I wish there was some way to incentivise us all to read mroe deeply into these topics. I don’t like to be involved in a discussion where I feel so out of my element but I’d love to see a lively discussion and participate where possible. This makes posting any nuanced topic difficult, I think.
Why do you feel out of your element? With the exception of a couple of math-heavy paragraphs, this paper seems relatively approachable from a high level.
This is a non-sequitor, but I read NASA for NSA and I interpreted ECC as Error Correcting Codes. Hence, I had an entirely different expectation for the subject matter.
the NSA wouldn’t deliberately choose weak elliptic curves given that they planned to use them for encrypting Secret and Top Secret data for the next 20 years
Seems like a poor argument. Isn’t it possible to support weak curves publicly while using strong ones privately?
What do you mean by using strong ones privately? The president wants to send an email to a general in Iraq. The purpose of suite b is (allegedly) to allow that communication to happen securely with off the shelf systems so that the government isn’t stuck paying for one off crypto systems only they use.
One point that is often omitted in discussions about quantum-resistant crypto is the fact that QC breaks vulnerable crypto algorithms retroactively, as long as the encrypted data has been stored up to the time of QC’s arrival.
Also we know that the NSA stores encrypted communication indefinitely for later analysis (see section 3.d.1).
Related: http://blog.cryptographyengineering.com/2015/10/a-riddle-wrapped-in-curve.html
Was also on here last week, though it didn’t get much discussion.
I wish there was some way to incentivise us all to read mroe deeply into these topics. I don’t like to be involved in a discussion where I feel so out of my element but I’d love to see a lively discussion and participate where possible. This makes posting any nuanced topic difficult, I think.
Why do you feel out of your element? With the exception of a couple of math-heavy paragraphs, this paper seems relatively approachable from a high level.
This is a non-sequitor, but I read NASA for NSA and I interpreted ECC as Error Correcting Codes. Hence, I had an entirely different expectation for the subject matter.
Seems like a poor argument. Isn’t it possible to support weak curves publicly while using strong ones privately?
What do you mean by using strong ones privately? The president wants to send an email to a general in Iraq. The purpose of suite b is (allegedly) to allow that communication to happen securely with off the shelf systems so that the government isn’t stuck paying for one off crypto systems only they use.
One point that is often omitted in discussions about quantum-resistant crypto is the fact that QC breaks vulnerable crypto algorithms retroactively, as long as the encrypted data has been stored up to the time of QC’s arrival.
Also we know that the NSA stores encrypted communication indefinitely for later analysis (see section 3.d.1).