Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NSA Turns To Commercial Software For Encryption

simoniker posted more than 10 years ago | from the chinese-government-buys-certicom dept.

Encryption 264

Roland Piquepaille writes "According to eWEEK, the National Security Agency (NSA) has picked a commercial solution for its encryption technology needs, instead on relying on its own proprietary code. "The National Security Agency has purchased a license for Certicom Corp.'s elliptic curve cryptography (ECC) system, and plans to make the technology a standard means of securing classified communications. In the case of the NSA deal, the agency wanted to use a 512-bit key for the ECC system. This is the equivalent of an RSA key of 15,360 bits." This summary includes the NIST guidelines for public key sizes and contains more details and links about the ECC technology. Since the announcement, Canadian Press reports that Certicom's shares more than doubled in Toronto."

cancel ×

264 comments

Sorry! There are no comments related to the filter you selected.

I GOT THE FROSTY PISS (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7313825)

ALL OVER YOUR FACE!!11!1!111oneoneeleven

NSA COMMERCIAL! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7313826)

THEY HAVE A MONOPOLY FIRST post hehehehhehehehehheheheh

Europeans, mod this up! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7313828)

HOWTO: Be an American
Version 1.0 / M

America, eh folks? It's a pretty screwed up place. Unfortunately, but not indefinitely, the USA's weapons of mass destruction make it the most powerful country in the world (militarily). As a result, it helps to be aware of American society and fit into it, and our quick 8-step guide should have you on the path to burger-munching enlightenment.

1 - Buy yourself a gun
To become a fully-fledged Yank, you'll need to get a weapon. Americans think that having more killing machines magically makes their country safer, and it helps them to walk around saying "I'll put a cap in your ass". Even though the concept of "no guns = no gun-related crimes" is alien to the average Yank, it'll give you a false sense of security in this country with the highest crime rates in the developed world.

2 - Put on at least 25 stone
Skinny? Medium? Chubby? That won't cut it in the good ol' US of A. Because America has the highest obesty levels on the planet, you'll need to get those rolls of flab built up. Eating 18 waffles with Maple syrup for breakfast (and visiting Burger King five times in a day) is all natural when much of the world is suffering massive poverty. Get fat and fit in.

3 - Learn the lingo
We've talked about issues affecting society, but on a personal level you'll need more knowledge (or ignorance as it may be) to fit in. First, forget proper English. Confuse "your" with "you're". Say "must of" instead of "must have". Whenever anything interesting occurs, say "shucks" repeatedly. Instead of clever spontaneity or witty insults, call people "asswipes". It's funny!

4 - Throw away all maps, history books etc.
To really feel a part of American society, you must lose all knowledge of the world. Forget where Poland is. Scrap your knowledge of the lengthy Chinese history. Make cretinous remarks like "India? Is that in Africa?". Because ALL that matters is America, and it doesn't matter how pathetic you look to educated people the world over.

5 - Become totally irrational and nonsensical
Spout on about the Constitution, and then make drastic changes to it. Talk about "freedom of speech" and watch TV programmes about the Ku Klux Klan. Rant on about market freedom, and sit back as companies run riot and destroy the economy with their anti-competitive practices. Essentially, act idiotic at all times.

6 - Sue everyone you ever meet
The USA doesn't produce many decent quality products, so the society is crumbling into a litigation-happy joke. With so many jobs going overseas to talented workers, your only option left is to start legal proceedings. About anything. Someone step on your toe? Get some hotshot downtown lawyer to sue their ass!

7 - Get a "shrink"
Americans have a hard time dealing with their own problems in a mature manner, and prefer to spend hundreds of dollars sitting in front of someone and whinging. However trivial your problems may be, blast them out like a baby!

8 - Watch abysmal TV
Forget educational programmes and incisive documentaries. Your ideal night in is with your gun, six cheeseburgers and a Friends box set. Watch as some over-paid talentless "actor" enters the scene, and whoop and scream hysterically as he delivers some ridiculously poor wisecrack.

So there you have it! Those 8 steps should have you killing innocent people, piling on pounds and acting like a moron in no time. America awaits you, brave hero! Just get out before it collapses in disarray.

END

Re:Europeans, mod this up! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7313868)

A most excellent post, sir.

Re:Humans, mod this down (-1, Flamebait)

ChozCunningham (698051) | more than 10 years ago | (#7313885)

9 - Despise yourself
Post trite complaints to other intellectual elitists, pretending it will do some good, and loathe yourself for lacking the will to improve anything. Forget that there are morons everywhere, and that despite the WTO giving unlimited protections to American Idiocy (TM), there are hundreds of other countries giving birth to assholes consistently. Complain about Constitutional Amendments, except ehen they suit you.

Most importantly, do nothing whatsoever to benefit the world, because dispite your belief that you are better than everybody else in the country, you are just another jackass.

YHBT (NT) (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7313922)

you're a jackass too. good job. I lied about the NT thing, btw

Re:Europeans, mod this up! (-1, Troll)

AceM2 (655504) | more than 10 years ago | (#7313888)

Posting bullshit like that really shows how much better you are than the Americans. I think you should take the advice in #7.

Re:Europeans, mod this up! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7314038)

An excellent example of why we stopped listening to the Brits in 1776 and have been all the better for it since.

