Pages:
Author

Topic: SHA-256 is designed by the NSA - do they have a backdoor? - page 5. (Read 27822 times)

legendary
Activity: 2142
Merit: 1010
Newbie
However the entire world community can't find a backdoor/flaw in an one of the most widely used hashing algorithms in the world?

NSA can afford to hire the best mathematicians. Nowadays when one of them devises something only a few people are able to understand the mathematical proof it's based on. A flaw could exist for decades/centuries before someone else find it by accident.
legendary
Activity: 1386
Merit: 1004
The algorithm is open ... however it was produced by a politically motivated government branch that seems to harbouring a cynical bunch of criminal bastards ... do your own due diligence, if you don't have to deal with them why bother?

Well we do have to "deal with SHA-2" as a change to a different hashing algorithm would be a hard fork and that isn't going to happen.

Actually I believe it could happen.  And it should happen if SHA-2 was compromised, that was always the plan but right now SHA-2 is NOT compromised.  The NSA may have some shortcuts and could exploit random number generator issues (including backdoors in those) but a clear get the private key from the public one is not possible at this time. 

Changing the algo was ALWAYS planned in Bitcoin if it was compromised. 
donator
Activity: 1218
Merit: 1079
Gerald Davis
The algorithm is open ... however it was produced by a politically motivated government branch that seems to harbouring a cynical bunch of criminal bastards ... do your own due diligence, if you don't have to deal with them why bother?

Well we do have to "deal with SHA-2" as a change to a different hashing algorithm would be a hard fork and that isn't going to happen.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
The algorithm is open ... however it was produced by a politically motivated rogue government branch that seems to harbouring a cynical bunch of criminal bastards ... do your own due diligence, if you don't have to deal with them why bother?

Quote
Compare that to the EC RNG which was recommended by the NSA.  A single cryptographer found the flaw in the span of a few months despite it being rather than rare algorithm with no widespread usage.   However the entire world community can't find a backdoor/flaw in an one of the most widely used hashing algorithms in the world?
   
   
Edit: oops, forgot to point out that the NSA algos flaws/backdoors will be tailored towards cracking by hardware capabilities that they , and maybe only them, possess. So saying it is secure because no-one else has found a flaw is redundant since no-one else knows or can replicate what they are capable of in terms of mining the exploit ...
donator
Activity: 1218
Merit: 1079
Gerald Davis
It seems likely at this point, but there's no proof that they have.

I would say it seems unlikely at this point however you can never prove a flaw (intentional or otherwise) doesn't exist.

They intentionally produce shit cryptography and go to great lengths to deceive (social attacks) ... why trust them in any regard, least of all in an "open science" forum format when there is no requirement to?

I don't trust the NSA.  I trust the fact that:
a) the algorithm is open
b) the constants are sequential prime cuberoots rather than "random"
c) the entire world community hasn't found a flaw.

Compare that to the EC RNG which was recommended by the NSA.  A single cryptographer found the flaw in the span of a few months despite it being rather than rare algorithm with no widespread usage.   However the entire world community can't find a backdoor/flaw in an one of the most widely used hashing algorithms in the world?
member
Activity: 103
Merit: 10
It seems likely at this point, but there's no proof that they have.

I would say it seems unlikely at this point however you can never prove a flaw (intentional or otherwise) doesn't exist.

They intentionally produce shit cryptography and go to great lengths to deceive (social attacks) ... why trust them in any regard, least of all in an "open science" forum format when there is no requirement to?

It should be quite clear now to dump any crypto that the NSA has come anywhere near, and trust no-one that has had anything to do with them. That maybe a massive undertaking given how ubiquitous their grasping tentacles have become but it is the only right thing to do, probably safest also.

100% Agree!
legendary
Activity: 1666
Merit: 1057
Marketing manager - GO MP
Oh look it's this thread again.
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
It seems likely at this point, but there's no proof that they have.

I would say it seems unlikely at this point however you can never prove a flaw (intentional or otherwise) doesn't exist.

They intentionally produce shit cryptography and go to great lengths to deceive (social attacks) ... why trust them in any regard, least of all in an "open science" forum format when there is no requirement to?

It should be quite clear now to dump any crypto that the NSA has come anywhere near, and trust no-one that has had anything to do with them. That maybe a massive undertaking given how ubiquitous their grasping tentacles have become but it is the only right thing to do, probably safest also.
donator
Activity: 1218
Merit: 1079
Gerald Davis
It seems likely at this point, but there's no proof that they have.

I would say it seems unlikely at this point however you can never prove a flaw (intentional or otherwise) doesn't exist.
hero member
Activity: 686
Merit: 500
Ultranode
http://arstechnica.com/security/2013/09/crypto-prof-asked-to-remove-nsa-related-blog-post/

They have a backdoor to everything. BTC price is gonna tank when it is finally revealed that the NSA can hack and destroy bitcoin at will.
member
Activity: 122
Merit: 10
It seems likely at this point, but there's no proof that they have.
legendary
Activity: 1050
Merit: 1002
SHA-2 is an open algorithm and it uses as its constants the sequential prime cube roots as a form of "nothing up my sleeve numbers".  For someone to find a weakness or backdoor in SHA would be the equivalent of the nobel prize in cryptography.   Everyone who is anyone in the cryptography community has looked at SHA-2.  Not just everyone with a higher degree in mathematics, computer science, or cryptography in the last 20 years but foreign intelligence agencies and major financial institutions.    Nobody has found a flaw, not even an theoretical one (a faster than brute force solution which requires so much energy/time as to be have no real world value).

To believe the the NSA has broken SHA-2 would be to believe that the NSA found something the entire rest of the world combined hasn't found for twenty years.  Also NIST still considers SHA-2 secure and prohibits the use of any other hashing algorithm (to include SHA-3 so far) in classified networks.  So that would mean the NSA is keeping a flaw/exploit from NIST compromising US national security. 

Anything is possible but occam's razor and all that.
newbie
Activity: 56
Merit: 0
Id say so, why not?

It's finally public they have cracked and have backdoors in EVERY mobile device, anything you click on the net. etc..
hero member
Activity: 1162
Merit: 500
"SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256, SHA-384, SHA-512) designed by the U.S. National Security Agency (NSA) ..."
(http://en.wikipedia.org/wiki/SHA-2)

Every day we hear new news that the NSA is able to spy on us - and hack or bypass SSL, SSH, PGP, etc. Sometimes because they use backdoors that they have installed themselves. "Planted" weaknesses into systems.

What's the probability that the NSA also designed some "flaws" into the SHA-2 algorithm?
Pages:
Jump to: