×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NSA Still Ahead In Crypto, But Not By Much

kdawson posted more than 4 years ago | from the you-and-whose-army dept.

Encryption 208

Hugh Pickens writes "Network World summarizes an RSA Conference panel discussion in which former NSA technical director Brian Snow said that cryptographers for the NSA have been losing ground to their counterparts in universities and commercial security vendors for 20 years, but still maintain the upper hand in the sophistication of their crypto schemes and in their ability to decrypt. 'I do believe NSA is still ahead, but not by much — a handful of years,' says Snow. 'I think we've got the edge still.' Snow added that that in the 1980s there was a huge gap between what the NSA could do and what commercial encryption technology was capable of. 'Now we are very close together and moving very slowly forward in a mature field.' The NSA has one key advantage (besides their deep staff of Ph.D. mathematicians and other cryptographic experts who work on securing traffic and breaking codes): 'We cheat. We get to read what [academics] publish. We do not publish what we research,' he said. Snow's claim of NSA superiority seemed to rankle some members on the panel. Adi Shamir, the "S" in the RSA encryption algorithm, said that when the titles of papers in NSA technical journals were declassified up to 1983, none of them included public key encryption; 'That demonstrates that NSA was behind,' said Shamir. Snow replied that when technologies are developed separately in parallel, the developers don't necessarily use the same terms for them."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

208 comments

Rob Malda's tranny died under mysterious circumsta (0, Funny)

Anonymous Coward | more than 4 years ago | (#31410800)

Rob Malda's tranny died under mysterious circumstances

New details about Rob Malda's past may come out in the divorce proceedings with his wife of 8 years, Kathleen. Page 6 speculates that she may fight the prenup, citing Malda’s infidelity with various street trannies.

In 2007, Malda was caught by Dexter police with a transvestite hooker in his car. He told his wife that he “stopped to help a person crying.” Several other hookers sold tales of Malda’s solicitation to the tabloids, and all of them were convinced to recant, with one exception:
Paul Barresi, a private detective who claims he was hired for damage control by Malda when the scandal broke, tells Page Six: “I called [Malda attorney] Marty ‘Bull Dog’ Singer and told him I could round up all the transsexuals alleging sexual dalliances with Malda.” And they would all recant their stories.

“In less than 10 days,” Barresi says, “I got them all to sign sworn, videotaped depositions, stating it wasn’t Malda himself, but rather a look-alike, who they’d encountered - with the exception of Suiuli.” In 2008, she fell to her death from her Dexter roof.

Atisone Suiuli was the tranny found in Malda’s car in 2007. After being caught by police, she had proof that she was with Malda and wouldn’t change her story. How convenient for him that she died soon afterwards.

Re:Rob Malda's tranny died under mysterious circum (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31410866)

Why did Rob Malda bring a fucking Macbook to Linux World? Can you say "Douchebag"?

Re:Rob Malda's tranny died under mysterious circum (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31411278)

These are the best fucking trolls ever! Hilarious!! Just so randomly targeted at Malda - it makes me giggle

So much better than GNAA or shiteating or whatever.

APPLAUSE!!

they aren't very well going to admit defeat. (3, Interesting)

timmarhy (659436) | more than 4 years ago | (#31410824)

what else would you expect from a public servant. he won't admit the private sector has them beat because it'd be the end of his job.

Re:they aren't very well going to admit defeat. (2, Insightful)

ipquickly (1562169) | more than 4 years ago | (#31410846)

We do not publish what we research

And they also do not publish what they don't research.
Or if and when they suffer or do not suffer defeat.

Re:they aren't very well going to admit defeat. (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31411004)

The lolly-pop is a phallic symbol. It was invented by man in his eternal quest to subjugate women and dominate them by teaching children the act of fellatio at a young age - especially female children. To have equality among people, we should eliminate such travesties of recreation.

Re:they aren't very well going to admit defeat. (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31411062)

The lolly-pop is a phallic symbol. It was invented by man in his eternal quest to subjugate women and dominate them by teaching children the act of fellatio at a young age - especially female children. To have equality among people, we should eliminate such travesties of recreation.

It is actually to create lesbians. the lolly-pop teaches them how to do clitoritis.

Re:they aren't very well going to admit defeat. (2, Informative)

introspekt.i (1233118) | more than 4 years ago | (#31410872)

I believe the article said he was a Former NSA technical director.

Re:they aren't very well going to admit defeat. (4, Insightful)

zappepcs (820751) | more than 4 years ago | (#31410906)

It occurs to me to think that real encryption is not beatable, but workable encryption is. The problem is not who has the best or admits to not having it, it's who has best real encryption that is workable between arbitrary peers. I can easily encrypt a drive that you will NEVER decrypt, but then neither will I be able to. It's the secrecy of the key that is the quest, not the encryption particularly. Hiding the key when it is shared publicly is a problem, will always be a problem, and the race is not necessarily one brain trust against another for the best hiding technique, but rather a race to figure out the best way to hide it for a reasonable amount of time from the most people. The fastest car on the planet is not declared the Indy500 winner, only the car that conforms to the rules of the race is. This race is not winable in the long term, and only valid as a race in the very short term. Don't count on your encrypted hard drive to protect your data from everyone, for all time. That's simply not going to happen.