Asswipe! (0)

Anonymous Coward | more than 10 years ago | (#7314063)

I'll put a cap in your ass. Shucks, you must of forgot "no guns = no gun related crimes (except by criminals)"

FUD (4, Funny)

ChozCunningham (698051) | more than 10 years ago | (#7313831)

Shouldn't we demand an open source solution? ;)

Re:FUD (4, Insightful)

jdhutchins (559010) | more than 10 years ago | (#7313925)

You can bet that NSA demanded the source code. I don't think they'd trust something they can't see the source to for their security. As for them buying a closed-source or open-source, to them it doesn't matter, they'll get the source anyways.

Re:FUD (0)

Anonymous Coward | more than 10 years ago | (#7314000)

Or at least an American solution!! It is national security and all (although I don't see Canada plotting to take over the world in the near future.)

Re:FUD (5, Informative)

quadelirus (694946) | more than 10 years ago | (#7314052)

I stated this in another post, but I've got a link now:

The NSA is not lisencing software, it is lisencing the right to use Certicom's ECC cryptosystem. Cryptosystems now are usually known even when proprietary to allow mathematicians and cryptographers the ability to test the security of it. (The RSA cryptosystem for instance is thoroughly explained on RSA's web-site, but you would still need a lisence to use the algorithm in a program)

I found a tutorial by Certicom on their ECC cryptosystem here [certicom.com] .

PS. I could be wrong, but from the article it seems that "intellectual property" and "This is the first time that the NSA has endorsed any sort of public-key cryptography system." that they are not actually lisencing software but are in fact lisencing the cryptosystem. If I am wrong, I humbly apologize.

Re:FUD (2, Interesting)

AKnightCowboy (608632) | more than 10 years ago | (#7314082)

PS. I could be wrong, but from the article it seems that "intellectual property" and "This is the first time that the NSA has endorsed any sort of public-key cryptography system." that they are not actually lisencing software but are in fact lisencing the cryptosystem. If I am wrong, I humbly apologize.

Well, before they just used it and didn't bother asking for permission. This isn't that big of a deal. The only thing out of the ordinary is they asked before using it. Nothing is stopping the NSA from ignoring a license for anything. Who are you going to call, the BSA to battle the NSA? Licensing applies to corporations and individuals.. governments can choose whether to obey them or not. We'd like for them to obey them, but who watches the watchers?

OSS ECC? ECC vs AES (0, Interesting)

draziw (7737) | more than 10 years ago | (#7313832)

Are there any OSS projects that support elliptic curve cryptography? What makes ECC so much better vs AES with a key size of 256?

--
Have you sent a check to SCO today?

Public key vs. symetric (4, Informative)

autopr0n (534291) | more than 10 years ago | (#7313842)

You can't really compare symetric key systems like AES with public key systems like ECC or RSA. With a symetric system you need keey your key secret, with public key you have two keys (encryption and decryption), and you only need to keep one of them secret. The other you can distribute far and wide.

A lot of times, people will create symetric keys and then use public key systems to distribute them.

Re:Public key vs. symetric (0)

Anonymous Coward | more than 10 years ago | (#7314007)

Another "applied cryptography" reader offering up his infinite wisdom. Thanks!

Re:OSS ECC? ECC vs AES (3, Informative)

espo812 (261758) | more than 10 years ago | (#7313869)

What makes ECC so much better vs AES with a key size of 256?
I'm sure a small ammount of googling could tell you this, but comparing ECC to AES is like comparing apples to oranges. ECC is a public key algorithm, and AES is a symmetric key algorithm. Thus, you would have to look up the fundamental differences between public and private key algorithms to find the differences between ECC and AES.

The difference between ECC and algorithms like RSA, for example, is that elliptic algorithms can work with smaller keysizes, and this should have been noticable from the slashdot post that points out the commercial product uses a smaller keysize than the equiviliant strength RSA key.

Re:OSS ECC? ECC vs AES (0)

Anonymous Coward | more than 10 years ago | (#7313915)

either way, thats one BIG god damned number

Re:OSS ECC? ECC vs AES (0, Informative)

daserver (524964) | more than 10 years ago | (#7313871)

GnuPG can use DSA which is ECC. And as the other one said you can't compare sym. crypto with asym. crypto.

Re:OSS ECC? ECC vs AES (1)

daserver (524964) | more than 10 years ago | (#7314009)

correction DSA is not ECC.

Re:OSS ECC? ECC vs AES (5, Informative)

graf0z (464763) | more than 10 years ago | (#7314031)

GnuPG can use DSA which is ECC.

No, DSA != ECC.

DSA and ECC both do encryption by exponentation, relying on the assumtion that the reverse function - the logarithm - is infeasible with the used keylengths. They are both called "Discrete Logarithm Systems".

But the multiplication is done in completly different mathematical contexts: DSA multiplies in the rings Z/p (that are the natural numbers modulo p, p being a prime) where ECC multiplies in suitable "elliptic curve groups over finite fields" . That are finite sets of "numbers" paired with an complicated operation called "multiplication". These "numbers" behave quiet odd.

The main practical difference is the neccessary keylength. Depending on the chosen eliptic curve, ECC keys are 4-8 times smaller than DSA keys. They get much closer to the "no attack is faster than the brute force attack"-paradigm than other public key algorithms like DSA or RSA.

Unfortunatly, huge classes of suitable elliptic curves got patented.

Google for free ECC software. There are at least some libraries published by academic research groups.

/graf0z.

My daddy's horn goes "Honk-ee, honk-ee" (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7314072)

and my daddy's chainsaw goes "Runn-nigga-nigga-nigga runn-nigga-nigga-nigga"

Re:OSS ECC? ECC vs AES (2, Informative)

quadelirus (694946) | more than 10 years ago | (#7314013)

In cryptography it's usually not a program that gets lisenced, but an algorithm (or cryptosystem). My guess would be that ECC has the copyright or patent or whatever you get on their algorithm which would make it illegal to write a program using elliptic curve cryptography (or at least their algorithm) without permission from the company. I once wrote a project that used the RSA cryptosystem for education purposes and I had to obtain permission from RSA legal to use the cryptosystem. (However it might be public now...)

Also between AES and ECC. My guess would be ECC is much more secure than AES. If a 512-bit key for ECC is the equiv of a 15360-bit key in RSA that sounds extremely secure. As far as the last time I checked a 4096-bit RSA key was virtually unbreakable in any normal time span by even the fastest supercomputers built.

Finally what the other replies to your question have been, about comparing apples and oranges: AES is a symmetrical key, meaning, the key that encrypts also decrypts.

Public/Private Key encryption deals with two keys, the public key is freely available to anyone becuase when a message is encrypted with the public key it can not be decrypted with the public key. It must be decrypted with the private, or secret key.

Re:OSS ECC? ECC vs AES (1)

Timmmm (636430) | more than 10 years ago | (#7314053)

*cheque

See? (0)

Anonymous Coward | more than 10 years ago | (#7313837)

Nobody trusts software developed by the NSA!

What about license abuse? (2, Interesting)

MongooseCN (139203) | more than 10 years ago | (#7313841)

What if a company is suspicious of the NSA not following the license it was given? It's not like the government is going to let a commercial company into the NSA to audit all its computer systems. I suppose it will all be done on the honor system.

Re:What about license abuse? (1)

croddy (659025) | more than 10 years ago | (#7313872)

the government doesn't need to care about licensing costs. the government buys extra, and more extra.

Re:What about license abuse? (1)

leerpm (570963) | more than 10 years ago | (#7313881)

I doubt the company cares much. The publicity and market attention they will receive from this deal will be more than enough to compensate for any licensing wrongdoings.

Re:What about license abuse? (5, Informative)

randyest (589159) | more than 10 years ago | (#7313966)

The NSA practically can't not follow the license -- it's world-wide and allows granting sub-licenses, and is only restricted to use above a certain security level. The NSA would have to use relatively insecure implementations of the technology to violate the license, and I think that's unlikely:

Certicom Corp. (TSX: CIC), a leading provider of wireless security solutions, today announced that the National Security Agency (NSA) in Maryland has purchased extensive licensing rights to Certicom's MQV-based Elliptic Curve Cryptography (ECC) intellectual property. ECC is becoming a crucial technology for protecting national security information.

This agreement will give the NSA a nonexclusive, worldwide license with the right to grant sublicenses of MQV-based ECC covered by many of Certicom's US patents and applications and corresponding foreign rights in a limited field of use. The field of use is restricted to implementations of ECC that are over GF(p), where p is a prime greater than 2256. Outside the field of use, Certicom will retain all rights to the technology for other industries that require the same levels of security, including state and local government agencies. Certicom will continue its policy of making its intellectual property available to implementers of ECC under normal commercial terms on a non discriminatory basis.

Privatization (1, Flamebait)

mr100percent (57156) | more than 10 years ago | (#7313844)

Oh come on, I know Bush's administration is all for privatization and turning to the private sector and all, but this?

The NSA's job is to make secure codes for government use, and break other people's codes. So they licensed someone else's code, but why are they announcing it for intra-government use? The obvious question is, Can't they roll their own?

Then again, I'm sure this is just spin, the reality SHOULD be much different. Or else someone should just be living in a van down by the river.

Re: Privatization (5, Funny)

Black Parrot (19622) | more than 10 years ago | (#7313935)


> The NSA's job is to make secure codes for government use, and break other people's codes. So they licensed someone else's code, but why are they announcing it for intra-government use? The obvious question is, Can't they roll their own?

Probably just means that they've discovered how to crack it, so now they want everyone else to use it.

Re:Privatization (3, Insightful)

paranoidsim (239426) | more than 10 years ago | (#7313937)

I don't think this is about privatization. I think this is about the NSA being overloaded with more important things to worry about. Such as the "War on Inanimate Objects", namely, Terrorism. For instance, look at their new hires figures jump from roughly 100/yr, to over 1000. They are busy, they are upgrading, and they are worrying about processing the loads of new data from monitoring an exponentially higher amount of data then they were accustomed to only a few years ago.

Re:Privatization (5, Informative)

espo812 (261758) | more than 10 years ago | (#7313939)

Oh come on, I know Bush's administration is all for privatization and turning to the private sector and all, but this?
I believe that the technological divide between the NSA and the private sector has been shrinking over the years. I also don't think they would have selected this product if they didn't have good reason to. I suspect that this product was probably developed with some degree of NSA involvement, either contract work there or by former contractors/employees. And, low and behold, as I RTFA it says:
Certicom has worked with the NSA, based at Fort Meade, Md., on several classified projects in the past, and this agreement is essentially an outgrowth of that work, officials said.
So, it appears to have a lot of NSA involvement in the development. Actually, RTFAing a bit more closely it appears NSA is licensing the algorithm from Certicom. So they may not even be using the code from Certicom, they could be developing all the systems in house. Clearly, they wouldn't make a move like this without thoroughly analyzing the algorithms involved.

