Pages:
Author

Topic: Cryptographic "breakthrough" by NSA? (Read 7842 times)

hero member
Activity: 804
Merit: 1002
June 08, 2013, 04:16:56 PM
#31
there is no freedom in the country of freedom
hero member
Activity: 651
Merit: 501
My PGP Key: 92C7689C
June 08, 2013, 03:52:59 PM
#30
the NSA released SHA256 according to wikipedia. The NSA never endorses anything that they can't themselves decrypt, ever.

SHA-256 is a hashing algorithm, not an encryption algorithm.  The most you can do to compromise a hash is to find a way to create a hash collision, as happened with MD5 a while back.  While it's possible the NSA withheld such a method from release, that they released the algorithm as open source makes backdoors less feasible.
legendary
Activity: 1512
Merit: 1049
Death to enemies!
June 08, 2013, 12:10:46 AM
#29
Quote
Cryptographic "breakthrough" by NSA?
Yes, they finally broke the CD-ROM tray of cryptographic computer using brute force attack.

Realistically they could with such datacenter:

1. Collect unencrypted communications from every source available and then run trough "intellignet" search to find communications that require closer attention by human spy piece of shit.

2. Have copy of certificate authority private keys to silently do MITM attacks with their own certificates. This might be that "breakthrough" article is about. Then feed the "encrypted and then decrypted" communications in step 1.

3. Collect and store everything about everyone to later blackmail persons of interest or to know who to send to death camp first. Stalin did that to his closest comrades, why capitalist pigs cannot do the same?
hero member
Activity: 784
Merit: 1000
June 07, 2013, 09:46:16 PM
#28
Quote
Seriously, get a clue, there is no such thing as "breaking" SHA256, other than quick collison finding, which will only affect address hashing(can be updated to something theoretically unbreakable), and most certainly it doesn't affect mining at all.(to quote Gavin, we would have been just fine using MD5).

But what about my rainbow tables.......



That's the whole point, it has nothing to do with all the easy collision-finding algorithms you can come up with.
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
June 07, 2013, 09:36:03 PM
#27
Quote
Seriously, get a clue, there is no such thing as "breaking" SHA256, other than quick collison finding, which will only affect address hashing(can be updated to something theoretically unbreakable), and most certainly it doesn't affect mining at all.(to quote Gavin, we would have been just fine using MD5).

But what about my rainbow tables.......

hero member
Activity: 784
Merit: 1000
June 07, 2013, 09:25:42 PM
#26
Seriously, get a clue, there is no such thing as "breaking" SHA256, other than quick collison finding, which will only affect address hashing(can be updated to something theoretically unbreakable), and most certainly it doesn't affect mining at all.(to quote Gavin, we would have been just fine using MD5).
legendary
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
June 07, 2013, 07:15:43 PM
#25
The NSA never endorses anything that they can't themselves decrypt, ever.
That is true for algorithms they can put backdoors in (where it's obvious to everyone that it's possible the NSA could have done so because the constants are "magic"). But it is not true for public algorithms (like SHA256, RSA, and so on) where the constants have known derivations. If the NSA can break it, they know that other intelligence agencies can too, and they can't get the public to change algorithms often. US companies have the most valuable intelligence. Such a strategy would be most unwise.

Update: And what oakpacific said below me.
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
June 07, 2013, 07:10:50 PM
#24
Jace is correct in his assumption and statement. The NSA uses SHA256 hashes in its suite B protocols http://www.nsa.gov/ia/programs/suiteb_cryptography/ that are used for secure communications for other government agencies. It would be a terrible idea for any government agency to transmit information from a protocol that is known to be broken.

I am not aware of a good hash collision attack for SHA256 nor any work that introduces a significant flaw in the scheme.
sr. member
Activity: 288
Merit: 251
June 07, 2013, 07:04:39 PM
#23
the NSA released SHA256 according to wikipedia. The NSA never endorses anything that they can't themselves decrypt, ever.
NSA is unable to decrypt SHA256, because there is nothing to decrypt. Simply is no such thing. SHA256 has nothing to do with encryption whatsoever.

You seem to confuse encryption and decryption with hashing (which is just a checksum that works one-way by definition).



I thought I read something about a breakthrough they had where they could emulate the entire range of SHA256 hashes. That was a really long time ago though. I probably misunderstood it though, as it was years ago.
I doubt that very much. You know there are 2256 such hashes? See here:
(click=large)
 
So if "emulate" means even as much as just counting them, then no.
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
June 07, 2013, 06:43:39 PM
#22
Quote
How about clipper then? Actually with DES the story is quite telling and pretty much in line with "store for now, crack later" point.

When IBM and NSA negotiated about "backdoor" into DES IBM wanted 64 bit key, NSA wanted 48 bit, in the end they agreed on 56 bit. Reportedly NSA could not break it just yet but fully expected to be able to do so a few years down the road. This is the modus operandi.

