Highest Rated Comments


klpwired1076 karma

What are the names of the two encryption chips redacted here?

http://imgur.com/uZ7PcsC

klpwired140 karma

It's awesome that you returned to address this. Thanks!

As far as the substance, the same Guardian/NYT/PP report identified Dual_EC_DRBG as apparently compromised, which seems to undermine the notion that you all felt that "publishing one or two would do not do any real good."

And NIST, as you know, has now reopened Dual_EC_DRBG as a direct result of the report. RSA has disavowed the standard, after having made it a default in its commercial crypto library. And the cryptographic community is dramatically reevaluating its relationship with NIST.

So all the available evidence shows that identifying some compromised crypto is good, even if you can't identify all of it. If there are two hackable chips used in VPN and Web encryption devices, everyone relying on those devices is vulnerable when they don't have to be.