[nycbug-talk] RSA/DSA for encryption: has it's time come?

George Rosamond george at ceetonetechnology.com
Fri Sep 6 12:50:47 EDT 2013

Isaac (.ike) Levy:
> On September 6, 2013 09:36:15 AM EDT, Justin Dearing
> <zippy1981 at gmail.com> wrote:
>>> From Schneier <http://www.theguardian.com/profile/bruceschneier>'s
>>> Guardian
>> article today:
>> http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
>>> Prefer conventional discrete-log-based systems over elliptic-curve
>> systems; the latter have constants that the NSA influences when they can.
>> I'm ignorant of the inner working of elliptic-curve systems. Obviously
>> Bruce is an authority, but is he right here? Are the older algorithms
>> safer
>> from NSA evesdropping?
> He dives into the bits a bit more in his blog,
> http://www.schneier.com/blog/archives/2013/09/the_nsas_crypto_1.html
> But in this post, his rationale apears to merely be well-informed
> conjecture:
> "Certainly the fact that the NSA is pushing elliptic-curve cryptography
> is some indication that it can break them more easily."
> Would I trust Schneier on this?  Heck yeah.  Do I want more concrete
> information, ABSOLUTELY.
> -- 
> In the meantime, everyone has multiple keys- of different algorithms, in
> places which matter, right?  :)

I have been following this stuff, like most other people, and
readjusting the threat model in my head.

The problem is, to unfortunately quote Rumsfeld, there aren't just
'known unknowns' but there are also 'unknown unknowns'.

Methodology remains important.  Layered and time-based security.
Determining the adversaries, the stakes involved, the costs to both the
target and adversary... it's not just some simple binary question.  And
security/anonymity/privacy need to be in the design of solutions, and
verifiable, privacy policies/assurances/reputations are not only
useless, they provide false security.

Guessing about the integrity of ecdsa is beyond any of us.  If Schneier
doesn't really have some hard and fast answer, who does?

One his articles talks about his own adjustments in procedures... air
walling with a new PC, etc.


I think we all need to get acquainted to the array of tools:

* file/block wiping (man rm for -P, bcwipe, etc)
* gnupg for email, files, etc
* the native encryption tools on the bsds (softraid, geli/gbde)
* Tor client software (of course I was expected to mention that)
* RUN Tor NODES.  Please.  Whatever bandwidth >=20K you can swing.  On
BSDs.  There's Debian monoculture hell right now on that network.  Even
if all the relays were all OpenBSD current snapshots, it would still be
a monoculture hell (although entirely more comforting at least ;)

But Schneier's argument is about engineers reworking protocol beyond
mere tools.  Even non-devs here have a role though.  Become a
'translator' for non-techs.

Jan S posted this to Stanford's Liberation Tech list, one of the big
forums for these discussions.  He is hopefully going to be doing that
talk in NYC in the near future (not for us...)


So much to think about, argue and figure out... but I for one, would
love to see the BSDs fit into these questions more effectively.  First
step, FBSD www site should drop goog analytics :)  More on that topic in
a later thread.

Sorry for long ramble... those who know me realize I'm living in this
'space' for a long while.


More information about the talk mailing list