That was my point, thank you Vlad.
legendary
Activity: 1134
Merit: 1008
CEO of IOHK
June 07, 2013, 06:29:18 PM
#21
And no one remembered to mention DES? Shame on you for your limited historical scope.
full member
Activity: 182
Merit: 100
June 07, 2013, 03:11:52 PM
#20
Come now, settle down everyone, no one is going to find your stash.
newbie
Activity: 29
Merit: 0
June 07, 2013, 01:55:08 PM
#19
The NSA is deplorable, and despite this level of intrusion many will do nothing about it. It's interesting this was released on a Friday in the US as many are not reading this sort of information. By Monday I wouldn't be surprised if this all blows over. Once again the US government has swept a major issue under the rug.

sr. member
Activity: 266
Merit: 250
aka 7Strykes
June 07, 2013, 01:44:50 PM
#18
They don't have a monopoly on brainpower. I think if there was a vulnerability, it would have been discovered by now. But, maybe not. They're certainly not going to tell us, right? Smiley

In fact I am surprised intelligent people work for them, because they must understand how revolting and broken that organization and its activity is. Well, there are always some souls that are disturbed beyond repair.

If that hack group Anonymous wanted to do anything right, they'd hack into this data center for spying on us and destroy it's software somehow.

This wouldn't really do anything. The transactions would just be re-broadcasted, problem solved. You cannot "reverse" a transaction, you can only delay it by "removing" the block that contained it.

Couldn't we detect that happened though?
full member
Activity: 137
Merit: 100
Semi-retired software developer, tech consultant
June 07, 2013, 01:44:09 PM
#17
http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/

Just because they might not have the ability now, doesn't mean they're not planning to have it soon. http://www.dslreports.com/forum/r27012462-Wired-article-explains-NSA-decrypting-plans-new-facility

If all you need is a private key to import to a bitcoin wallet, why would the NSA bother "mining" bitcoins when they could just open up all the wallets in existence and send the contents to themselves or a black hole?

They wouldn't do that because it would tip their hand. One of the prime directives of a code-breaking organization is not to reveal your capabilities until it's really necessary and then ideally use the information in such a way that it does not reveal that you can do it.



Basically, if they wanted to stay on the down low, they could 51% attack the network for a short amount of time. Just short enough to reverse transactions they know they don't want to go through, then back off.

But you can't "quietly" launch a 51% attack. It would be patently obvious someone was attacking the network.
sr. member
Activity: 430
Merit: 250
June 07, 2013, 01:43:51 PM
#16
http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/

Just because they might not have the ability now, doesn't mean they're not planning to have it soon. http://www.dslreports.com/forum/r27012462-Wired-article-explains-NSA-decrypting-plans-new-facility

If all you need is a private key to import to a bitcoin wallet, why would the NSA bother "mining" bitcoins when they could just open up all the wallets in existence and send the contents to themselves or a black hole?

They wouldn't do that because it would tip their hand. One of the prime directives of a code-breaking organization is not to reveal your capabilities until it's really necessary and then ideally use the information in such a way that it does not reveal that you can do it.



Basically, if they wanted to stay on the down low, they could 51% attack the network for a short amount of time. Just short enough to reverse transactions they know they don't want to go through, then back off.
This wouldn't really do anything. The transactions would just be re-broadcasted, problem solved. You cannot "reverse" a transaction, you can only delay it by "removing" the block that contained it.
legendary
Activity: 1372
Merit: 1014
June 07, 2013, 01:42:32 PM
#15
They don't have a monopoly on brainpower. I think if there was a vulnerability, it would have been discovered by now. But, maybe not. They're certainly not going to tell us, right? Smiley

In fact I am surprised intelligent people work for them, because they must understand how revolting and broken that organization and its activity is. Well, there are always some souls that are disturbed beyond repair.
sr. member
Activity: 266
Merit: 250
aka 7Strykes
June 07, 2013, 01:41:35 PM
#14
http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/

Just because they might not have the ability now, doesn't mean they're not planning to have it soon. http://www.dslreports.com/forum/r27012462-Wired-article-explains-NSA-decrypting-plans-new-facility

If all you need is a private key to import to a bitcoin wallet, why would the NSA bother "mining" bitcoins when they could just open up all the wallets in existence and send the contents to themselves or a black hole?

They wouldn't do that because it would tip their hand. One of the prime directives of a code-breaking organization is not to reveal your capabilities until it's really necessary and then ideally use the information in such a way that it does not reveal that you can do it.



Basically, if they wanted to stay on the down low, they could 51% attack the network for a short amount of time. Just short enough to reverse transactions they know they don't want to go through, then back off.
hero member
Activity: 490
Merit: 501
June 07, 2013, 01:40:07 PM
#13
Rogue, rouge implies they wear makeup.  Cheesy
sr. member
Activity: 430
Merit: 250
June 07, 2013, 01:39:50 PM
#12
If all you need is a private key to import to a bitcoin wallet, why would the NSA bother "mining" bitcoins when they could just open up all the wallets in existence and send the contents to themselves or a black hole?

Because the private key keyspace is so humongously large nobody/nothing can just cycle through it.
Pages:
Jump to: