Comment by Exoristos
2 years ago
You're making an assumption that the NSA cares about the efficacy of cryptography for other people. Why would they care about that?
2 years ago
You're making an assumption that the NSA cares about the efficacy of cryptography for other people. Why would they care about that?
Because the NSA has equally well funded adversaries that would love to find a back door to the NIST standards the whole of the US government uses. Even if the highest levels of the military and government use secret squirrel super cryptography the rest is using NIST standards. It's all the boring parts of government that deposits paychecks and runs the badge readers to their offices.
> You're making an assumption that the NSA cares about the efficacy of cryptography for other people. Why would they care about that?
Hypothesis 1: because the NSA sees evidence that more efficient cryptographic algorithms are easier to crack for them.
To give some weak evidence for this: if you need brute force to crack the cipher (or hash function), a more efficient algorithm need less computation power to crack.
Hypothesis 2: A more efficient algorithm is likely to become applied in more areas than a less efficient one (think of smartcards or microcontrollers). So if the NSA finds a weakness or is capable of introducing a backdoor in it, it can decrypt a lot more data from more areas.
it's in the national security interest of the United States to have its industries use high-quality crypto
see: colonial oil pipeline hack
It's in the national security interest of the United States to have its industries use robust security practices.
Industries with secure fences that are regularly patrolled are entirely different to industries with partial coverage by unpatrolled rusty fences and a freestanding door frame that has a titanium unpickable lock.
Passwords get compromised that's a fact.
How the single employee password that got breached was obtained is still (AFAIK) a mystery - but this will always happen ... given many employess, at least one will eventually make a mistake.
After that, the VPN had no multifactor authentication, the network had no internal honey subnets, canary accounts, sanity checks, etc.
High-quality crypto alone does not make for secure systems.
And systems can be secure with lower quality crypto if the systems are robust.
I feel that examples argues the opposite.
It's not entirely known how every step of that attack went down, but "breaking low quality crypto" hasn't factored into any incident write up I've ever seen.
However, nearly all ransomware uses rsa. Therefore in this particular case, high quality crypto caused harm.
(To state the obvious, I'm not advocating for bad crypto, just discussing this case).