Re:they aren't very well going to admit defeat. (1)

MoeDumb (1108389) | more than 4 years ago | (#31410998)

"I can easily encrypt a drive that you will NEVER decrypt, but then neither will I be able to. It's the secrecy of the key that is the quest..."

Why wouldn't you be able to decrypt it? Memorize a long, unguessable password you keep in your head that's never written down or shared. I won't be able to decrypt the drive but you will.

Re:they aren't very well going to admit defeat. (1)

aussie_a (778472) | more than 4 years ago | (#31411060)

You don't think someone, given enough time, would be able to brute-force your password? The use of Never in zeppepcs post would imply he means literally NEVER. Not "in a reasonable amount of time" or "within a timeframe that the information stored is still valuable" but NEVER IN ALL TIME!!!

Re:they aren't very well going to admit defeat. (5, Informative)

Anonymous Coward | more than 4 years ago | (#31411128)

Yes, really and truly, never in all time.

A 256 bit key has 2^256 possibilities. That's 1.15x10^77 possibilities. If you can try 10 million keys in a second, then you "only" need 1.15x10^70th seconds. If you can multiply that speed by a factor of a thousand, then you "only" need 1.15x10^67th seconds. That's 3.67x10^59th years. The universe is only 1.3x10^10 years old.

So never is more than fair. You would literally have to generate universes to generate universes to decrypt via brute force. By our current understanding of reality, impossible is correct, and anything shy of that is literally science ficition.

Re:they aren't very well going to admit defeat. (1)

aussie_a (778472) | more than 4 years ago | (#31411254)

Wait, I'm assuming we're talking a 256 character long password. Because I'd sure love to see someone memorise a string of 1 and 0 that is 256 digits long.

Re:they aren't very well going to admit defeat. (1)

Chatterton (228704) | more than 4 years ago | (#31411308)

Somes love to memorise thousands of digits of PI. Why it could not be conceivable to memorise only 256 bits or 64 Hex digits or 50 [A-Z0-9] chars or 43 [A-Za-z0-9] chars... I know i could not memorise something like that, but some people can.

Re:they aren't very well going to admit defeat. (0)

Anonymous Coward | more than 4 years ago | (#31411352)

A (completely random) 256 character password would actually have 2048 bits of entropy (i.e. much more than needed). Theoretically, a 32 character password should be enough, as long as it is chosen at random from all possible 256-bit strings (not very likely, given than people tend to use 7-bit ASCII characters for passwords).

Aaaaanyway... realistically, you don't even need to memorize such a hard password: it suffices to memorize a phrase (which _should_ be easier to memorize than a random 256-bit string) and use salt+password strengthening (i.e. iterate your password+salt through SHA1 10000 times; whatever comes out is your "working password"). This way, it becomes much "easier" for crackers to just attempt to crack directly the whole 256-bit space (which, as someone shown above, is quite hard) than to try to crack it via dictionary (having to do 10000 SHA1 calculations per key attempt isn't nice). It's important to notice that the password strengthening phase (iterating SHA1 a bunch of times) costs basically nothing if you're doing it only once (i.e. you know the passphrase and you want to decrypt your data), but ends up being very costly for someone attempting to crack your encryption using dictionary attacks.

Re:they aren't very well going to admit defeat. (2, Informative)

muckracer (1204794) | more than 4 years ago | (#31411354)

> I'm assuming we're talking a 256 character long password.
> Because I'd sure love to see someone memorise a string of 1 and 0 that is 256 digits long.

1 Character != 1 Bit of entropy.

But anyway...with a diceware-like approach (http://www.diceware.com) you'll get approximately 12.92 bits of entropy per randomly chosen word. So you'd need only 20 words from the diceware list for your passphrase to actually match and surpass the 256-bit security of the underlying crypto algorithm. 20 words are not that hard to remember. Hell, in literature we had to memorize and recite "The sorcerer's apprentice", which is *pages* long!.

Re:they aren't very well going to admit defeat. (1)

alanw (1822) | more than 4 years ago | (#31411358)

Because I'd sure love to see someone memorise a string of 1 and 0 that is 256 digits long.

You don't memorise ones and zeros, you pack them into characters.

The life that I have is all that I have
And the life that I have is yours
The love that I have of the life that I have
Is yours and yours and yours.
A sleep I shall have, a rest I shall have
Yet death will be but a pause
For the peace of my years in the long green grass
Will be yours and yours and yours.

306 characters: far far more than is needed.

The author of the poem was a truly remarkable man who led an amazing life.

Re:they aren't very well going to admit defeat. (0)

Anonymous Coward | more than 4 years ago | (#31411422)

Exactly. Using keyphrases (especially with salted hashing) it's easy to obtain a password with more than 256 bits of entropy. Hell, even this has more than 256 bits of entropy: We're no strangers to love. You know the rules and so do I. A full commitment's what I'm thinking of. You wouldn't get this from any other guy.

