Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Encryption Government Privacy

Most Tor Keys May Be Vulnerable To NSA Cracking 236

Ars Technica reports that security researcher Rob Graham of Errata Security, after analyzing nearly 23,000 Tor connections through an exit node that Graham controls, believes that the encryption used by a majority of Tor users could be vulnerable to NSA decryption: "About 76 percent of the 22,920 connections he polled used some form of 1024-bit Diffie-Hellman key," rather than stronger elliptic curve encryption. More from the article: "'Everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys,' Graham wrote in a blog post published Friday. 'Assuming no "breakthroughs," the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips.' He went on to cite official Tor statistics to observe that only 10 percent of Tor servers are using version 2.4 of the software. That's the only Tor release that implements elliptical curve Diffie-Hellman crypto, which cryptographers believe is much harder to break. The remaining versions use keys that are presumed to be weaker."
This discussion has been archived. No new comments can be posted.

Most Tor Keys May Be Vulnerable To NSA Cracking

Comments Filter:
  • for how many chips?

    • by Dahamma ( 304068 )

      Probably a LOT - silicon is cheap when you mass produce it, and while they may be custom, they are probably fairly trivial to design (either individually pretty small or easy to duplicate the core many times in one chip).

      They're probably already cracking DES keys [wikipedia.org] in minutes...

  • Getting tired here (Score:3, Insightful)

    by ghost_templar ( 3044481 ) on Friday September 06, 2013 @09:15PM (#44781023)

    The more I read of Slashdot (and to an extend Ars Technica), the less I want to continue reading. All it is these days is NSA, NSA, NSA. It's too damn depressing and what's worse, it's one of those situations where it's

    (a) an intangable threat (you will probably never suffer directly because of what they're doing, but it still feels wrong)
    (b) related to (a), it's something that the wider public doesn't know about and would be hard-pressed to convince is a threat without sounding like a looney
    (c) cannot be overcome (moving to Linux for example doesn't change much if the network can still be tapped, and evidently TOR is now comrpomised), short of abandoning technology and reverting to primitive technology for, again, a hypothetical threat that will probably not ever affect us DIRECTLY, but still something we know shouldn't be happening.

    I just want to read about science and technology, interesting shit. Seems impossible to do that anymore since clearly NSA stuff rates rather highly.

    TL:DR - what's the point of knowing how evil things are if tangible, WIDESPREAD changes aren't going to happen due to our lack of power? You just become miserable, while everyone else is (relatively) happy because they don't know. There's a reason ignorance is bliss is a saying.

    • by msobkow ( 48369 )

      Nobody is forcing you to read the articles. You're welcome to stick your head in the sand or cover it with a towel at any time.

    • by AHuxley ( 892839 ) on Friday September 06, 2013 @10:59PM (#44781507) Journal
      We have had 30 years of whispers, books, magazines and talks by past experts. We seem to have a generation of experts who seemed to allow their allowed hardware and software encryption to fail on a global scale.
      So every new story adds to work mentioned in the past. In 30 years this would have been amazing news.
      Getting all this crypto and telco news now is going to allow some very creative people to release some new software and hardware.
    • by QRDeNameland ( 873957 ) on Saturday September 07, 2013 @12:02AM (#44781709)

      I just want to read about science and technology, interesting shit.

      I feel your pain, but unfortunately, if the NSA/intelligence complex truly can not be reined in (and I'm not optimistic that it can be), I think you're looking at the dark ages for any science or tech that doesn't serve their purposes.

      Someone posted the following citation at the New York Times yesterday, which really struck a nerve with me:

      "The man who is compelled to live every minute of his life among others and whose every need, thought, desire, fancy or gratification is subject to public scrutiny, has been deprived of his individuality and human dignity. Such an individual merges with the mass. His opinions, being public, tend never to be different; his aspirations, being known, tend always to be conventionally accepted ones; his feelings, being openly exhibited, tend to lose their quality of unique personal warmth and to become the feelings of every man. Such a being, although sentient, is fungible; he is not an individual." Bloustein, Privacy as an Aspect of Human Dignity: An Answer to Dean Prosser, 39 N. Y. U. L. Rev. 962, 1003 (1964).