So what comes out is a solution that was produced much cheaper than a similar inhouse effort, and this will save the tax payers money (which sounds good to this poor college student.) I have to say I'm surprised at the Agency going after a commercial product for classified purposes, but I'm sure they have good reasons.

Re:Privatization (3, Interesting)

Anonymous Coward | more than 10 years ago | (#7313979)

Hypothetical:

You're the premiere intelligence agency in the world. When you need to secure data, you use algorithms that nobody else in the world knows about, designed in secret by some of the greatest mathematical geniuses there are.

When you need to secure an email you're sending to someone not in the agency, you can't (not to mention don't) use your hidden good stuff, because the recipient doesn't have the algorithm. So, you use something publicly available.

Re:Privatization (1)

harriet nyborg (656409) | more than 10 years ago | (#7314003)

"Can't they roll their own?"

good point mr100percent. something don't be adding up here.

the NSA employs more mathmeticians than any other organization in the world. they can grow their own and roll their own.

the thing is they usually bogart it.

what i don't understand is why the NSA just doesn't pinch from someone else's bag - i mean who's gonna know it? they're the friggin's NSA - the government, they can do anything... and only traitors and slanderous villians would criticize the government.

it's an anti-rush limbo problem: on one hand, you have a crackhead who could get all the drugs he wanted legally and privately, but for some unexplicable reason bought his dope illegaly on the street through someone who could (and did) dime him out.

on the other hand, you have NSA could use whatever patented technique they wanted and no one would ever know, but they decide to go out and publicly annouce a license.

Re:Privatization (5, Insightful)

Anonymous Coward | more than 10 years ago | (#7314076)

on one hand, you have a crackhead who could get all the drugs he wanted legally and privately, but for some unexplicable reason bought his dope illegaly on the street through someone who could (and did) dime him out.

on the other hand, you have NSA could use whatever patented technique they wanted and no one would ever know, but they decide to go out and publicly annouce a license


You're wondering why the NSA didn't just go ahead and use Certicom's patented ECC implementation and keep it a secret? Because they're a lot bigger than Rush freakin' Limbaugh, and it only takes one employee to speak up and say, "we knew someone else patented this but we used it anyway" before someone gets in a lot of trouble.

No one wants that kind of a black eye. If that scandal broke, the manager who gave the go-ahead to implement the Certicom solution without licensing it would probably find himself reassigned to a communications post in Afghanistan.

And one thing about the US government... no matter how hard they try to keep things under wraps, they're just not very good at it. There are just too many nosy journalists and authors poking around... everything comes out sooner or later :) (For examples, see the SR-71, spy satellite imagery, Predator UAVs, the TIA project, etc. and the number of times Tom Clancy has been accused of espionage for incorporating published projects into his work.)

Re:Privatization (1)

thdexter (239625) | more than 10 years ago | (#7314095)

No use reinventing the wheel, I guess. You could ask why they use Linux or OpenBSD or FreeBSD or anything instead of making their own secure-by-default OS.

The issue here that caught my glance was that it's a Canadian company, which seems curious, considering that the DoD doesn't much outsource work.

Huh? (0, Flamebait)

nepheles (642829) | more than 10 years ago | (#7313845)

How is this remarkable? The NSA picks a proprietary solution where there is not even an Open-Source competitor. Surprise, surprise. I don't mean to troll -- but can somebody explain how this is interesting?

Re:Huh? (0)

Anonymous Coward | more than 10 years ago | (#7313864)

This is a clue that the NSA, which some geeks would assume have super cryptographic powers, are actually lagging behind the software industry. Its more that they chose a commercial package over in-house stuff. It has nothing to do with open source really.

Re:Huh? (1)

AllUsernamesAreGone (688381) | more than 10 years ago | (#7313880)

It isn't a troll, but perhaps you're asking the wrong question.

Instead of asking why picking a commercial solution when no open one exist is remarkable, ask why it is remarkable that the NSA have selected a commercial solution instead of developing their own version of it.

Re:Huh? (5, Insightful)

randyest (589159) | more than 10 years ago | (#7314015)

Being the NSA doesn't guarantee you can develop the best technology in every security-related area. If another company or research institute happens to come up with a technology that's remarkably better than anything else like it and patent it first (such as the ECC mentioned in the article), the NSA should and does license it. That is, they buy the the rights to use the technology that someone else spent a lot of time and effort to develop (maybe even more than the NSA put forth in this field) .

It's not like the NSA is buying a binary encryption software package they can't decompile, or shipping the secrets up to Canada for encrypting. This isn't a security concern. The NSA bought the concept of ECC, and Certicom deserves to be paid fairly for it. The NSA can do anything they want with ECC now, including grant sub-licenses without approvasl from Certicom. The only restriction is to require a minimum level of ecryption field size (encryption strength), which isn't a problem for NSA:

This agreement will give the NSA a nonexclusive, worldwide license with the right to grant sublicenses of MQV-based ECC covered by many of Certicom's US patents and applications and corresponding foreign rights in a limited field of use. The field of use is restricted to implementations of ECC that are over GF(p), where p is a prime greater than 2256.

Re:Huh? (0)

Anonymous Coward | more than 10 years ago | (#7313889)

What makes you think there are weren't any other competitive bids, from OS or otherwise?

