You might ask how a weird and unnecessary randomness extension got rejected by the IETF but still wound up included in one of the most important commercial crypto libraries of the 2000s, one that also uses Dual EC by default. Reuters had some thoughts. google.com/amp/s/mobile.r
Conversation
Is this proof? No. It’s just lots and lots of coincidences all leading to the same result in a very short span of time. 🤷♀️
1
2
I don't understand is why they would take such a complicated approach focused on trying to backdoor cryptography primarily intended for use by the US government rather than others. No one in their right mind is using FIPS, etc. unless forced to do it for that.
1
1
I thought it was farfetched too. And then I found out that *every* product that used RSA BSAFE, the most popular crypto library of that time period, had exploitable Dual EC enabled by default.
I also found out that every Juniper NetScreen firewall sold after ‘08 did too.
2
4
I'm just a lot more inclined to believe they're severely incompetent and ended up pushing sketchy cryptography primarily for usage by the US government and US government contractors while damaging the reputation of US companies and their own.
2
1
Regardless of their motivation they damaged the reputation, economy and national security of the US while burning tons of money as usual. I'm pretty skeptical about their ability to keep something of this scale secret, at least if the people doing it understood the purpose of it.
1
1
They didn’t keep it secret. A guy named Snowden leaked most of the details. All we’re doing is trying to tie up a few loose ends.
1
2
Not saying that they haven't subverted cryptography but rather this seems overly elaborate along with it being openly tied to them from the start and primarily aimed at US government / contractor usage. I'm more inclined to believe they'd sneak a backdoor into OpenSSL than this.
2
1
They did get a variant of this into OpenSSL. A USG contractor paid for it.
2
2
So, it was for FIPS, and was anyone using it other than the US government / contractors? They *were* using across multiple products themselves, right?
1
I don't need to be convinced that they've tried to subvert cryptography but rather that they would approach it by openly and publicly tying themselves to it while pushing it primarily for US government / contractor usage, not others.
In OpenSSL it was for FIPS. For Dual EC and Juniper it was the default in all devices.
You plant a thousand flowers and hope that some will bloom. Some did bloom.
1
2
And I can see how that could fit together, but you're talking about it as if it's certain and as if you know Salter was involved in orchestrating it. So, she knew about it and agreed to take the fall for whatever happened since it was her name being attached to it this way?
2
Show replies