joecascio (OP)
Full Member
 Offline
Activity: 137
Merit: 100
Semi-retired software developer, tech consultant
|
 |
June 07, 2013, 06:14:12 PM |
|
This article, over a year old, presaged the recent revelations about NSA and its total war on privacy. The article mentions a "breakthrough" in code-breaking. http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.” Just wondering if anyone in the cryptographic community knows anything about this. Did they really discover something new or is this just journalistic hype? |
Joe Cascio
Python/Django & Android developer
Twitter: @joecascio
|
|
|
jaywaka2713
Sr. Member
Offline
Activity: 266
Merit: 250
aka 7Strykes
|
|
June 07, 2013, 06:23:40 PM |
|
Yep they have discovered that if they store encrypted comms for a few decades then maybe eventually they might be able to decrypt some of those. If you read carefully you will see that the DC described there is more about storage than brute force.
I thought I read something about a breakthrough they had where they could emulate the entire range of SHA256 hashes. That was a really long time ago though. I probably misunderstood it though, as it was years ago. |
|
|
|
|
Trongersoll
|
|
June 07, 2013, 06:27:31 PM |
|
the NSA released SHA256 according to wikipedia. The NSA never endorses anything that they can't themselves decrypt, ever.
|
|
|
|
|
joecascio (OP)
Full Member
Offline
Activity: 137
Merit: 100
Semi-retired software developer, tech consultant
|
|
June 07, 2013, 06:28:09 PM |
|
Yep they have discovered that if they store encrypted comms for a few decades then maybe eventually they might be able to decrypt some of those. If you read carefully you will see that the DC described there is more about storage than brute force.
Yes, I did read those bits. Basically, they might be able to decrypt data that's so old it uses smaller key sizes. But given what's been accomplished with bitcoin mining ASICs and 60 Ghash/sec performance, they just might hit the crypto-lottery every now and then. Too bad the combined hashing power of the bitcoin network makes their puny peta-flop machines look weak. |
Joe Cascio
Python/Django & Android developer
Twitter: @joecascio
|
|
|
jaywaka2713
Sr. Member
Offline
Activity: 266
Merit: 250
aka 7Strykes
|
|
June 07, 2013, 06:31:44 PM |
|
the NSA released SHA256 according to wikipedia. The NSA never endorses anything that they can't themselves decrypt, ever.
Think of the staff size of the NSA. Then think of the amount of people that have been working on SHA256 and TRYING to break it. Nobody has. Nobody has found a single leak, a single hole. Not even a hint. There isn't a way for them to decrypt it. Based off the way SHA256 works, you theoretically just cant. |
|
|
|
|
|
jaywaka2713
Sr. Member
Offline
Activity: 266
Merit: 250
aka 7Strykes
|
|
June 07, 2013, 06:34:54 PM |
|
Ugh, the NSA is a rouge organization with attacks solely directed via boredom and pointless funding.
|
|
|
|
joecascio (OP)
Full Member
Offline
Activity: 137
Merit: 100
Semi-retired software developer, tech consultant
|
|
June 07, 2013, 06:35:30 PM |
|
the NSA released SHA256 according to wikipedia. The NSA never endorses anything that they can't themselves decrypt, ever.
That's certainly a reasonable suspicion, but there are a lot of very smart crypto-mathematicians outside the NSA, too. Also it's a public algorithm. There aren't any secret places to hide code. They don't have a monopoly on brainpower. I think if there was a vulnerability, it would have been discovered by now. But, maybe not. They're certainly not going to tell us, right?  |
Joe Cascio
Python/Django & Android developer
Twitter: @joecascio
|
|
|
Matthew N. Wright
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
June 07, 2013, 06:35:59 PM |
|
Ugh, the NSA is a rouge organization with attacks solely directed via boredom and pointless funding.
and don't forget communism/socialism fear mongering. |
|
|
|
|
Trongersoll
|
|
June 07, 2013, 06:38:20 PM |
|
the NSA released SHA256 according to wikipedia. The NSA never endorses anything that they can't themselves decrypt, ever.
Think of the staff size of the NSA. Then think of the amount of people that have been working on SHA256 and TRYING to break it. Nobody has. Nobody has found a single leak, a single hole. Not even a hint. There isn't a way for them to decrypt it. Based off the way SHA256 works, you theoretically just cant. IIf this were true, they would have just classified it and ATF would be knocking on the door of anyone using anything like it. |
|
|
|
|
joecascio (OP)
Full Member
Offline
Activity: 137
Merit: 100
Semi-retired software developer, tech consultant
|
|
June 07, 2013, 06:39:37 PM |
|
They wouldn't do that because it would tip their hand. One of the prime directives of a code-breaking organization is not to reveal your capabilities until it's really necessary and then ideally use the information in such a way that it does not reveal that you can do it. |
Joe Cascio
Python/Django & Android developer
Twitter: @joecascio
|
|
|
|
prezbo
|
|
June 07, 2013, 06:39:50 PM |
|
If all you need is a private key to import to a bitcoin wallet, why would the NSA bother "mining" bitcoins when they could just open up all the wallets in existence and send the contents to themselves or a black hole?
Because the private key keyspace is so humongously large nobody/nothing can just cycle through it. |
|
|
|
|
|
Trongersoll
|
|
June 07, 2013, 06:40:07 PM |
|
Rogue, rouge implies they wear makeup.  |
|
|
|
|
jaywaka2713
Sr. Member
Offline
Activity: 266
Merit: 250
aka 7Strykes
|
|
June 07, 2013, 06:41:35 PM |
|
They wouldn't do that because it would tip their hand. One of the prime directives of a code-breaking organization is not to reveal your capabilities until it's really necessary and then ideally use the information in such a way that it does not reveal that you can do it. Basically, if they wanted to stay on the down low, they could 51% attack the network for a short amount of time. Just short enough to reverse transactions they know they don't want to go through, then back off. |
|
|
|
leopard2
Legendary
Offline
Activity: 1372
Merit: 1014
|
|
June 07, 2013, 06:42:32 PM |
|
They don't have a monopoly on brainpower. I think if there was a vulnerability, it would have been discovered by now. But, maybe not. They're certainly not going to tell us, right? In fact I am surprised intelligent people work for them, because they must understand how revolting and broken that organization and its activity is. Well, there are always some souls that are disturbed beyond repair. |
Truth is the new hatespeech.
|
|
|
|
prezbo
|
|
June 07, 2013, 06:43:51 PM |
|
They wouldn't do that because it would tip their hand. One of the prime directives of a code-breaking organization is not to reveal your capabilities until it's really necessary and then ideally use the information in such a way that it does not reveal that you can do it. Basically, if they wanted to stay on the down low, they could 51% attack the network for a short amount of time. Just short enough to reverse transactions they know they don't want to go through, then back off. This wouldn't really do anything. The transactions would just be re-broadcasted, problem solved. You cannot "reverse" a transaction, you can only delay it by "removing" the block that contained it. |
|
|
|
|
joecascio (OP)
Full Member
Offline
Activity: 137
Merit: 100
Semi-retired software developer, tech consultant
|
|
June 07, 2013, 06:44:09 PM |
|
They wouldn't do that because it would tip their hand. One of the prime directives of a code-breaking organization is not to reveal your capabilities until it's really necessary and then ideally use the information in such a way that it does not reveal that you can do it. Basically, if they wanted to stay on the down low, they could 51% attack the network for a short amount of time. Just short enough to reverse transactions they know they don't want to go through, then back off. But you can't "quietly" launch a 51% attack. It would be patently obvious someone was attacking the network. |
Joe Cascio
Python/Django & Android developer
Twitter: @joecascio
|
|
|
jaywaka2713
Sr. Member
Offline
Activity: 266
Merit: 250
aka 7Strykes
|
|
June 07, 2013, 06:44:50 PM |
|
They don't have a monopoly on brainpower. I think if there was a vulnerability, it would have been discovered by now. But, maybe not. They're certainly not going to tell us, right? In fact I am surprised intelligent people work for them, because they must understand how revolting and broken that organization and its activity is. Well, there are always some souls that are disturbed beyond repair. If that hack group Anonymous wanted to do anything right, they'd hack into this data center for spying on us and destroy it's software somehow. This wouldn't really do anything. The transactions would just be re-broadcasted, problem solved. You cannot "reverse" a transaction, you can only delay it by "removing" the block that contained it.
Couldn't we detect that happened though? |
|
|
|
CoinGuard
Newbie
Offline
Activity: 29
Merit: 0
|
|
June 07, 2013, 06:55:08 PM |
|
The NSA is deplorable, and despite this level of intrusion many will do nothing about it. It's interesting this was released on a Friday in the US as many are not reading this sort of information. By Monday I wouldn't be surprised if this all blows over. Once again the US government has swept a major issue under the rug.
|
|
|
|
|
|
Stampbit
|
|
June 07, 2013, 08:11:52 PM |
|
Come now, settle down everyone, no one is going to find your stash.
|
|
|
|
|
|