You think the Agency has something against OS software (never mind that little SELinux thing, sound familiar?)? That Openssl and Openssh aren't in use there? If you do, I'd love to see why you think so. I can tell you right now, you're wrong.

Re:Huh? (1)

VertigoAce (257771) | more than 10 years ago | (#7313917)

According to the summary, what's interesting about it is that they didn't use their own proprietary solution. I don't see any mention of an open source solution in the summary. From the article, the significance seems to be that anyone who creates something that is NSA-approved must go through Certicom.

"They were very interested in getting the best IP out there, and we own a lot of the patents in this area," said Tony Rosati, director of marketing at Certicom, based in Mississauga, Ontario. "If you want to build an NSA-approved product, they want this in there."

Great (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7313847)

I, for one, welcome our new elliptic overlords.

Re:Great (2, Funny)

kfg (145172) | more than 10 years ago | (#7314036)

"I, for one, welcome our new elliptic overlords."

Indeed, this will be a major improvement on the hyperbolic overlords we now have.

KFG

someone to take blame (1)

lanswitch (705539) | more than 10 years ago | (#7313854)

When there are problems, it's easy to sue a company and put the blame on them. It's almost impossible to sue the Open Source movement.

Re:someone to take blame (1)

Waffle Iron (339739) | more than 10 years ago | (#7313957)

When there are problems, it's easy to sue a company and put the blame on them.

That's right. Now if terrorists crack the launch codes and launch our missiles against our own cities, we'll be able to sue Certicom to recoup our losses.

Re:someone to take blame (1)

lanswitch (705539) | more than 10 years ago | (#7313993)

No, but the nsa can then say that they trusted a fine company, instead of trusting some "open source movement". when a government needs to ensure things, it also needs to cover its ass. and a company looks more trustworthy than something like an international group of loosely-associated programmers.

Blame Canada? (1)

Hoser McMoose (202552) | more than 10 years ago | (#7313983)

Hey, Certicom is a Canadian company, so maybe the song isn't out of place here?

FINALLY ... (0)

Tensor (102132) | more than 10 years ago | (#7313855)

The NSA is doing something smart. BUT wouldn't OSS be a better way to go ? and ... after finally deciding on using commercial software, isnt it ironic that the NSA is using Canadian software for this ? so not only commercial but foreign

Re:FINALLY ... (2, Interesting)

Egonis (155154) | more than 10 years ago | (#7313874)

I am from Mississauga, Ontario - where Certicom resides, and am feeling two emotions:

- I am happy to see a local business score a large contract in my hometown
- I am confused as to how the American Government ever approved a purchase of an external Intellectual Property

I'm sure alot of Americans will have disagreements on this one!

Re:FINALLY ... (3, Funny)

EvilSS (557649) | more than 10 years ago | (#7313899)

Yea, it's really bizarre. You would think there was some kind of draconian regulations on cryptography in the US that encourages companies that develop crypto to not reside here. hrm....

Re:FINALLY ... (0)

Anonymous Coward | more than 10 years ago | (#7313907)

Licencing a Canadain software product is hardly high risk. Do you think Canada has plans to take over the US or something?

Shhh! (0)

Anonymous Coward | more than 10 years ago | (#7313997)

Shhh, don't give it away! Those silly Americans still think that Tim Hortons is just a donut shop! We'll show them all when our Canadian army of Tim Hortons employees (aka secrete military commandos) storms the White House!

Re:FINALLY ... (1)

ratfynk (456467) | more than 10 years ago | (#7313909)

Since when is Canada a foreign country. The Monroe doctrine applies to the North as well? Or is this policy not still enforced with economic means? If Canada can do a better job supplying software then what's the difference. Just cause Redmond cannot be trusted to write good code doesn't mean it cannot be done!

Re:FINALLY ... (1)

SparafucileMan (544171) | more than 10 years ago | (#7314058)

Well, the Toronto Stock Exchange has a habit of hosting some of the more risky and illegeal companies of the world that are looking for funding--in fact if you're the government looking for, say, some mercenaries to hire, or a mercenary company looking to develop the mine you just nabbed, Toronto is the place to be. A great deal of backwater business flows through that exchange that has nothing to do with Canada.

Hexadecimal translation. (0)

Thinkit3 (671998) | more than 10 years ago | (#7313870)

That's 3C00h, for the RSA equivalent. It would be much more elegant to list numbers that are binary aligned in hexadecimal--decimal is ugly in these cases.

Canadian code? (0)

tessaiga (697968) | more than 10 years ago | (#7313873)

What's with the NSA tapping a Canadian company to do their classified encryptions? Most government research labs (Lincoln, Draper, Sandia ...) won't even consider hiring non-US employees for security purposes.

Re:Canadian code? (5, Funny)

Timesprout (579035) | more than 10 years ago | (#7313890)

Its pretty obvious. The strange pronunciation required for Canadian variables makes the code more difficult to comprehend and so creates an additional level of obfuscation and thus greater security.

Re:Canadian code? (0)

Anonymous Coward | more than 10 years ago | (#7313904)

Strange pronunciation eh?

Obligatory Joe comment (0)

Anonymous Coward | more than 10 years ago | (#7314016)

"It is pronounced 'zed'. Not 'zee', 'zed'!"

Canada (3, Informative)

nuggz (69912) | more than 10 years ago | (#7313903)

FWIW I'm Canadian.