Re:they aren't very well going to admit defeat. (1)

MoeDumb (1108389) | more than 4 years ago | (#31412024)

"Memorize a long, unguessable password you keep in your head that's never written down or shared. I won't be able to decrypt the drive but you will." (quoting myself somewhere above). Here's an illustration: Memorize that poem. Take the first letter of each word. Capitalize every fifth letter. Precede and end the result with five predetermined numbers. Now you have your *unbreakable* password.

Re:they aren't very well going to admit defeat. (1)

vlm (69642) | more than 4 years ago | (#31412050)

Wait, I'm assuming we're talking a 256 character long password. Because I'd sure love to see someone memorise a string of 1 and 0 that is 256 digits long.

Three hours later and no one noticed his post was 155 characters long (at least wc -l claims that). You can look at that as about 8 bits per byte of raw very non random data, giving 1240 bits of nonrandom data and he only needs 256 bits. Pessimistically you might pull 2 bits of randomness out per byte, yielding a whopping 310 bits of randomness. Anyway, thats more than enough to feed a hash function to get a nice even 256 bits. I pushed his post thru sha256sum and got the following 256 bit hash:

d254ed3793668c774d24c55b8553036becb1a9bf1b11401cde27b4bf7bc02f89

Can the OP memorize that hash? Probably not. Can he memorize his post, including his misspelled "memorize" word? Most likely. Everyone works with some clown who memorized every star trek and star wars script, so memorizing one slashdot post is not exactly a heroic achievement.

Even if you only pull one bit of stinky randomness out per byte, his post would still be 155 bits strong, frankly not bad. Add a couple bits of salt (not too many) and it'll do, it'll do.

Re:they aren't very well going to admit defeat. (3, Insightful)

Ed Avis (5917) | more than 4 years ago | (#31411654)

You would literally have to generate universes

Isn't that what quantum computing does?

Re:they aren't very well going to admit defeat. (2, Interesting)

xtracto (837672) | more than 4 years ago | (#31411856)

You are assuming that whoever wants to break the encryption is doing a brute force attack.

The classical [wikipedia.org]

encryption breaking methods are mainly based on frequency and statistics. I am sure nowadays the NSA and other entities in charge of breaking encrypted content have more sophisticated methods.

Re:they aren't very well going to admit defeat. (1)

divisionbyzero (300681) | more than 4 years ago | (#31411970)

Yes, really and truly, never in all time.

A 256 bit key has 2^256 possibilities. That's 1.15x10^77 possibilities. If you can try 10 million keys in a second, then you "only" need 1.15x10^70th seconds. If you can multiply that speed by a factor of a thousand, then you "only" need 1.15x10^67th seconds. That's 3.67x10^59th years. The universe is only 1.3x10^10 years old.

So never is more than fair. You would literally have to generate universes to generate universes to decrypt via brute force. By our current understanding of reality, impossible is correct, and anything shy of that is literally science ficition.

Uh, no. You are assuming that things will always work the way that they do. By that I mean, presumably, you think 10 million keys is a lot of keys, but what if we could test 2^256 keys per second? Then it's easily decrypted. Obviously given the way we currently do things that's not possible but we may be able to do it with quantum computing (or maybe not). Finally, if you are so keen on constraining things according to the real world, then it's unlikely we'd need to resort to brute-force. All encryption relies on algorithms and algorithms must be implemented. Any given implementation is susceptible to compromise even quantum encryption. So, I'd say it's a safer bet that any encryption can be broken rather than vice versa.

Re:they aren't very well going to admit defeat. (2, Insightful)

Kjella (173770) | more than 4 years ago | (#31411450)

You don't think someone, given enough time, would be able to brute-force your password? The use of Never in zeppepcs post would imply he means literally NEVER. Not "in a reasonable amount of time" or "within a timeframe that the information stored is still valuable" but NEVER IN ALL TIME!!!

No, and there's good physical arguments to "NEVER IN ALL TIME!!!" despiate your attempts at hyperbole. Currently the best theories we got suggests there's a lower entropy limit of kT*ln 2 (the Von Neumann-Landauer limit) per operation, which is on the order of 10^-23 joule. The energy of the sun via E=mc^2 is on the order of 10^47 joule. So at most you can do is 10^70 operations but 2^256 = ~10^77. In other words you can't get through the keyspace before you run out of energy, even taking ideal assumptions.

Granted, this doesn't account for all the matter in the universe. If you include that, you probably have to move to a 384 bit key but it's still quite finite as opposed to burning through every star in every galaxy in the observable universe. Of course, this is only if you have a 256-bit cipher with no cryptological attacks. AES256 is already shown to be flawed with a strength of only 119 bits, though that too is considered practically impossible but not nearly as physically impossible. But I'm sure we will find such a cipher, it's just that we'll never know when we're there.

Re:they aren't very well going to admit defeat. (1)

siloko (1133863) | more than 4 years ago | (#31411108)

Let's be honest if a key resides on my head then the kind of 'brute force' method of recovery is likely to hit against my singular lack of resolve - being a geek and not a spy I don't tend to fare well under torture!

