SHA-256 is designed by the NSA - do they have a backdoor? - page 4.

cypherdoc

legendary

Activity: 1764

Merit: 1002

Quote from: ShadowOfHarbringer on September 10, 2013, 03:45:35 AM

Quote from: marcus_of_augustus on September 09, 2013, 06:25:35 PM

The algorithm is open ... however it was produced by a politically motivated rogue government branch that seems to harbouring a cynical bunch of criminal bastards ... do your own due diligence, if you don't have to deal with them why bother?

Don't forget that the Internet and TOR were also started by the US military.
Just the fact that they did something does not mean that they still have control over it.

Quote from: marcus_of_augustus on September 09, 2013, 06:25:35 PM

Edit: oops, forgot to point out that the NSA algos flaws/backdoors will be tailored towards cracking by hardware capabilities that they , and maybe only them, possess. So saying it is secure because no-one else has found a flaw is redundant since no-one else knows or can replicate what they are capable of in terms of mining the exploit ...

Flaws in one of most widely used algos would be quickly found by NSA's/USA enemies - such as China and Russia (Russia/China have some of the world brightest mathematicans & cryptographers).
Especially after the Prism scandal.

Hiding something like this is simply not possible in after-Prism paranoia world.

and don't forget that the NSA relies on it's operatives going into harms way into foreign and hostile areas.

you now have to imagine a scenario where they lie to them, and have the operatives allow themselves to be lied to, and say all their communications will continue to be safe and secure so continue doing what you're doing? either way, the NSA has suffered irreparable damage as a result of these so called revelations.

i prefer the simplest explanation and that is to continue to believe that the Internet is ripping open age-old secrets and increasing the dissemination of the truth. to expect one US centric organization to be able to buck that trend over the long term is not viable, imo.

miztaziggy

sr. member

Activity: 432

Merit: 500

Quote from: Galahad on September 10, 2013, 09:46:47 AM

Quote from: miztaziggy on September 10, 2013, 08:53:22 AM

So what evidence do you have that the brightest minds in the world are not in these government agencies?

They will also be working in the open source community rather than exclusively in one place because they are passionate about the subject.

Really? What world do you live in where employees of the NSA and GCHQ can moonlight in the open source community and spread state secrets around for the users of the bitcoin forum to read?

And as for being passionate about the subject, I expect that when you're working on the inside of an agency like that and are in the know when it comes to the real threats in this world, you would probably be on the side of these agencies that do the work they do.

cypherdoc

legendary

Activity: 1764

Merit: 1002

Quote from: DeathAndTaxes on September 10, 2013, 08:39:40 AM

Quote from: miztaziggy on September 10, 2013, 06:20:20 AM

Why would the NSA ever release a 'secure' algorithm? It's like shooting yourself in the foot, it would make their job so much harder. They would only ever release something that they could control. It's just the way the world works.

Because you can never definitively prove a cryptographic system is secure. The only way to "know" a cipher is secure is to make it publicly available and let the best in the world take a crack at it. It is very easy to write a cryptographic system that you yourself can't break but that is next to useless. Secret cryptography usually is weak cryptography. History is littered with examples of failed "strong" systems. One classic one is WEP which is so unbelievably broken it is hard to believe cryptographers came up with it. Security through obscurity doesn't work. Had the specs for WEP been made publicly available in the design phase people would have found the flaws in a matter of weeks and saved everyone a ton of problems down the road. For every good cipher there are dozens and dozens of flawed ones. No matter how smart a single developer is the combined intellect of the planet is better, that is the entire rationale for open source. The NSA is not only responsible for finding the secrets of others they are responsible for ensuring others don't find the secrets of the United States.

The US government uses SHA-2 in secure cryptographic systems including SIPERNet. I know this from personal experience.

i agree with this.

Galahad

full member

Activity: 190

Merit: 100

Quote from: miztaziggy on September 10, 2013, 08:53:22 AM

So what evidence do you have that the brightest minds in the world are not in these government agencies?

They will also be working in the open source community rather than exclusively in one place because they are passionate about the subject.

Quote from: ShadowOfHarbringer on September 10, 2013, 08:51:35 AM

Quote from: DeathAndTaxes on September 10, 2013, 08:39:40 AM

Quote from: miztaziggy on September 10, 2013, 06:20:20 AM

Why would the NSA ever release a 'secure' algorithm? It's like shooting yourself in the foot, it would make their job so much harder. They would only ever release something that they could control. It's just the way the world works.

Because you can never definitively prove a cryptographic system is secure. The only way to "know" a cipher is secure is to make it publicly available and let the best in the world take a crack at it. It is very easy to write a cryptographic system that you yourself can't break but that is next to useless. Secret cryptography usually is weak cryptography. History is littered with examples of failed "strong" systems. One classic one is WEP which is so unbelievably broken it is hard to believe cryptographers came up with it. Security through obscurity doesn't work. Had the specs for WEP been made publicly available in the design phase people would have found the flaws in a matter of weeks and saved everyone a ton of problems down the road. For every good cipher there are dozens and dozens of flawed ones. No matter how smart a single developer is the combined intellect of the planet is better, that is the entire rationale for open source. The NSA is not only responsible for finding the secrets of others they are responsible for ensuring others don't find the secrets of the United States.

This is probably the most wise & complete explanation of "why there is no backdoor in SHA-2" that we will come up with here.

This topic could be now closed for all I care.

Thank you. I couldn't properly express why he was wrong so I was waiting for more sane people to get here. Please close topic!

miztaziggy

sr. member

Activity: 432

Merit: 500

Quote from: Galahad on September 10, 2013, 08:18:15 AM

Quote from: miztaziggy on September 10, 2013, 07:56:59 AM

Are you really that naive?

Do you underestimate the brightest minds in the world? Do you believe that the minds in the NSA are somehow brighter than those outside of it?

So what evidence do you have that the brightest minds in the world are not in these government agencies?

A friend of mine's son has studied maths at Cambridge in the UK, he is now doing a PHD over in the US at MIT. She had her son's friend stay with her over the holiday, and told me that this girl was also studying for a PHD also. This girl is apparently ridiculously intelligent, to the point of being autistic, she has no social skills. She has already been approached by GCHQ and has done a summer placement there. She has been offered a place after completing her PHD.

That's what happens in the real world, these ultra bright kids will be snapped up by places like GCHQ and NSA before they are 21, but, this forum is just like a hollow box where you all like to shout about the positives of bitcoin without ever considering the real world, so I guess none of this matters.

ShadowOfHarbringer

legendary

Activity: 1470

Merit: 1006

Bringing Legendary Har® to you since 1952

Quote from: DeathAndTaxes on September 10, 2013, 08:39:40 AM

Quote from: miztaziggy on September 10, 2013, 06:20:20 AM

Why would the NSA ever release a 'secure' algorithm? It's like shooting yourself in the foot, it would make their job so much harder. They would only ever release something that they could control. It's just the way the world works.

Because you can never definitively prove a cryptographic system is secure. The only way to "know" a cipher is secure is to make it publicly available and let the best in the world take a crack at it. It is very easy to write a cryptographic system that you yourself can't break but that is next to useless. Secret cryptography usually is weak cryptography. History is littered with examples of failed "strong" systems. One classic one is WEP which is so unbelievably broken it is hard to believe cryptographers came up with it. Security through obscurity doesn't work. Had the specs for WEP been made publicly available in the design phase people would have found the flaws in a matter of weeks and saved everyone a ton of problems down the road. For every good cipher there are dozens and dozens of flawed ones. No matter how smart a single developer is the combined intellect of the planet is better, that is the entire rationale for open source. The NSA is not only responsible for finding the secrets of others they are responsible for ensuring others don't find the secrets of the United States.

This is probably the most wise & complete explanation of "why there is no backdoor in SHA-2" that we will come up with here.

This topic could be now closed for all I care.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: miztaziggy on September 10, 2013, 06:20:20 AM

Why would the NSA ever release a 'secure' algorithm? It's like shooting yourself in the foot, it would make their job so much harder. They would only ever release something that they could control. It's just the way the world works.