Canada has many exceptions to US restrictions. This makes sense. It is cheaper to work together, and we do in many military and space applications.
Our interests are basically very similar, and both countries are generally trustworthy of each other.

The only conflict are on specific policy issues.
It also matters which government is in power in each country.

There have been quite a few times where state and provincial officials have banded together to fight both federal governments.

Plus if it works well, why shouldn't they use it?

Re:Canadian code? (0)

Anonymous Coward | more than 10 years ago | (#7313947)

Well, the U.S. Government also uses Entrust products (they are a Canadian security company, with close relations to Nortel). It is not a big deal. You can get source for these commercial products and verify that they do what they say they do, with no back doors. It is not like you are blindly trusting them.

Also I didn't see any indication that NSA is using this for all their encryption needs. It isn't likely that they are. They certainly have their own ciphers (remember "Skipjack"?).

Eeek! (-1, Troll)

dolo666 (195584) | more than 10 years ago | (#7313876)

Now Microsoft (Billygoat Gates on his mountain of cash) can know all our secrets AND all the secrets of the government, the CIA... not to mention the colony on Alpha Centauri. (ducks)

If true it sends a signal. No quantum computer now (2, Interesting)

j_dot_bomb (560211) | more than 10 years ago | (#7313879)

If true it sends a signal. They currently dont have a quantum computer (and therefore expect no one else does or will in a reasonable amount of time). However I do remember seeing a standard created to do a form of digital signatures only with conventional encryption (which is not in general "breakable" by quantum computers like "hard problem" public key cryptography).

Re:If true it sends a signal. No quantum computer (0)

Anonymous Coward | more than 10 years ago | (#7313924)

However, maybe that's what they want people to think.

They have a huge budget, spending a couple million or perhaps 10s of millions for the purpose of making people believe they don't have quantum compute abilities is a good investment on their part. It just makes everyone complacent, they think the NSA is behind....

This is very speculative and conspiracy minded, but I think it's worth consideration...

-jazzfunk (not logged it)

Re:If true it sends a signal. No quantum computer (3, Insightful)

dAzED1 (33635) | more than 10 years ago | (#7313984)

How on EARTH did you come to that conclusion? Are you saying that if they had a quantum computer they should just throw their hands up in the air for anything else, and not get it as tight as possible? Or that if they have a single quantum computer, that they would necessarily have hundreds of thousands (if you can make one, then you can make millions?), and therefore would be able to distribute classified documents/transmitions with ease? It would be pointless if the same capability didn't exist on both ends, you know.

No, all this means is that they want something with better encryption. Even if they had a dozen fully functional "quantum computers" that were able to do spectacular computations in an instant (ah, that lovely superposition...) that wouldn't mean that they should just suddenly give up and use weak encryption. Better that only a few people in the world could break it with ease, than that anyone with $100k could build a sufficient cluster to do it quickly...

Re:If true it sends a signal. No quantum computer (0)

Anonymous Coward | more than 10 years ago | (#7314006)

You don't have the slightest fucking idea what you're talking about. Quantum computers have absolutely nothing to do with public key cryptography anyway, and there's no correlation at all between ECC and whether the NSA has one.

Re:If true it sends a signal. No quantum computer (1)

adrianbaugh (696007) | more than 10 years ago | (#7314042)

Don't be so naive. They might be procuring this software just to make people (us, other governments) /think/ they don't have a quantum computer. People happily go on using our 2048-bit GPG keys assuming no QC exists, the NSA happily break all the crypto.

Just 'cause you're not paranoid don't mean they're not out to get you!

Why does slashcode reparent everything? (0)

Anonymous Coward | more than 10 years ago | (#7314049)

Okay, I am sure this post is as interesting as its mod suggests. But what the fuck did the author mean? Impossible to tell.

I bet if I could get to its parent it would become clear. But WTF? Clicking parent gets me nowhere.

Fuck perl, it may be turing complete, but in practice it's clear no one can write a program with good usability in that shit.

Where's the money (1, Troll)

DNS-and-BIND (461968) | more than 10 years ago | (#7313886)

Gosh, I bet this had nothing to do with the fact that NSA insiders held a lot of Certicom stock.

Nah, that kind of thing never happens. It's tinfoil-hat thinking. It's as unlikely as the President sexually abusing one of his interns.

Re:Where's the money (0)

Anonymous Coward | more than 10 years ago | (#7313954)

Uh... FUD?

Re:Where's the money (0)

Anonymous Coward | more than 10 years ago | (#7314005)

Gosh, actually, I bet that it has to do with the fact that Certicom had the most secure design and implementation of an ECC cryptography algorithm. (It mentions in the article that Certicom had worked on classified NSA projects before, so I'm sure the folks at NSA knew what they were getting.)

In fact, officers on government contracts are quite explicitly prohibited from dealing with companies in which they are invested, and our management has made that abundantly clear. It's okay to have friends at the company, but if you have any investments in it, you'd better get yourself transferred to another contract.

Size of key (3, Insightful)

ptaff (165113) | more than 10 years ago | (#7313901)

...the agency wanted to use a 512-bit key for the ECC system. This is the equivalent of an RSA key of 15,360 bits.


Brute-force decoding of these schemes is not recommended for the faint of heart, but I wonder: how can they tell that a 2 ^ 512 possibility range is as secure as a 2 ^ 15360 probabilities scheme?