Re:they aren't very well going to admit defeat. (1)

JackieBrown (987087) | more than 4 years ago | (#31411242)

being a geek and not a spy I don't tend to fare well under torture!

You'll never know until you try :)

Re:they aren't very well going to admit defeat. (1)

muckracer (1204794) | more than 4 years ago | (#31411400)

> > being a geek and not a spy I don't tend to fare well under torture!

> You'll never know until you try :)

Just imagine the geeky & fun role-playing games you can have with your SO.

She (in german Nazi-Uniform):
"You WILL give me ze passphrase jetzt!!"

You (unfortunate prisoner):
"No! Never!!"

She (in german Nazi-Uniform):
"Zen I will have to beat zis information out of you!"

You (unfortunate prisoner):
"Oh no's! Not the whip again!! Well...do what you must..." ^__^

Of course, make sure you have a safe word when playing so you can stop. Low entropy is a feature in this case, whereas 512-bit hashes are, well, not that ideal ;-)

Re:they aren't very well going to admit defeat. (1)

TheLink (130905) | more than 4 years ago | (#31411602)

> Of course, make sure you have a safe word when playing so you can stop.

Sounds simple to me:

red = stop right now
yellow = not feeling comfy with things
green = go!

But I'm one of those Slashdot virgins with no SO, so what would I know :p.

p.s. this might actually be a steganographic message, or maybe just a noise message to foil traffic analysis. ;)

Re:they aren't very well going to admit defeat. (1)

muckracer (1204794) | more than 4 years ago | (#31411628)

> > Of course, make sure you have a safe word when playing so you can stop.

red = stop right now
yellow = not feeling comfy with things
AHHH....OUUUUUCHH!!! = go!

There...fixed it for 'ya. ;-)

Re:they aren't very well going to admit defeat. (1, Funny)

Anonymous Coward | more than 4 years ago | (#31411002)

You sound like an English major who was forced to write a technical essay.

Re:they aren't very well going to admit defeat. (1)

siloko (1133863) | more than 4 years ago | (#31411098)

Belly Laugh - I'd mod you up but I want to comment . . .

Re:they aren't very well going to admit defeat. (1)

sopssa (1498795) | more than 4 years ago | (#31411016)

I don't think hiding the key has been a problem. Public-key cryptography already enables the other key to be publicly known and it doesn't reveal the private key required to encrypt in that. Also if you're using password based key, then obviously you cannot make it public. In the end all of the cryptos are breakable by brute-forcing, it's just about making that part harder. Currently "breaking" the encryption techniques have been mostly about trying to lower the amount of brute-forcing you need to do. The race is mostly about developing stronger cryptos which also wouldn't have those weaknesses.

But for that matter, even the publicly used cryptos now a day aren't really breakable. Unless, of course, if NSA at some point designed a backdoor in the algorithms. But if so, that won't be used just randomly as it would leak really fast.

Re:they aren't very well going to admit defeat. (1)

bytesex (112972) | more than 4 years ago | (#31411050)

Do you know where your private key is now ? And it's protected by what ?

Re:they aren't very well going to admit defeat. (1)

timmarhy (659436) | more than 4 years ago | (#31411172)

it's protected by a strong passphrase you'd need about 10000000 years to brute force. good enough for you?

Re:they aren't very well going to admit defeat. (1)

Threni (635302) | more than 4 years ago | (#31411392)

Also, if your public key is published then you can keep encrypting random/all possible plaintexts using it, and when one of your encrypts matches the encrypted data you want to decrypt then you have a match.

ROFL (0)

Anonymous Coward | more than 4 years ago | (#31411112)

I'm sure that you, TripMasterFucktard, are well aware that the NSA has the crypto keys to your beloved Windows install, correct?

You're cool with that, right?

Re:ROFL (1)

sopssa (1498795) | more than 4 years ago | (#31411244)

And with SELinux and NSA contributions to the Linux kernel your world domination plans aren't safe there either. They're everywhere, man.

Re:they aren't very well going to admit defeat. (2, Interesting)

bytesex (112972) | more than 4 years ago | (#31411056)

If you're never going to be able to decrypt the data, then you might as well cat /dev/random > /dev/sda. Because it's indistinguishable from random chaos.

Re:they aren't very well going to admit defeat. (5, Informative)

Holmwood (899130) | more than 4 years ago | (#31411156)

Except he's (more or less) right. James Ellis, at GCHQ (roughly the UK equivalent of NSA) had developed the basics of public key cryptography by the end of 1969. This was about 6 years ahead of Diffie Hellman and Merkle. In 1973, a GCHQ cryptographer, Clifford Cocks, realized that one-way functions would be an elegant way of achieving Ellis' insight. See http://cryptome.org/ukpk-alt.htm [cryptome.org] for example. This was some years ahead of RSA.

GCHQ and the NSA definitely would have exchanged this information. It's also quite possible that the US made some of these breakthroughs even earlier than the British; I've not paid much attention to anything NSA-related that has declassified in the last 5+ years.

