|
Title: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: tyler durden on September 07, 2013, 10:06:19 PM in 2007 two researches from Microsoft discovered the NSA has put a PRNG with a backdoor in it in an NIST standard called Special Publication 800-90.
just having the first 32 bytes of the PRNG sequence would give whoever has the keys to the backdoor the entire random stream, which is used to derive encryption keys. every TLS handshake begins with the client sending in plaintext 32 bytes of random data so if the NSA sniffs that data, they can get the encryption keys for that session. according to the Snowden leaks around 2010 the NSA has gained new "Cryptanalytic capabilities" “For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.” http://www.forbes.com/sites/dougschoen/2013/09/07/the-threat-at-home-the-nsa-and-the-golden-age-of-spying/ in 2011 production of intel's Ivy Bridge architecture begun. it includes a new feature, a hardware random number generator which conforms to the NIST SP800-90 standard. the same standard the NSA has managed to put their backdoor in. https://en.wikipedia.org/wiki/RdRand the code name for this random number generator is Bull-Mountain, the code name for the NSA's cipher breaking capabilities according to the Snowden leaks is Bull-Run. it seems obvious to me Intel is in bed with the NSA, and any encryption library which uses intel's hardware random number generator is worthless. Title: Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: tyler durden on September 07, 2013, 10:07:54 PM i would appreciate if this was moved to the Development & Technical Discussion forum
Title: Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: b!z on September 08, 2013, 06:59:45 AM Is there any proof yet that there is a back door? or is it just speculation?
Title: Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: b!z on September 08, 2013, 07:09:49 AM the NIST 800 series document are Guidance documents for federal computer systems. A federal agency may adopt this as a standard if they choose to comply with the security requirements under FISMA. The document in question is not secret and can be found at http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf There is whole series of these documents at http://csrc.nist.gov/publications/PubsSPs.html These guidance documents do not compel private companies to do anything. i think he is saying that intel + nsa are working together to add encryption backdoors. Title: Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: phillipsjk on September 08, 2013, 07:12:58 AM The document in question specified 4 algorithms; only one (https://www.schneier.com/essay-198.html) is back-doored.
OP seems to be using the code-name coincidence to claim that Intel deliberately chose the slower, back-doored one. I stopped trusting Intel after "Intel Insider" was introduced with the Sandy Bridge (appears to be DTCP with the latency restriction of the first hop relaxed). Edit: wait: DTCP uses AES. Can we decrypt "premium content" if the OP's claims are true? Title: Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: coolbeans94 on September 08, 2013, 08:05:13 AM Bitcoin unaffected. Correct?
Title: Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: phillipsjk on September 08, 2013, 09:21:01 AM Bitcoin unaffected. Correct? Android had weak enough number generation to break Bitcoin security. In this case, only NSA with the secret keys would be able to get your key. That assumes the Intel hardware number generator is used; which would likely be OS dependent. First step is to ask Intel what random number generator they actually use. Edit: OP's wikipedia link says "The generator uses an on-processor entropy source, which passes the randomly generated bits to an AES (in CBC-MAC mode) conditioner to distill the entropy into non-deterministic random numbers." -- which does not sound like the back-doored random number generator. However, Theodore Ts'o is quoted in that same article pointing out that all Intel has to do to add a back-door is encrypt the random numbers with a key known to the NSA. You could defeat this by re-encrypting the output of the random number generator with your own encryption key (derived from an independent source). Edit2: the above back door would only work if the true entropy source before scrambling is predictable enough. Title: Re: The NSA can decrypt any encryption created with intel's Ivy Bridge or newer Post by: b!z on September 08, 2013, 09:32:16 AM Bitcoin unaffected. Correct? Android had weak enough number generation to break Bitcoin security. In this case, only NSA with the secret keys would be able to get your key. That assumes the Intel hardware number generator is used; which would likely be OS dependent. First step is to ask Intel what random number generator they actually use. Why would they tell the truth? :-) |