If I can reduce a RSA 1024 bits to a new method using only 4 bits, how can my way be as secure?

Re:Size of key (4, Informative)

espo812 (261758) | more than 10 years ago | (#7313956)

I wonder: how can they tell that a 2 ^ 512 possibility range is as secure as a 2 ^ 15360 probabilities scheme?
Because breaking RSA does not involve brute forcing the bits, it involves factoring huge ass numbers into primes. Look up the differences between symmetric and asymmetric (or private and public) key cryptosystems.

Re:Size of key (1)

inburito (89603) | more than 10 years ago | (#7314037)

But they are both public key cryptosystems!

And yes, they both pretty much involve brute forcing the bits to try to crack the message. It just happens that ecc problem is lot harder than large number factorization (computationally and conceptually too). If you know how to factor huge ass numbers without brute forcing let the nobel committee know as you may be eligible for next year.

Re:Size of key (2, Informative)

inburito (89603) | more than 10 years ago | (#7313965)

Maybe because discrete logarithm problems in ordinary number groups are much easier to solve than in elliptic number groups.

As a matter of fact, discrete log problem for ordinary numbers has been improving steadily whereas Elliptic curve group discrete log techniques have not seen significant improvement in the past 20 years. This difference accounts for today's reduced key-size requirements for elliptic curves.

Re:Size of key (2, Informative)

LT Grant (371) | more than 10 years ago | (#7313987)

If you look back at Dr Chris Monico's work at cracking ECC-109 [nd.edu] you can get some more background on the equivalences and how they match up and how the two are compared and how they are very different. 109 took a lot of computational time (biggest ever so far I believe), and this is vastly bigger, as if I remember correctly ECC encryption doesn't grow linearly, but exponentially. The code used to crack ECC-109 has been somewhat improved in ECC2-109 [ecc2.com] based mainly on things Dr Monico saw in 109 and based on some research he and I did regarding a paper by Teske of Waterloo.
Hope that is informative.

Re:Size of key (1)

MrChips (29877) | more than 10 years ago | (#7314032)

If I can reduce a RSA 1024 bits to a new method using only 4 bits, how can my way be as secure?
Obviously a 4 bit keyspace does not offer any real security. If you can reduce 1024-bit RSA to 4 bits, you've broken RSA.

Re:Size of key (0)

Anonymous Coward | more than 10 years ago | (#7314050)

how can they tell that a 2 ^ 512 possibility range is as secure as a 2 ^ 15360 probabilities scheme?

They use math. Bruteforcing an RSA key 15360 bits long takes about the same amount of work as an ECC key 512 bits long.

If I can reduce a RSA 1024 bits to a new method using only 4 bits, how can my way be as secure?

Security of these algorithms (assuming they aren't fundamentally broken) is measured in time. The two measures of an algorithm are a) how long it takes to check one possible key, and b) how many possible keys there are. If your new algorithm has equivalent security to ECC-523 and RSA-15360, then that means each operation takes an extraordinarily long time--too long to be feasible for use.

Re:Size of key (0)

Anonymous Coward | more than 10 years ago | (#7314089)

It would help you to understand if you were better at math then you are now.

This isn't an issue of "open" vs "closed" (3, Interesting)

NotQuiteSonic (23451) | more than 10 years ago | (#7313906)

The algorithm they used is patented and very much open for criticism. It would need to be fore NSA to choose it. Think of it like RSA where the algorithm was patented as well (many open source applications use RSA now, since the license has expired).

Dr. Scott A. Vanstone [certicom.com] is a professor at University of Waterloo, so it is kind of neat to see one of my profs in the news (I knew about the company, but they haven't had much going for them for a while). He teaches Coding Theory (CO 331 [uwaterloo.ca] ) and is the Executive Director of Centre for Applied Cryptographic Research [uwaterloo.ca]

Waterloo reclaiming past glory (0)

Anonymous Coward | more than 10 years ago | (#7314080)

Nice to see Waterloo for once not milking its geek reputation from the 80s and doing something novel. Their football team is still a joke though. Not a good place to get laid either.

Damn! (3, Funny)

MMC Monster (602931) | more than 10 years ago | (#7313910)

I guess rot-13 just isn't good enough anymore. (Am I the only one to think "Wow, how the mighty have fallen!" when I read this?)

Re:Damn! (1)

R0 (40549) | more than 10 years ago | (#7314083)

ebg13'f tbbq rabhtu sbe zr :)

Attention to the knee-jerkers! (3, Insightful)

Anonymous Coward | more than 10 years ago | (#7313914)

In case you didn't catch the hint in the article, this is significant because NSA chose an EXTERNALLY developed encryption solution over an INTERNALLY developed solution. This has NOTHING TO DO WITH OPEN SOURCE SOFTWARE. Please save your comments like "what about SSH/GPG/SSL?" for some other discussion.

Thanks.

This isn't software, it's patents. (4, Informative)

Garin (26873) | more than 10 years ago | (#7313919)

As far as I understand the deal, this has nothing to do with licensing software. They couldn't have gone with an OSS version (or "roll their own") as so many suggest because they're not licensing just software, they're licensing patents.

You'll note that they've also got sublicensing rights on those patents. There could be a software component to this deal, but as far I can tell it appears that this is mainly about patents.