Re:they aren't very well going to admit defeat. (4, Informative)

JasterBobaMereel (1102861) | more than 4 years ago | (#31411216)

Public key encryption, that would be the crypto system invented at GCHQ in the UK by public servants .... but not published and then re-invented (independently) by RSA 6-7 years later ...

Re:they aren't very well going to admit defeat. (2, Insightful)

smallfries (601545) | more than 4 years ago | (#31411522)

While it is true that it would not be in his interest to admit if they are beat that does not imply that they are beat. And you would have to be an idiot to believe that they are. To pick up on three points from the video:

  • They employ several hundred PhDs and have a budget that would make any company or university in the sector weep.
  • They can read the literature and take ideas but don't have to reciprocate by publishing their work.
  • They are not handicapped by inconveniences like the law when it comes to experiments on traffic analysis.

Would anyone? (1)

tjstork (137384) | more than 4 years ago | (#31411982)

what else would you expect from a public servant. he won't admit the private sector has them beat because it'd be the end of his job.

I don't think gov't vs private sector has the same meaning here. Would anyone flat out admit that another institution of any kind has them beat, and thus lose his or her job?

Right... (1, Informative)

Anonymous Coward | more than 4 years ago | (#31410842)

That's what they want you to think.

Their latest decoded message: (4, Funny)

WegianWarrior (649800) | more than 4 years ago | (#31410856)

Be sure to drink your Ovaltine.

Re:Their latest decoded message: (1)

ipquickly (1562169) | more than 4 years ago | (#31410878)

Be sure to drink your Ovaltine.

No, it was

"and don't forget the coffee!"

key areas of competition (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31410868)

The reality is that any private organisation will always say that their software is best or their crypto rocks the world.. There is one big difference with the NSA and that is they have very deep pockets when it comes to cracking encryption which very very few private organisations can afford. Which president would turn the NSA down if they came asking for money with a request like... 'we have managed to get xyz encrypted file that we need xyz cpu's to crack so that we can identify a leak who is selling secrets to the taliban/chinese/bob next door'.

Whatever! (4, Insightful)

martin-boundary (547041) | more than 4 years ago | (#31410876)

"We know Saddam has WMD, but we can't show you what we know because it's secret!". Everybody knows how that argument went in Iraq.

I'm with Shamir, the only correct response here is: "Yeah, right, whatever", not "OMGOMGOMG, the NSA cAn readz my stuffz!!1".

Frankly, I don't see how any mathematician would want to waste his talent working for the NSA.

Re:Whatever! (2, Insightful)

Anonymous Coward | more than 4 years ago | (#31410920)

Exactly. The USA intelligence agencies have shown their moronity and so many occasions. I'm not sure which is their greatest hit: helping traffic cocaine into American cities to fund arms transfers to Iran OR helping Osama Bin Laden build and develop the Al-Qaeda network. The NSA/CIA/FBI might be able to catch child porn wankers and craigslist hookers but the Chinese/Israelis/Indians will eat them for lunch. Go to a computer science dept. anywhere: You will see almost all Phd students are Chinese/Jewish/Indian. The NSA makes me laugh.

Even if they could decrypt the shit they probably don't have anyone who can read whatever language it's fucking written in! Don't worry about encryption just write the shit in Bengla they won't figure out for five years...

Re:Whatever! (0)

Anonymous Coward | more than 4 years ago | (#31411560)

>just write the shit in Bengla
Writing in good English would be a start, dickwad.

Re:Whatever! (2, Insightful)

AHuxley (892839) | more than 4 years ago | (#31411874)

They are all learning from US books under US profs and going back home with US ideas ...
Its just the old cold war idea of get them young.
Years later your "Chinese/Jewish/Indian" is going to sit in front of a mutil billion $ contract with a local build %.
If trained in the US who do you think they will recall fondly ?
France, Italy, Brazil, Germany, Russia?
The USA hopes years of quality education will give them that "reality distortion" edge.
Then when they sign up for a few billions of $ worth of US hardware and software - its happy times in the NSA as they are now connected directly or via soft/hardware upgrades.
If not your left with the digital version of "Iranian Tomcats".
As for Al-Qaeda they have learned via CIA death squads or state sponsors not to trust tech beyond dead drop for propaganda uploads.

Re:Whatever! (1)

bytesex (112972) | more than 4 years ago | (#31411070)

The problem is, that in his historic recount, he is correct. So there is no reason to disbelieve him when he says things about the current state of affairs.

Except of course, that he is a spook.

Re:Whatever! (4, Interesting)

chuckymonkey (1059244) | more than 4 years ago | (#31411182)

Let me tell you from firsthand experience. You cannot even fathom the awesomeness that goes on inside the cube unless you work there. It is not like Hollywood portrays it, but there is a whole lot of cool going on in there. That is why people work for the NSA. Now, I have philosophical disagreements with how the NSA ran business during the Bush years and I left that industry for aerospace. That being said if any of my former colleagues tell me that things have changed I think that I would go back.

Re:Whatever! (2, Insightful)

martin-boundary (547041) | more than 4 years ago | (#31411212)

Sure, I accept that the toys are great, but scientifically? It's time wasted. At some point people are going to ask what did you accomplish?

If you're a mathematician especially, you'll have nothing to show for it, and if your reports ever get published in the future, they'll be long obsolete and irrelevant.

Re:Whatever! (4, Insightful)

jpmorgan (517966) | more than 4 years ago | (#31411544)

Academia is not the only profession that provides job satisfaction and a sense of fulfillment. Guess what, 99.9% of the world's population lives a happy life without ever publishing anything.

Re:Whatever! (2, Funny)

JohnFluxx (413620) | more than 4 years ago | (#31412012)

99.9% of the world's population is, well, the bottom 99.9% of the world. We're talking about the very smartest and most gifted people. The sort that shouldn't be happy if they do not achieve something.

Re:Whatever! (0)

Anonymous Coward | more than 4 years ago | (#31412120)

Guess what, 99.9% of the world's population lives a happy life without ever publishing anything.

Yes but 99.9% of the world is not populated by mathematicians.

Re:Whatever! (1)

Btarlinian (922732) | more than 4 years ago | (#31411786)

Sure, I accept that the toys are great, but scientifically? It's time wasted. At some point people are going to ask what did you accomplish?

If you're a mathematician especially, you'll have nothing to show for it, and if your reports ever get published in the future, they'll be long obsolete and irrelevant.

Who cares? You're getting paid to do what you love and are provided with all the toys you can think of to do that stuff with. If I was a mathematician, I wouldn't really consider that sort of job to be unfulfilling. (Ethical and moral dilemmas are another matter.)

Re:Whatever! (1)

timmarhy (659436) | more than 4 years ago | (#31411820)

thats because if your a mathematician. the ONLY thing you can do that would seem like much of an acomplishment is publish a scrape of paper.

for people working in the real world, they can achieve real world outcomes (god i'm damned to management aren't I?).

Re:Whatever! (1)

Kjella (173770) | more than 4 years ago | (#31411840)

At some point people are going to ask what did you accomplish?
If you're a mathematician especially, you'll have nothing to show for it

"I could tell you, but then I'd have to kill you afterwards". And to be honest, I doubt anyone with "Mathematician, NSA" on their CV will ever have trouble finding work. Lots of others with science degrees work for private research, you'll just be another one of those.

Re:Whatever! (1, Interesting)

Anonymous Coward | more than 4 years ago | (#31411248)

I don't believe it. The government wants everyone to believe they are all powerful and know everything but obviously they don't. Either that or they let 9/11 happen on purpose. One or the other they suck. Look at that bunch of CIA douchebags that got suicide bombed by their own informant. How clueless can you be. It's so obvious the ISI are the ones in control in South Asia. All your high tech gizmos and satellites and some stone age goat farmers with Kalishnikovs are beating you. Haha.

Why do I have doubts about this post? (1, Interesting)

Kupfernigk (1190345) | more than 4 years ago | (#31411930)

You cannot even fathom the awesomeness that goes on inside the cube ...there is a whole lot of cool going on in there

But not, apparently, a lot of grown up usage of the English language.

Some people like knowing things that other people don't know and having secrets. Some people like adding to the store of human knowledge, and knowing that they have left the world a slightly better informed or capable place. Personally, I know from experience which type I prefer to work with, and it's not the "I'm a member of the in crowd, you're not" type.

Until (1)

Dyinobal (1427207) | more than 4 years ago | (#31410880)

Until a working quantum computer is made.

Re:Until (0)

Anonymous Coward | more than 4 years ago | (#31410954)

There are already algorithms (that are being implemented!) that quantum computers cannot easily break.

Re:Until (0)

Anonymous Coward | more than 4 years ago | (#31411034)

You don't think the NSA will be one of the first to use a quantum computer to factor large primes and brute-force private key passphrases?

Though with their long history of Tempest [wikipedia.org] one wonders why they need to bother cracking crypto.

Re:Until (3, Funny)

base3 (539820) | more than 4 years ago | (#31411864)

I can factor large primes for you, no sweat, no quantum computer required. Now composites of large primes, there a quantum computer might help you.

Re:Until (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31411268)

*yawn*

NSA didn't know about public key crypto? (4, Interesting)

jpmorgan (517966) | more than 4 years ago | (#31410884)

I don't think so... public key cryptography was discovered by the GCHQ at least a decade before it was discovered in the public sphere: http://cryptome.org/ukpk-alt.htm [cryptome.org]

Re:NSA didn't know about public key crypto? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31410930)

Fascinating. Thanks.

Re:NSA didn't know about public key crypto? (0)

WegianWarrior (649800) | more than 4 years ago | (#31410934)

Just because GCHQ came up with it before it was rediscovered in the public sphere does not mean that NSA was told - the best way of keeping something secret is simply not to tell anyone about it and I don't think the British would risk compromising their new 'high ground' in encryption by telling even an ally. During WWII very little was shared between the allies on their respective crypto-systems - they basically had to build a third system to communicate. Even of the how-to of breaking the opponients chippers were well guared secrets.