      Don't think for one second that this is an intangible threat. The people who blissfully ignore or accept it are exactly the people who won't be doing the paradigm shifting science or creating disruptive technologies. The people who would do those things are stuck with the same choice you state: acknowledge a really sucky situation and face being miserable, or ignore it as 'intangible' and go about their day, and just focus on uncontroversial science and tech that won't get them in any trouble. Can that possibly be a good thing?

    • Translation of the above: Please don't tell me scary things, tell me everything is alright with lots of puppies and kittens who never ever die. Tell me a world of unicorns and rainbows so I can believe everything is alright and as it should be and I can excuse myself for not lifting a finger to improve the world.

      Allow me to rest my hand in the sand and then complain like a bitch when I am run over by a lorry. Because someone else should have been saving the world while I looked the other way.

      • You don't need to use hyperbole. There's a lot of good in the world, but there's also a lot of bad. News sites have a predisposition to continually pump bad news, even though the NSA stuff is only one element in what's happening in the world. If people get their fix on tech news from sites such as Slashdot, and said sites fixate on all the shit that's happening, then of course people are going to become miserable. Because there's basically nothing we can do to stop it. We have no power.

        If you're arguing tha

    • by Natales ( 182136 )
      I understand your thinking. Yet, once your eyes have been opened, you can't go back anymore. I know it's a cliche in this audience, but it's really like swallowing the red pill. We now know we were not crazy and there really is an extremely powerful entity out there attempting to break all our most trusted systems. We can 1) ignore it, 2) accept our fate and go kosher (according to 'the system') or 3) fight it. I've chosen 3, mostly because I think this is just the beginning and things can get really dark v
    • All it is these days is NSA, NSA, NSA.

      I count 22 stories today (friday). At most 4 are NSA, and that's stretching it (epic browser isn't more about commercial trackers than government and Iran/Syria interception is only speculatively nsa). So ~15% NSA stories really isn't that overwhelming.

    • Go here:

      http://science.slashdot.org/

    • All it is these days is NSA, NSA, NSA.

      You have a uid of >3,000,000 and you are complaining about "these days" as though you have been here a long time. Just go back to wherever you came from, a week or so ago.

  • by raymorris ( 2726007 ) on Friday September 06, 2013 @09:17PM (#44781027) Journal

    If that speculation is right, that a billion dollars will buy hardware that takes a few hours to break one key, great. That would mean nobody is going to break MY key, and that al Qaeda's keys were broken soon after they started using them. Works for me.

    • by girlintraining ( 1395911 ) on Friday September 06, 2013 @10:25PM (#44781375)

      If that speculation is right, that a billion dollars will buy hardware that takes a few hours to break one key, great. That would mean nobody is going to break MY key, and that al Qaeda's keys were broken soon after they started using them. Works for me.

      I think you're looking at this backwards; They won't spend any money to break your key because you're worth zero dollars. What could you possibly be doing that would warrant the NSA's interest? You need to understand the organization; They primarily do signals intelligence, and they operate in a support role to other agencies, principally the CIA, FBI, and DHS.

      The NSA simply logs the data and holds on to it until and unless something happens that makes analyzing that data a priority. They may record all cell phone calls, but they don't listen to them all. They may record all internet traffic, but they don't review all of it. In order for them to expend resources, there needs to be a reason. You could be using '1 bit' encryption and it would be as interesting to them as '1 million bit' encryption.

      In security, your defenses need to be harder to break than the value of the thing being protected. Although Tor's encryption may be insufficient against a government, it is plenty strong for most everyday uses -- getting around corporate proxies, location-locked services (like shows the BBC offers, Netflix, etc.), and for proxying to Facebook. Yes, I use Tor to connect to Facebook... because I don't want them knowing where I am, and my IP address provides a wealth of marketing information to them. I also don't use my real name, but really, the main reason is just to piss in their data collection cheerios, not because I'm doing it to be 'anonymous' or 'super secure'. And this is what most people use Tor for; along with browsing bittorrent sites (though downloading is still direct...), and other things that they may feel uncomfortable with having a readily-accessible record of at their ISP's office (gay porn anyone?).

      The NSA cares not for these activities. It's logged all the same, but until they say that, say, "the alias raymorris on slashdot indicated he may be in possession of classified materials" all that data just sits on a harddrive somewhere, waiting to expire. The NSA just waits for the phone call.

      That said, a few hours to break one key is pretty petty for accessing your internet traffic or mine, but if Al Quaeda has a hidden service inside Tor they're using to communicate with, a secret website if you will... now those few hours' worth of electricity seem very, very worth it.

      You've gotta understand that security is not an absolute; There is no "secure" versus "insecure". There is only no security, and then varying degrees of more security; And good security is when it costs more to break it than the value of the thing being protected. Great security is when that's true and the computer functions the way you expect.

      • That's my point. They won't spend any money tracking me. Well, not more than about $10-$50, since I'm pretty sure I'm on a list or two. They WILL spend money tracking whoever appears to be the next bin Ladin. Cool. I'd like them to be able to track bin Laden, while it's not anywhere near worth it to track me.

        If I were using "1 bit encryption" they WOULD break it. They proof of that is that they DO track people who use 0 bit (plain email, phone). That's bad. I prefer that everyone use encryption enough

        • by lxs ( 131946 )

          They WILL spend money tracking whoever appears to be the next bin Ladin.

          Or the next presidential candidate promising to cut their budget.

      • The NSA simply logs the data and holds on to it until and unless something happens that makes analyzing that data a priority.

        This is why it's important that web servers enable ECDHE key agreement, which provides forward secrecy. Basically, the only way to penetrate it is to mount a man-in-the-middle attack in real time. Recovering the server's private key later does not provide the ability to decrypt stored traffic.

        • by dalias ( 1978986 )
          You missed the point: the NSA likely has the capacity to break systems which SHOULD provide forward secrecy, as long as the key size is sufficiently small, for example 1024-bit Diffie-Hellman. Migration to larger keys is needed to combat this. I may be mistaken, but offhand I believe with DH each additional 2 bits will double the resources needed to break it.
          • You missed the point: the NSA likely has the capacity to break systems which SHOULD provide forward secrecy, as long as the key size is sufficiently small, for example 1024-bit Diffie-Hellman.

            No, you missed the point. It is, perhaps, a subtle point, because the meaning of "forward secrecy" isn't obvious. Let me explain.

            Having the ability (assuming they do) to crack 1024-bit keys does not give them the ability to read very much of the world's traffic because even if they can crack each key in a few hours, there are way too many keys. girlintraining said that they address this by capturing and storing all of the encrypted traffic so that at some later point in time when they realize they need to

      • by j-turkey ( 187775 ) on Saturday September 07, 2013 @01:52AM (#44782097) Homepage

        I disagree with your assertion that since you're not a terrorist, the NSA has no interest in you and/or what you do. Law enforcement tools are always used to their fullest extent. I mean, it makes sense; law enforcement is a bit hamstrung by rights guaranteed under the constitution - they will use whatever tool is at their disposal to get their job done.

        Whether or not you were investigated when the system was new is irrelevant to what law enforcement has started (or will start) using these systems. Also, to obtain a FISA warrant for an investigation related to terrorism is quite trivial and open to interpretation. Any evidence discovered of other crimes in that warrant is usable in court. I have seen it first-hand while siting on a federal jury last summer. A US khat-selling ring's sending money overseas was investigated by DHS due to concerns about possibly funding terrorism. It wasn't, but the multi-million dollar investigation had to net something - so I sat on a jury for 5 weeks and sifted through mountains of wiretap transcripts so the federal government could incarcerate a bunch of taxi cab drivers who wanted to chew some khat so they could work a little later and make a little bit more money.

        I hate to be the slippery slope guy...but this is typical. It's only a matter of time until these law enforcement tools are used on a wholesale basis (if they aren't being already). After reading about the extremes that the Soviets would go to under Stalin (if you were being investigated, you must be guilty of something), I feel like I have a fair understanding for how far things can go. I'm not suggesting that America is going that way...but why give her the chance, especially when we can do something now? Why not start setting some limits on this stuff? I think that the risks of what's going on outweigh the benefits. Is it unreasonable to do an honest analysis of the real risks of terrorism against the security measures that our government is putting in place?

        • by nbauman ( 624611 ) on Saturday September 07, 2013 @04:56AM (#44782603) Homepage Journal

          I disagree with your assertion that since you're not a terrorist, the NSA has no interest in you and/or what you do. Law enforcement tools are always used to their fullest extent.

          National security agencies will use their tools not only against criminals, but against their political enemies who are engaging in Constitutionally-protected activities. For example, J. Edgar Hoover used to tap Martin Luther King's telephones, and then spread personal information about King's sex life to try to harm the integration movement.

          Or a recent example. Eliot Spitzer was the Democratic governor of New York, and he was an effective governor who was aggressive about shaking things up. Banks have to report every transaction by every customer of $10,000 or over to federal authorities, and every transaction under $10,000 that looks "suspicious." So the feds get this huge flow of reports. One of the reports was on Spitzer. They investigated and found out as the result of this fishing expedition that he had used an escort service, which was probably legal and almost never prosecuted. Nonetheless, the Republican Attorney General decided to prosecute Spitzer for this, and leaked his name to the press. The Republican AG offered Spitzer a "deal" -- if the effective Democratic governor resigned, the Republican AG wouldn't prosecute him. Spitzer resigned, and was replaced by David Patterson, who didn't want the job and nobody, including Patterson, thought was qualified.

          So there you have a partisan use of confidential information that a federal agency got through its financial monitoring process, that a Republican AG used to get rid of an effective Democratic governor.

          The more electronic monitoring we have, the more it will be used improperly by politicians to damage their enemies.

        • Is it unreasonable to do an honest analysis of the real risks of terrorism against the security measures that our government is putting in place?

          No, it's damned reasonable. So reasonable the president himself was saying we need an evaluation of what's happening.

          He, however, was unwilling to provide any detail, leaving that sort of discussion relegated to the paranoid, and the people probably selling, buying or using this info-arsenal (think that's as good of term as any).

          Snowden helped out there, and overall I think his revelations helped America more than they harmed.

          Obama had no clue how open of a discussion would be going on.

      • by AHuxley ( 892839 )
        As the history of phone data hints, they keep it 'all' and when your noticed, all your digital life is fair game.
        The real trick is what gets you noticed... the web 2.0 'jokes' seem to point to not much at a federal, state or city level.
        vs a book on a political dynasty or a history of cryptography with new interviews on wars of the past 10~20 years...
        The fact that random posts are found so fast seems to point to some very robust, cheap and quality code in constant use below the federal level.
      • by Lennie ( 16154 )

        It would be kind of OK if that was true.

        But you are wrong, because they don't have the resources to keep ALL that traffic data. They get a LOT of traffic data.

        In at least the UK they got a copy of all traffic going through a bunch of undersea cables and Germany they basically get a port-mirror from certain transit providers.

        So they have a computer to look at the data to find 'interesting' stuff.

        Then they store it for up to a couple of weeks. Until a request comes in for some information and a human queries

      • by Burz ( 138833 )

        There is a problem with your, urm, political philosophy: If the government is even a tiny bit short of being perfectly rational and fair, the net effect of all that desire to store information from absolutely all communications will become monstrous. Before long, it will resemble a kind of absolute power and so will attract the most corrupt.

        No, the NSA can't afford to 'go after' everone at the same time. But like some perfect archetype of the fishing expedition, they can go after anyone at any given time.

        You've gotta understand that security is not an absolute;

        Th

    • by Yvanhoe ( 564877 ) on Friday September 06, 2013 @10:57PM (#44781497) Journal
      This is good only if you work under the assumption that you will not disturb any entrenched interests. As a European who works for European companies with US competitors, I can not assume that no one will ever spend a few hours to know what is inside the mails I sent to my boss.

      This is not an hypothetical case. In my last job we were in direct competition with IBM and were exchanging crucial pricing information through email. There has been precedents of ECHELON being used to gain economic intelligence (google "echelon airbus boeing" to learn about that)
      • by girlintraining ( 1395911 ) on Saturday September 07, 2013 @12:02AM (#44781707)

        This is not an hypothetical case. In my last job we were in direct competition with IBM and were exchanging crucial pricing information through email. There has been precedents of ECHELON being used to gain economic intelligence (google "echelon airbus boeing" to learn about that)

        Oh please. Every government engages in industrial espionage. The French are so well known for it that CEOs for pharmaceuticals that check-in to local hotels are told not to use the fax machine or internet there, and to keep their laptops in their room, and to bring their own locks to secure it and not use the hotel safe or in-room safe as the cleaning crew often isn't the usual maid service. I mean, this is SOP. Not that I'm picking on the French -- they're only guilty of being particularly bad at doing it covertly, but everyone does it.

        One does not need ECHELON to spy on a company. Hell, showing up to replace a printer in slacks and an official-looking work order is usually enough to get into a building... and having a rigged printer that records all the jobs sent to it is a nice opener. Following up with a power strip with its own wifi, mini computer, and cat5 pass-thru is a good follow-on. Why do people assume you need satellites and taps on hundreds of internet routers all over the world to do this?

        And don't underestimate blackmail, human stupidity, or the CEO's penchant for keeping a post-it note with his password on his computer, trusting that his secretary and security staff would neeeeever let anyone in who wasn't supposed to be there.... and of course, nobody ever takes bathroom breaks while watching the CEO's office over lunch time.... -_-

        And as a bonus... most corporations record all e-mails to monitor their employees. Amusingly... these systems are usually less secure than the ones they're tapped into. So if you don't have the money to bring your own equipment... they're usually nice enough to provide it for you.

        • by Njovich ( 553857 )

          Ok, so I live in Netherlands. The US is wiretapping most of the worlds traffic, and the excuse is that all governments do this? No they are not. I really don't think Dutch intelligence services are spying on IBM to get better deals for companies. There are a handful of countries that do this shit at a bigger scale, and all of them should stop. This is no way to treat the citizens of other countries, especially if there is no national security issue.

          Frankly, the only thing I've heard about this that is more

        • by Burz ( 138833 )

          So you work in pharmaceuticals?

        • by nbauman ( 624611 )

          This is not an hypothetical case. In my last job we were in direct competition with IBM and were exchanging crucial pricing information through email. There has been precedents of ECHELON being used to gain economic intelligence (google "echelon airbus boeing" to learn about that)

          Oh please. Every government engages in industrial espionage. The French are so well known for it that CEOs for pharmaceuticals that check-in to local hotels are told not to use the fax machine or internet there, and to keep their laptops in their room, and to bring their own locks to secure it and not use the hotel safe or in-room safe as the cleaning crew often isn't the usual maid service. I mean, this is SOP.

          So because everybody does it, it should be legal and I should accept it when my own country does it to me, without even a national security interest?

    • If you're not concerned, you should be. You might not be worried about the government having access to your private information because you figure you're not a target and if they come after you, there's a lot worse they can do than read your data. But in a year or two thieves will be able to crack what the NSA can crack now. They don't want to put you in jail. They just want your money and if you think the NSA hasn't much respect for the law, watch how little the thieves have.
    • Comment removed based on user account deletion
    • No, the first piece of hardware to break a key in a few hours costs a billion dollars. The next million of them off the assembly line cost two bucks each.

  • by hypnosec ( 2231454 ) on Friday September 06, 2013 @09:36PM (#44781115) Journal
    According to consolidated financial statements and reports of the Tor Project for the year ending December 2012 [paritynews.com], US Federal agencies are responsible for nearly sixty percent of funds received by the project. Tor has taken a defensive stand against this, but who knows?
    • by girlintraining ( 1395911 ) on Friday September 06, 2013 @10:47PM (#44781467)

      According to consolidated financial statements and reports of the Tor Project for the year ending December 2012, US Federal agencies are responsible for nearly sixty percent of funds received by the project. Tor has taken a defensive stand against this, but who knows?

      Tor was created by the US Air Force. Surprise, surprise, they still want to fund it. Sooo, why did they create Tor? Well, as it turns out, we've got this massive high speed satellite and ground network we use for military purposes, which basically amounts to a compartmentalized version of the internet. And within that, because soldiers are away from home for months or years at a time, they decided to offer internet access to them. Often they're on board carriers, or deployed in places where a direct hookup isn't really feasible. And they want to make sure that all that traffic isn't pouring out at locations that can be easily monitored... because as much as operational security is drilled into soldiers, loose lips sink ships and all, they're still human. They can screw up.

      So they needed some way of giving them internet access without making it pathetically easy for foreign powers to simply tap a couple key routers and see everything any soldier browses (Facebook anyone?)... Enter Tor.

      Tor has over 13,000 exit nodes all over the world. And it's expensive to monitor every node. Not only that, but you have no idea where in the Tor network the traffic originated from -- is this J. Random Soldier, or Closet Gay Guy Looking At Porn? Noooobody knows. It wasn't meant to be high security. It's not meant to be totally anonymous; It's meant to make it difficult for small-time players like, say, Iran, to spy on our soldier's personal communications. Because this has happened, and it has killed people; A cell phone left on in a soldier's pocket during an operation led to the death of a half dozen marines when enemy combatants used the signal to figure out when they were leaving base... and they planned an ambush.

      So Tor will be funded by our government for the conceivable future, and they have a vested interest in maintaining the security of the network to the point that it would cost an adversary more to 'break' the network than the intelligence value of the soldiers' personal internet browsing.

      Does this worry me? Nope. Tin foil hat time? Not a chance. Don't use Tor for high value communications. But then... that goes for the public internet as well. If you want to secure high value communications, you build your own VPN, and then add code to have it transmit/receive at a constant rate to deter traffic analysis. Which, coincidentally, is what most financial institutions these days do.

      • "A cell phone left on in a soldier's pocket during an operation led to the death of a half dozen marines when enemy combatants used the signal to figure out when they were leaving base... and they planned an ambush."

        Citation?

        • Re: (Score:2, Interesting)

          "A cell phone left on in a soldier's pocket during an operation led to the death of a half dozen marines when enemy combatants used the signal to figure out when they were leaving base... and they planned an ambush."

          Citation?

          You won't find one. Another example; Stealth bombers are really great at being stealthy until they're over the target and open the bomb bay doors. Then they're as visible to radar as flying barns. Which is why usually, ahead of the actual strike, a HARM missile is deployed. It's not actually a missile though, but rather a high altitude bomb that, when released, deploys a parachute and sits over the target looking for active radar signatures. When it finds one, off goes the parachute and on comes GPS-guided

      • by Shawn A. Miller ( 3047489 ) on Friday September 06, 2013 @11:35PM (#44781615) Homepage
        Tor was not created by the Air Force. Initial work was funded by the Office of Naval Research via the Naval Research Laboratory. See: http://www.onion-router.net/History.html [onion-router.net]. You can also see a list of funders here: https://www.torproject.org/about/sponsors.html.en [torproject.org].
      • by kasperd ( 592156 )

        So they needed some way of giving them internet access without making it pathetically easy for foreign powers to simply tap a couple key routers and see everything any soldier browses

        A VPN connection going back home would be the most efficient solution to that problem. If you are really paranoid you set it up such that the endpoints send a constant stream of equal sized packets to each other, regardless of whether you have any data to send over the VPN connection.

    • There are a lot of reasons to use it over Tor.

  • by LodCrappo ( 705968 ) on Friday September 06, 2013 @09:54PM (#44781221)

    1. Us government creates Tor.

    2. Us government can audit Tor traffic.

    Who exactly is surprised by this??

  • ...that I have is not with the NSA being able to crack some platform's encryption. TOR after all was a product of some part of the DOD at least in part in response to the great firewall in China, though it's been through some itterations since.

    My concern is that there's likely to be far greater money available from people willing to make use of collections of cracked keys outside of the news sector, than there is within it. That tells me that it's far more likely that someone working at the NSA is likely to

  • About Tor versions (Score:5, Informative)

    by Shawn A. Miller ( 3047489 ) on Friday September 06, 2013 @11:11PM (#44781535) Homepage
    The original blog post by Rob Graham that Arstechnica reports on has created some confusion about Tor versions. The current recommended stable version of Tor is 0.2.3.25-12. The current alpha release is Tor 0.2.4.17-rc, and people running relays are being encouraged to use this version on the mailing lists. So the repositories, by recommending Tor 0.2.3.x, aren't out of date. However, the Tor website does advise against using the Ubuntu repositories because they aren't "reliably updated" (https://www.torproject.org/docs/debian#ubuntu), which I don't think is the fault of Tor developers. Also, the most up to date version of Tor can be found at the following repository: deb http://deb.torproject.org/torproject.org/ [torproject.org] tor-nightly-0.2.4.x-wheezy main.
    • What's more, this analysis is very fresh. Remember that right now huge chunks of Tor traffic appear to be botnet control circuits. The botnet runs on 0.2.3.x - so that's going to bias the sample somewhat.

      BTW - not surprised to learn that Linux distributors are screwing their users with stale repos yet again. Anyone who is using distributor repositories to get security sensitive software is just asking to be compromised.

  • One or two infested OSs or encryption algorithms are not enough. It is an opportunity for the new "cottage cheese" computers and software industry.

    Various hardware architectures, various OSs, encryption approaches, etc. which are talking to each other via open clear protocols.

    Let my computer be less sleek or cool but it should me my computer and my software.
  • by ssimpson ( 133662 ) <slashdot@samsimp s o n . c om> on Saturday September 07, 2013 @04:30AM (#44782553) Homepage

    Bruce Schneier http://www.wired.com/opinion/2013/09/black-budget-what-exactly-are-the-nsas-cryptanalytic-capabilities/ [wired.com] stated that "Breakthroughs in factoring have occurred regularly over the past several decades, allowing us to break ever-larger public keys. Much of the public-key cryptography we use today involves elliptic curves, something that is even more ripe for mathematical breakthroughs. It is not unreasonable to assume that the NSA has some techniques in this area that we in the academic world do not. Certainly the fact that the NSA is pushing elliptic-curve cryptography is some indication that it can break them more easily."

    I'd not rush from DH to ECC but would strongly recommend a move to 2048-bit or above keys

    And have just realised that I haven't posted to Slashdot for many years...And yet somehow my .sig is still relevant. NSA may have dropped their plans for mandatory Escrow 15 years ago after the quote was made...but they didn't change the fundamental goal: to read everything.

    • Bruce Schneier http://www.wired.com/opinion/2013/09/black-budget-what-exactly-are-the-nsas-cryptanalytic-capabilities/ [wired.com] stated that "Breakthroughs in factoring have occurred regularly over the past several decades, allowing us to break ever-larger public keys. Much of the public-key cryptography we use today involves elliptic curves, something that is even more ripe for mathematical breakthroughs. It is not unreasonable to assume that the NSA has some techniques in this area that we in the academic world do not. Certainly the fact that the NSA is pushing elliptic-curve cryptography is some indication that it can break them more easily."

      This is most probably correct, given the proof of the Taniyama–Shimura–Weil conjecture, thus proving Fermat's last theormen, and resulting in the establishment of the Modularity Theorem. On a related note, isn't 25519 a rational number? Meaning elliptic curve 25519 has a modular form? Meaning that Tor's choice of curve is rather subject to modular attack?

      Just saying...

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...