← Back to context

Comment by jeffparsons

3 years ago

> I believe the implication that NIST or NSA somehow bribed one of the PQC researchers to weaken a submission is risible.

Is that even a claim here? I'm on mobile right now so it's a bit hard for me to trawl through the DJB/NIST dialogue, but I thought his main complaint is that NIST didn't appear to have a proper and clear process for choosing the algorithms they did, when arguably better algorithms were available.

So the suggestion wouldn't necessarily be that one of the respected contestants was bribed or otherwise compromised, but rather that NIST may have been tapped on the shoulder by NSA (again) with the suggestion that they should pick a specific algorithm, and that NSA would make the suggestion they have because their own cryptographers ("true believers" on NSA payroll) have discovered flaws in those suggested algorithms that they believe NSA can exploit but hopefully not adversaries can exploit.

There's no need for any novel conspiracies or corruption; merely an exact repeat of previous NSA/NIST behaviour consistent with NSA policy positions.

It's simultaneously about as banal as it gets, and deeply troubling because of that.

19 comments

jeffparsons

Reply
tptacek  3 years ago

It is indeed a claim here; in fact, it's probably the principle claim.

  • monocasa  3 years ago

    I guess I'm not reading it that way. In fact, a FOIA request is going after official records, which I wouldn't expect would contain outright bribery.

    Yes, DJB brings up their known bribing of RSA wrt to the whole Dual-EC thing. But my read of that bit of info was the more general 'here's evidence that the NSA actively commits funding towards infecting standards' rather than 'the NSA's playbook just contains outright bribery and that's what we expect to find in the FOIA requests given to NIST'.

  • _notreallyme_  3 years ago

    The actual claim is that NSA may have already spent a lot of time and effort to analyse PQC algorithm underlying problems without making their findings public.

    DJB seems to suspect that they may influence NIST to select algorithms and parameters within the range of what they already know how to break.

    • tptacek  3 years ago

      Huh? Of course NSA spent a lot of time and effort analyzing algorithms without making their findings public. That is their literal job. The peer review NIST is refereeing happened in the open. When people broke SIDH, they didn't whisper it anyone's ear: they published a paper. That's how this stuff works. Bernstein doesn't have a paper to show you; all he has is innuendo. How you know his argument is as limp as a cooked spaghetti noodle is that he actually stoops to suggesting that NSA might have bribed one of the members of the PQC teams.

      If he had something real to say, he wouldn't have embarrassed himself like that. How I think I know that is, I think any reasonable person would go way out of their way to avoid such an embarrassing claim, absent extraordinary evidence, of which he's presented none.

      9 replies →