| General > General Technical Chat |
| Crypto bombshell |
| << < (4/14) > >> |
| iMo:
The British kept their WWII crypto stuff secret till 70ties because of German technology which became popular in Eastern Block after WWII. The EB countries did some small improvements here and there, but the machines were still the same principle, or rather 1:1 copies of the German WWII technology. Thus "easy" to read. When you get a chance to talk with experts from that crypto community (especially those veterans from cold war time) you will get the basic rule - what is not home-made is always considered unsafe. Even home-made systems were always handled with pretty paranoia (the another basic rule - all the designers of your home made crypto systems are infiltrated agents of Dr. No). |
| Marco:
--- Quote from: TerraHertz on February 13, 2020, 07:46:24 am ---What would make the CIA no longer interested in maintaining backdoors in commonly used crypto products? --- End quote --- Because China and Russia weren't buying any more and standard security practices everywhere else have become so laughable it's completely unnecessary? |
| DimitriP:
Sun Tzu lived around 6th century BC. That's a really long time ago. He said among other things: "All warfare is based on deception. " The playbook is ancient. Almost as old as dirt. So why is everyone soooo surprized , crying "deception" and freaking out in the 21st century? Geez! |
| borjam:
--- Quote from: ebastler on February 12, 2020, 06:11:27 pm ---Well, Crypto AG was the name in the business for decades -- until strong cryptography algorithms became more well-published, and widely available microprocessors became powerful enough to implement them. They go back to Hagelin in the 1930s, and have delivered cryptography equipment to many (many!) governments and commercial customers. --- End quote --- Nothing new, if I am not wrong the British kept all the Enigma cracking operation secret for many, many years, and they offered recycled Enigma machines to some countries, maybe former colonies. |
| borjam:
--- Quote from: peter-h on February 13, 2020, 09:32:27 am ---Personally, I don't care if the NSA can read my emails etc. I just don't want chinese hackers getting into the servers which I am responsible for, and most of those are done via weaknesses in... wait for it... open source software :) --- End quote --- Remember that getting a cryptosystem right is much harder than it seems. It doesn't matter how strong your algorithms are if your application of them has some weakness. Remember OpenSSL severely compromised because of two apparently harmless lines of code were removed, which resulted in a dramatic drop of the entropy of the random generated keys. Now, good luck making such kind of software or even auditing it. Some weaknesses can be extremely subtle! |
| Navigation |
| Message Index |
| Next page |
| Previous page |