Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Encryption Security News

NSA Still Ahead In Crypto, But Not By Much 208

Posted by kdawson from the you-and-whose-army dept.
Hugh Pickens writes "Network World summarizes an RSA Conference panel discussion in which former NSA technical director Brian Snow said that cryptographers for the NSA have been losing ground to their counterparts in universities and commercial security vendors for 20 years, but still maintain the upper hand in the sophistication of their crypto schemes and in their ability to decrypt. 'I do believe NSA is still ahead, but not by much — a handful of years,' says Snow. 'I think we've got the edge still.' Snow added that that in the 1980s there was a huge gap between what the NSA could do and what commercial encryption technology was capable of. 'Now we are very close together and moving very slowly forward in a mature field.' The NSA has one key advantage (besides their deep staff of Ph.D. mathematicians and other cryptographic experts who work on securing traffic and breaking codes): 'We cheat. We get to read what [academics] publish. We do not publish what we research,' he said. Snow's claim of NSA superiority seemed to rankle some members on the panel. Adi Shamir, the "S" in the RSA encryption algorithm, said that when the titles of papers in NSA technical journals were declassified up to 1983, none of them included public key encryption; 'That demonstrates that NSA was behind,' said Shamir. Snow replied that when technologies are developed separately in parallel, the developers don't necessarily use the same terms for them."
This discussion has been archived. No new comments can be posted.

NSA Still Ahead In Crypto, But Not By Much More

NSA Still Ahead In Crypto, But Not By Much

Comments Filter:

  • Right... (Score:1, Informative)

    by Anonymous Coward on Tuesday March 09, 2010 @03:32AM (#31410842)

    That's what they want you to think.

  • Re:they aren't very well going to admit defeat. (Score:3, Informative)

    by introspekt.i ( 1233118 ) on Tuesday March 09, 2010 @03:38AM (#31410872)
    I believe the article said he was a Former NSA technical director.

  • Re:they aren't very well going to admit defeat. (Score:5, Informative)

    by Anonymous Coward on Tuesday March 09, 2010 @04:41AM (#31411128)

    Yes, really and truly, never in all time.

    A 256 bit key has 2^256 possibilities. That's 1.15x10^77 possibilities. If you can try 10 million keys in a second, then you "only" need 1.15x10^70th seconds. If you can multiply that speed by a factor of a thousand, then you "only" need 1.15x10^67th seconds. That's 3.67x10^59th years. The universe is only 1.3x10^10 years old.

    So never is more than fair. You would literally have to generate universes to generate universes to decrypt via brute force. By our current understanding of reality, impossible is correct, and anything shy of that is literally science ficition.

  • Re:they aren't very well going to admit defeat. (Score:5, Informative)

    by Holmwood ( 899130 ) on Tuesday March 09, 2010 @04:47AM (#31411156)

    Except he's (more or less) right. James Ellis, at GCHQ (roughly the UK equivalent of NSA) had developed the basics of public key cryptography by the end of 1969. This was about 6 years ahead of Diffie Hellman and Merkle. In 1973, a GCHQ cryptographer, Clifford Cocks, realized that one-way functions would be an elegant way of achieving Ellis' insight. See http://cryptome.org/ukpk-alt.htm [cryptome.org] for example. This was some years ahead of RSA.

    GCHQ and the NSA definitely would have exchanged this information. It's also quite possible that the US made some of these breakthroughs even earlier than the British; I've not paid much attention to anything NSA-related that has declassified in the last 5+ years.

  • Re:they aren't very well going to admit defeat. (Score:5, Informative)

    by JasterBobaMereel ( 1102861 ) on Tuesday March 09, 2010 @05:07AM (#31411216)

    Public key encryption, that would be the crypto system invented at GCHQ in the UK by public servants .... but not published and then re-invented (independently) by RSA 6-7 years later ...

  • Re:they aren't very well going to admit defeat. (Score:3, Informative)

    by muckracer ( 1204794 ) on Tuesday March 09, 2010 @05:48AM (#31411354)

    > I'm assuming we're talking a 256 character long password.
    > Because I'd sure love to see someone memorise a string of 1 and 0 that is 256 digits long.

    1 Character != 1 Bit of entropy.

    But anyway...with a diceware-like approach (http://www.diceware.com) you'll get approximately 12.92 bits of entropy per randomly chosen word. So you'd need only 20 words from the diceware list for your passphrase to actually match and surpass the 256-bit security of the underlying crypto algorithm. 20 words are not that hard to remember. Hell, in literature we had to memorize and recite "The sorcerer's apprentice", which is *pages* long!.

  • Re:Whatever! (Score:3, Informative)

    by Arccot ( 1115809 ) on Tuesday March 09, 2010 @11:27AM (#31414096)

    99.9% of the world's population is, well, the bottom 99.9% of the world. We're talking about the very smartest and most gifted people. The sort that shouldn't be happy if they do not achieve something.

    You are confusing genius with ambition. Not all geniuses want to take over the world. Some just want to lead a happy life.

Slashdot Top Deals

Say "twenty-three-skiddoo" to logout.

Close