Re:NSA didn't know about public key crypto? (0)

Anonymous Coward | more than 4 years ago | (#31411090)

Given the nature of UK / USA relations it is almost impossible to imagine that the NSA wouldn't have known about this, and it is very likely that it was shared - like nuclear weapon designs were shared by the US.

Re:NSA didn't know about public key crypto? (0)

Anonymous Coward | more than 4 years ago | (#31411134)

RELTO FVEY ftw

Crypto is only the Beginning (3, Insightful)

introspekt.i (1233118) | more than 4 years ago | (#31410912)

Crypto's not the weak link in security anymore, nor has it been for a long time. I think the real security money now is in automated (or proven) software verification and model checking. Private industry is only beginning to understand this, and as a whole, probably will not employ it for some time to come. Why bother testing for security errors when you can prove they don't exist?

Re:Crypto is only the Beginning (3, Funny)

phantomfive (622387) | more than 4 years ago | (#31410972)

Crypto's not the weak link in security anymore

That's what you think.

Re:Crypto is only the Beginning (1)

Antiocheian (859870) | more than 4 years ago | (#31411042)

Crypto's not the weak link in security anymore

That's what you think.

Unfortunately most people won't find this insightful.

Re:Crypto is only the Beginning (1)

JackieBrown (987087) | more than 4 years ago | (#31411276)

That's what you think.

Unfortunately most people won't find this insightful.

Because it's not.

Of course that is what introspekt.i thinks. That is why he wrote it.

phantomfive did not offer any new or insightful discussion to this tread.

Re:Crypto is only the Beginning (1)

Antiocheian (859870) | more than 4 years ago | (#31411680)

Compare the percentage of an 80s CPU being used in encryption vs the percentage of a modern CPU being used in encryption.

Are you certain that modern CPUs are not being used to brute force their way in encrypted data ?

Re:Crypto is only the Beginning (0)

Anonymous Coward | more than 4 years ago | (#31411052)

Model checking and software verification are powerful, but I think it's safe to assume it has its limits too, if only for the fact that it is so computationally expensive.

Re:Crypto is only the Beginning (5, Interesting)

bytesex (112972) | more than 4 years ago | (#31411094)

Nah. The money is now in electromagnetic remote sensing; reading your screen and listening to your keyboard from a mile away. That, and psy-ops. Humans still control keys. Humans always make at least one mistake. Google's mail accounts were cracked because their subjects could be coaxed to visit malicious websites, after all.

Re:Crypto is only the Beginning (0)

Anonymous Coward | more than 4 years ago | (#31411468)

A mile away? References?

Re:Crypto is only the Beginning (1)

lucian1900 (1698922) | more than 4 years ago | (#31411194)

Verification is still in its infancy, it has a long way to go before it'll be practical to use over test-driven development. And nothing is actually unequivocally proven anyway, so it's not the silver bullet people make it out to be. Model checking right now is in evolutionary cul-de-sac because people focus on stuff like VDM instead of integrating model checking into existing good languages.

Re:Crypto is only the Beginning (1)

dcollins (135727) | more than 4 years ago | (#31411230)

"I think the real security money now is in automated (or proven) software verification and model checking. Private industry is only beginning to understand this, and as a whole, probably will not employ it for some time to come. Why bother testing for security errors when you can prove they don't exist?"

Yeah, we were laughing about this in my college CS classes 20 years ago. So the drunken party's back again, eh?

Re:Crypto is only the Beginning (1)

TheLink (130905) | more than 4 years ago | (#31411662)

> > I think the real security money now is in automated (or proven) software verification and model checking.
> > Why bother testing for security errors when you can prove they don't exist?"
> Yeah, we were laughing about this in my college CS classes 20 years ago. So the drunken party's back again, eh?

Yeah, why bother testing his slashdot post for errors if he can prove (via "post verification and checking") that his post on Slashdot was exactly what he wanted to post?

Software verification has its uses, but it is not as useful as some people think it is.

Re:Crypto is only the Beginning (0)

Anonymous Coward | more than 4 years ago | (#31411272)

Enjoy your infeasible exponential verification process while I, the competitor, release my product to the masses and issue updates when bugs are located. It won't matter to the masses, look at how wide-spread Adobe's slew of products are.

Re:Crypto is only the Beginning (1)

Schraegstrichpunkt (931443) | more than 4 years ago | (#31411910)

Crypto's not the weak link in security anymore

When I read other people's crypto code, I still find they get it wrong the majority of the time.

Sure (1, Interesting)

FooRat (182725) | more than 4 years ago | (#31410914)

"Snow replied that when technologies are developed separately in parallel, the developers don't necessarily use the same terms for them."

Sure, and I invented cars 200 years ago, but I didn't call it a car so someone else got the credit.

The NSA may have a "deep staff of Ph.D. mathematicians and other cryptographic experts who work on securing traffic and breaking codes" but let's face it, government departments are not exactly known for being the most motivated of the various sectors, and that's further exacerbated if you know you aren't going to get credit for your work as opposed to being kept secret ... I mean, in academia, one of the major motivations for leading scientists is that they get widespread recognition for their work. I suspect the funding to maintain that "deep staff" of experts probably serves more to keep those experts from being more productive 'elsewhere'. And of course they have to maintain that they are 'ahead' if they want to keep getting funded year after year, so I'd take it with a pinch of salt.

Re:Sure (3, Interesting)

Anonymous Coward | more than 4 years ago | (#31410978)

Yeah, but the way most intelligence services work is that it's not like the employees show up at the NSA building every day and sit in a cubicle doing encryption research. At least with the CIA and DOD they just put civilian academic researchers on the payroll and get "first dibs" on new stuff and also get to direct their research. The CIA does this with journalists too. They still work at the NY Times etc. but the CIA sees all their information first and decides what will get printed and what will stay private.

Re:Sure (1)

ExplitiveNOW (1412303) | more than 4 years ago | (#31411426)

Yeah, but the way most intelligence services work is that it's not like the employees show up at the NSA building every day and sit in a cubicle doing encryption research. At least with the CIA and DOD they just put civilian academic researchers on the payroll and get "first dibs" on new stuff and also get to direct their research. The CIA does this with journalists too. They still work at the NY Times etc. but the CIA sees all their information first and decides what will get printed and what will stay private.

Agreed, plenty of people are spies who don't know that they are. It just to easy and economical to do otherwise.

Re:Sure (1, Funny)

Anonymous Coward | more than 4 years ago | (#31410994)

"Snow replied that when technologies are developed separately in parallel, the developers don't necessarily use the same terms for them."

Sure, and I invented cars 200 years ago, but I didn't call it a car so someone else got the credit.

*You* invented the automobile? Amazing!

the NSA has motivation (-1, Flamebait)

r00t (33219) | more than 4 years ago | (#31411096)

This isn't some lazy Amtrack, HUD, or even NASA.

Winning means you beat the towelheads and the Chinese spies. Losing means you don't, and lots of bad shit happens to us.

Re:the NSA has motivation (0)

Anonymous Coward | more than 4 years ago | (#31411180)

You mean like say 9/11? Like invading one country for WMDs and finding out the country with the WMDs was it's neighbor? Stuff like that?

Re:the NSA has motivation (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31411234)

racism is not insightful

NSA vs. PUBLIC (4, Insightful)

muckracer (1204794) | more than 4 years ago | (#31411818)

> cryptographers for the NSA have been losing ground to their
> counterparts in universities and commercial security vendors for
> 20 years, but still maintain the upper hand in the sophistication
> of their crypto schemes and in their ability to decrypt.

Nevermind the intellectual "my code's better than yours" games
between arguably otherwise brilliant researchers.

Where the NSA certainly has 'maintained the upper hand' is in real
life versus ordinary people. The technology of surveillance has
gotten orders of a magnitude better and surrounding laws have been
adapted to make it fully legal to use that technology to the max
against The People (whereever they may be). Who in this discussion
encrypts their e-mails or uses 'sophisticated crypto schemes' as a
matter of course? At best it's maybe SSH here and there and the
occasional SSL site. The vast majority of traffic is plain-text, as
it's been since the days of papyrus. Hell, back in those days at
least only a few people could read it and thus had better privacy
than we mostly have today. Nevermind the ramifications of Facebook
and similar tools.

Mr. Shamir can engage in discussions of who developed Public Key
Cryptography first or not. It's all nonsense, because as brilliant
as the concept is, the PUBLIC has no part in it to 99.99% and
therefore we can consider it a complete FAILURE on grounds of lack
of acceptance and widespread use. Meanwhile the NSA sits back and
laughs, as their electronic tentacles filter through PUBLIC('s)
traffic...any traffic...and mostly doesn't have to bother with
breaking anything. Cuz we 'oh-so-clever' geeks have failed
miserably. If the NSA has any problem, then it's to store and
process/search through the data they get...not the acquisition.

Re:NSA vs. PUBLIC (4, Funny)

gazbo (517111) | more than 4 years ago | (#31411880)

THANK YOU!

I'm never happy with the way my browser handles line-breaking, so I'm eternally grateful to you for taking the initiative and doing it yourself.

Re:NSA vs. PUBLIC (1)

muckracer (1204794) | more than 4 years ago | (#31411942)

> I'm never happy with the way my browser handles line-breaking, so I'm
> eternally grateful to you for taking the initiative and doing it yourself.

More a result of using an external editor. And even though I have a feeling you
were being ironic, I DO find it easier to read with a normal line-length, as
opposed to reading across the whole damn (wide)screen. ;-)

Re:NSA vs. PUBLIC (2, Insightful)

EmagGeek (574360) | more than 4 years ago | (#31412186)

That's absolutely true. In addition to brute-force decryption and other methods, the NSA has discovered what scammers have known all along. You don't need to decrypt someone's stuff if they'll give you the keys themselves. It's easier to compromise someone's box and keylog their keys than it is to decrupt the information by force.

The NSA spends a tremendous amount of effort on social engineering and subversive key acquisition. Those methods are much faster and easier.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...