Re:This isn't software, it's patents. (1)

MisanthropicProggram (597526) | more than 10 years ago | (#7314048)

In a way, it's kind of comforting that the NSA is actually buying the rights and not just taking the technology. They could just take/use the technology and who would be the wiser?
Assuming of course that this isn't some PR scheme to mislead the pulbic. Which reminds me, I need to go and buy more aluminum foil to make more hats.

Re:This isn't software, it's patents. (1)

Garin (26873) | more than 10 years ago | (#7314075)

Well, the nice thing about it is that they've paid for the rights to the patent, including sublicensing. The NSA could whip up their own implementation of it and distribute that software as some kind of standard. Who knows?

For all we know, the sublicensing agreement for the use of the specific parts of the patents may be absolutely up to the NSA (they seem to suggest as much from the Certicom press releases..? Anyone know more?)

If that is the case, the NSA might very well release an open source version that the world can use and modify to their heart's content. They're not stupid, and they know that the world will not use a closed-source implementation of an algorithm.

FP (-1)

marcomuskus (628509) | more than 10 years ago | (#7313923)

FP

georgewellian fuddite corepirate nazis have a lot (0)

Anonymous Coward | more than 10 years ago | (#7313936)

to hide.

unfortunately for the felonious execrable, there's no longer anywhere to hide the details of their greed/fear/ego based misdeeds.

you can continue to pretend, but it doesn't help.

nothing against encryption. you'll need it to avoid the unending 'inspection' of yOUR inf. buy the corepirate nazi storm troopers, & their felonious cronIEs upon capitollist hill.

I can't think of a subject (0)

Anonymous Coward | more than 10 years ago | (#7313974)

(Greets to DSD) Commercial encryption will be used only on circuits of zero to very limited intelligence value; short duration. Those big old gray boxes will not be replaced in my lifetime.

For the conspiration. (0)

futant138 (561675) | more than 10 years ago | (#7313978)

NSA had to do this to ensure they could decrypt all the intelligence that the Canadians gather and sell back to our government. Long live Echelon!

Don't poopoo about it, sling poopoo at it.

Amazing how narrow minded readers can be.. (1)

KD7JZ (161218) | more than 10 years ago | (#7314024)

NSA supports such a broad variety of applications for encryption that there isn't even anything remarkable about this annoucement. They have to have encryption that can deal with data streams from 2.4kb to multi-hundreds of megabits. They have to have solutions that will only be used by US government, solutions that will be shared with a variety of allies, solutions that they know will
be compromised as soon as they are fielded.

It's really no big deal.

This is for the more discerning crypto customer (5, Insightful)

vt0asta (16536) | more than 10 years ago | (#7314029)

"If you want to build an NSA-approved product, they want this in there."
All that means, is like DES back in the day, if you want to have something NSA approved you pick this. I can guarantee you that the government when it's working on it's black budget work in general and historically has no regard for paying licenses for patents, and routinely mines the patent office for anything they may need. NSA has government customers that want protection, and instead of giving them the super secret good stuff, they find something off the shelf and give them this. This Certicom Corp. ECC is the new algorithm to study, because if it's NSA endorsed it's "probably" years ahead of the public domain state of the art, and is "probably" resistant to some pretty sophisticated crypto analysis techniques.

Oh my God! (1)

Ars-Fartsica (166957) | more than 10 years ago | (#7314060)

Next thing you know the government will contract out the manufacture of nuclear missiles!

There is a method to the madness... for sure!!! (1)

3seas (184403) | more than 10 years ago | (#7314064)

We all know that the way to make documents secure does not including making them accessable via the internet or intranet or any net, regardless of encryption or key size.

For it only takes the breaking of one key document at the right time and misuse of the information found, for the NSA to then need to have someone to blame while the damages of the results would still exist.

Encryption, regardless of how big the key is, still has the possibility of someone hitting it, like the lottery.

Not to mention I read somewhere recently how an enycription string length, the longer it gets the more likely it is to be written down somewhere or placed under a less secure but easier to remember key or password.

the best insurance against getting burnt by fire, is to not play with it [osearth.com] and even do the things that reduce the reasons anyone else would be.

Re:There is a method to the madness... for sure!!! (1)

thdexter (239625) | more than 10 years ago | (#7314081)

Pretty dumb arguments.

1. Making documents available via networks is no good, sure, but sometimes necessary.

2. "Encryption, regardless of how big the key is, still has the possibility of someone hitting it, like the lottery." Have you heard of somebody chancing to break an RSA-encrypted document? Have you heard of somebody brute-forcing breaking an RSA-encrypted document?

3. "Not to mention I read somewhere recently how an enycription string length, the longer it gets the more likely it is to be written down somewhere or placed under a less secure but easier to remember key or password." Are you sure you read that somewhere? Are you sure that it wasn't that you read it nowhere? It would be hard for somebody to write down this string on their arm, or anywhere: it's pretty long. The NSA is pretty unlikely to use insecure passphrases, I would think.

IHBT, IHL, HAND

Buy Canadian (3, Insightful)

solprovider (628033) | more than 10 years ago | (#7314097)

Did anybody notice that the United States National Security Agency is buying encryption software from a Canadian company? Is this the same United States that refused to allow products using good encryption to be exported because they were considered military weapons?

I am not flaming Canada; I work with several Canadians and they are all nice and knowledgable people. I just noticed the inconsistencies in our policies.

Disclaimer: I am a citizen of the USA, and I hope that this trend continues. I would really like all our government agencies to use the best global software, not just our homegrown insecure proprietary systems.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?