| |
| ▲ | tptacek 18 hours ago | parent [-] | | You don't understand the article you just quoted. It is certainly not the case that I published an article in 2015 questioning Dual EC. You might be the only person in the world with an opinion about Paul Hoffman, by the way. I had to look him up. I mean, it's obvious what you did here: you went to my blog hoping to find the "Dual EC is fine" story, misread this one, and then took a random name out of it and tried to cast them as an archvillain. | | |
| ▲ | philodeon 17 hours ago | parent [-] | | As your article points out, Hoffman wrote a specification for spewing as many NSA-controlled “random” bytes into TLS packets as he could get away with, after Rescorla’s attempt failed. Hoffman’s work became an experimental RFC. Yet, your article says “In at least one case, Hoffman even attempted to provide a cryptographic rationale for extra randomness. Of course, naming-and-shaming either of them is pretty silly.” This makes no sense. We have names for criminal equivalents of his behavior: criminal mischief, disturbing the peace, conspiracy, etc. But if you do these things on a standards board, you get a pass? This was a concerted well-funded effort to compromise your security and my security. I think he should be put in a pillory and tarred-and-feathered. You continue to cover for malicious actors with your “but the NSA didn’t write it!” insistence. The classic anti-Schneier Dual-EC take around 2007 was “but the NSA wouldn’t insert a backdoor, they would destroy their public image!” Your insistence is the equivalent of “but the NSA wouldn’t do that AGAIN!” Fool me once… | | |
| ▲ | tptacek 17 hours ago | parent [-] | | The article you're talking about literally opens "I think Dual EC is a backdoor". You don't understand it. You don't know who Paul Hoffman even is. Why would we keep discussing this? | | |
| ▲ | philodeon 17 hours ago | parent [-] | | Because both the article and your continued arguments about ML-KEM demonstrates that in confirmed cases of NSA sabotage and in hypothetical cases of NSA sabotage, your job is to deflect, minimize, and avoid any responsibility being doled out. I hope you’re well paid for this job. When we find out that the ML-KEM math was thoroughly broken by NSA for years, your response will be “gosh, nobody could have known that. It’s best not to hold anyone responsible though, certainly not the NIST employees whose names are all over the evidence…” | | |
| ▲ | tptacek 17 hours ago | parent [-] | | Again: you pretty clearly don't understand the article you're citing. And that's easy mode compared to LWE vs RLWE. I don't think there's anything productive to be gained from us continuing to talk. | | |
|
|
|
|
|