Because you can never definitively prove a cryptographic system is secure. The only way to "know" a cipher is secure is to make it publicly available and let the best in the world take a crack at it. It is very easy to write a cryptographic system that you yourself can't break but that is next to useless. Secret cryptography usually is weak cryptography. History is littered with examples of failed "strong" systems. One classic one is WEP which is so unbelievably broken it is hard to believe cryptographers came up with it. Security through obscurity doesn't work. Had the specs for WEP been made publicly available in the design phase people would have found the flaws in a matter of weeks and saved everyone a ton of problems down the road. For every good cipher there are dozens and dozens of flawed ones. No matter how smart a single developer is the combined intellect of the planet is better, that is the entire rationale for open source. The NSA is not only responsible for finding the secrets of others they are responsible for ensuring others don't find the secrets of the United States.

The US government uses SHA-2 in secure cryptographic systems including SIPERNet. I know this from personal experience.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: Frizz23 on September 10, 2013, 03:00:20 AM

By the way: What might have been the reason that Mr. Nakamoto decided to use an NSA algorithm (SHA-256) for Bitcoin?

The same reason that banks, the US government, foreign governments, millions of websites, the SSL protocol, PGP, and other secure systems use it.
It is the most widely studied and analyzed algorithms in the last twenty years. It has held up to extensive public scrutiny and been shown to be a strong hashing function.

Galahad

full member

Activity: 190

Merit: 100

Quote from: miztaziggy on September 10, 2013, 07:56:59 AM

Are you really that naive?

Do you underestimate the brightest minds in the world? Do you believe that the minds in the NSA are somehow brighter than those outside of it?

miztaziggy

sr. member

Activity: 432

Merit: 500

Quote from: Galahad on September 10, 2013, 07:38:46 AM

Quote from: miztaziggy on September 10, 2013, 06:20:20 AM

Why would the NSA ever release a 'secure' algorithm? It's like shooting yourself in the foot, it would make their job so much harder. They would only ever release something that they could control. It's just the way the world works.

Because it's public domain and the best experts in cryptography in the world have worked on it, tested it and found no flaw. Also, the NSA themselves rely on this encryption, do they want their secrets revealed?

Are you really that naive?

Galahad

full member

Activity: 190

Merit: 100

Quote from: miztaziggy on September 10, 2013, 06:20:20 AM

Why would the NSA ever release a 'secure' algorithm? It's like shooting yourself in the foot, it would make their job so much harder. They would only ever release something that they could control. It's just the way the world works.

Because it's public domain and the best experts in cryptography in the world have worked on it, tested it and found no flaw. Also, the NSA themselves rely on this encryption, do they want their secrets revealed?

miztaziggy

sr. member

Activity: 432

Merit: 500

Why is everyone so certain that the 'entire world community' has looked at this encryption and hasn't found a flaw?

I don't understand the mathematics in this but:
http://eprint.iacr.org/2008/270.pdf

Now, this looks like it's been done by a university in India.

My guess is that the NSA and other world intelligence agencies employ the very best of the best mathematicians. They will scour universities and pick up the top students early on. Their work won't be published like this was. It will be kept secret and the world will think that it's secure.

Why would the NSA ever release a 'secure' algorithm? It's like shooting yourself in the foot, it would make their job so much harder. They would only ever release something that they could control. It's just the way the world works.

Galahad

full member

Activity: 190

Merit: 100

They already had this discussion in newbies. But there were articles on the Guardian and why would the NSA lie in their own documents? It's a bit worrying. Perhaps they have not cracked the cryptography but found around it on poorly managed servers:

http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

Jace

sr. member

Activity: 288

Merit: 251

Quote from: Come-from-Beyond on September 09, 2013, 10:51:25 PM

NSA can afford to hire the best mathematicians. Nowadays when one of them devises something only a few people are able to understand the mathematical proof it's based on. A flaw could exist for decades/centuries before someone else find it by accident.

It could, yes, hypothetically. But it's extremely unlikely. Chances are slim to none. There is a much, MUCH larger group of extremely talented mathematicians out there than the NSA has employed.

Oh, and in the VERY unlikely (and purely theoretical) scenario that the NSA does indeed have some sort of edge on SHA-256, we can still keep our peace of mind knowing that fortunately, Bitcoin uses double (nested) SHA-256.

ShadowOfHarbringer

legendary

Activity: 1470

Merit: 1006

Bringing Legendary Har® to you since 1952

Quote from: marcus_of_augustus on September 09, 2013, 06:25:35 PM

The algorithm is open ... however it was produced by a politically motivated rogue government branch that seems to harbouring a cynical bunch of criminal bastards ... do your own due diligence, if you don't have to deal with them why bother?

Don't forget that the Internet and TOR were also started by the US military.
Just the fact that they did something does not mean that they still have control over it.

Quote from: marcus_of_augustus on September 09, 2013, 06:25:35 PM

Edit: oops, forgot to point out that the NSA algos flaws/backdoors will be tailored towards cracking by hardware capabilities that they , and maybe only them, possess. So saying it is secure because no-one else has found a flaw is redundant since no-one else knows or can replicate what they are capable of in terms of mining the exploit ...

Flaws in one of most widely used algos would be quickly found by NSA's/USA enemies - such as China and Russia (Russia/China have some of the world brightest mathematicans & cryptographers).
Especially after the Prism scandal.

Hiding something like this is simply not possible in after-Prism paranoia world.

operrajunk74

sr. member

Activity: 344

Merit: 250

Quote from: DeathAndTaxes on September 09, 2013, 06:07:24 PM

c) the entire world community hasn't found a flaw.

If another non US agency found a flaw, why would they publish it instead of use it for their advantage?

dragonkid

member

Activity: 84

Merit: 10

Quote from: DeathAndTaxes on September 09, 2013, 06:07:24 PM

I don't trust the NSA. I trust the fact that:
a) the algorithm is open
b) the constants are sequential prime cuberoots rather than "random"
c) the entire world community hasn't found a flaw.

Compare that to the EC RNG which was recommended by the NSA. A single cryptographer found the flaw in the span of a few months despite it being rather than rare algorithm with no widespread usage. However the entire world community can't find a backdoor/flaw in an one of the most widely used hashing algorithms in the world?

That is why I only use Linux, and open source.

Frizz23

hero member

Activity: 1162

Merit: 500

Quote from: DeathAndTaxes on September 09, 2013, 06:27:11 PM

Well we do have to "deal with SHA-2" as a change to a different hashing algorithm would be a hard fork and that isn't going to happen.

But it would kill two birds with one stone.
1) The ASIC madness would stop
2) The NSA algorithm would be gone.

By the way: What might have been the reason that Mr. Nakamoto decided to use an NSA algorithm (SHA-256) for Bitcoin?

Dabs

legendary

Activity: 3416

Merit: 1912

The Concierge of Crypto

Imagine, Satoshi has a million or two coins stashed on a bunch of private keys that have never moved since being mined. Those 50 BTC will be the target.

MoneyMorpheus

sr. member

Activity: 251

Merit: 250

Quote from: Littleshop on September 09, 2013, 08:07:18 PM

Quote from: DeathAndTaxes on September 09, 2013, 06:27:11 PM

Quote from: marcus_of_augustus on September 09, 2013, 06:25:35 PM

The algorithm is open ... however it was produced by a politically motivated government branch that seems to harbouring a cynical bunch of criminal bastards ... do your own due diligence, if you don't have to deal with them why bother?

Well we do have to "deal with SHA-2" as a change to a different hashing algorithm would be a hard fork and that isn't going to happen.

Actually I believe it could happen. And it should happen if SHA-2 was compromised, that was always the plan but right now SHA-2 is NOT compromised. The NSA may have some shortcuts and could exploit random number generator issues (including backdoors in those) but a clear get the private key from the public one is not possible at this time.

Changing the algo was ALWAYS planned in Bitcoin if it was compromised.

You do realize what a change in algo would mean? All the asics will become paperweights and the network will go back to gpu mining. Leaving the network less protected for the NSA or a third party to do a 51% attack. Not to mention all the asic manufacturers will bankrupt...

It is possible, but the consequences will be huge...

I think though that even if bitcoin is cracked by the nsa, they will not bring it down. They will exploit such crack in their benefit. Just remember governments don't destroy assets or money, they confiscate it. They will even try to make it look like they seized the btc by other means, making their backdoor last for as long as they can.

Whats the point in investing millions on cracking a cryptocurrency in order to kill it and let the next one arise and start all over again?

Greediness and power are two important factors in conspiracy theories. The NSA cracking btc to kill it lacks both...

But then again that is just my theory...

Topic: SHA-256 is designed by the NSA - do they have a backdoor? - page 4. (Read 27822 times)