryptographyengineering.com/2013/09/on-nsa.html
http://blog.cryptographyengineering.com/2013/09/a-note-on-nsa-future-and-fixing-mistakes.html

I think he does a good job of breaking down what's in these recent reports.
It's a good thing to send to people who read the NY Times report and think
that all crypto is now broken (like a friend of mine asked me at NWC
yesterday).

And then there was this:

http://www.theguardian.com/commentisfree/2013/sep/10/nsa-matthew-green-takedown-blog-post-johns-hopkins

One more question: any of y'all used libTomCrypt? We have an experimental
implementation of it in SQLCipher. Open-source alternatives to OpenSSL
could use some love. DJB's NaCl is neat, too. Curious if you guys are leery
of relying so heavily on OpenSSL, given the above.

http://libtom.org/?page=features&newsitems=5&whatfile=crypt
http://nacl.cr.yp.to

Cheers,
Billy


On Tue, Sep 10, 2013 at 11:17 AM, Aaron Lux <[email protected]> wrote:

> NSAâ??s mission includes deciphering enciphered communications is not a
> secret, and is not news*. I am concerned the nytimes.com article will
> have the effect of causing the public to lose trust in all encryption
> including open-source algorithms. Hopefully people realize reviewing
> source code for encryption algorithms** is much more relaxing than
> reading the NY Times.
>
>
> * nsa.gov states that its mission includes leading â??the U.S. Government
> in cryptology â?¦ in order to gain a decision advantage for the Nation and
> our allies.â??
>
> ** ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.0.21.tar.bz2 and
>
> http://mirror.team-cymru.org/pub/OpenBSD/OpenSSH/portable/openssh-6.2p2.tar.gz
>
> > Look at the top and bottom of every page: TOP SECRET//SI//TK//NO FORN.
> > This is a secret document.
> >
> > Cheers,
> > Michael
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: [email protected]
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
>         Send email to:  [email protected]
>         Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/wgray%40zetetic.net
>
> You are subscribed as: [email protected]
>



-- 
Team Zetetic
http://zetetic.net

_______________________________________________
Guardian-dev mailing list

Post: [email protected]
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev

To Unsubscribe
        Send email to:  [email protected]
        Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/eugen%40leitl.org

You are subscribed as: [email protected]


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

Follow-Ups:
- [guardian-dev] pgp, nsa, rsa
  - From: [email protected] (Jon Callas)
- [guardian-dev] pgp, nsa, rsa
  - From: [email protected] (Fabio Pietrosanti (naif))

Prev by Date: [cryptography] ProPublica's Jeff Larson on the NSA Crypto Story and Another View
Next by Date: [cryptography] Forward Secrecy Extensions for OpenPGP: Is this still a good proposal?
Previous by thread: [cryptography] ProPublica's Jeff Larson on the NSA Crypto Story and Another View
Next by thread: [guardian-dev] pgp, nsa, rsa
Index(es):
- Date
- Thread