[Discuss] Encrypt Everything?

[Richard Pieri]

Jerry Feldman wrote:
> The main issue is that assuming you encrypt all your outgoing emails,
> and most of your respondents encrypt email to you if someone with enough
> compute power wanted to decrypt your emails they can do it. And,

I previously suggested that the NSA has intentionally and secretly 
weakened encryption standards. Two days ago, the New York Times 
published an article from the Snowden files that indicate precisely this 
kind of weakening in the FIPS Dual_EC_DRBG standard. If this is the case 
then supposedly random keys -- both permanent and session -- generated 
with this algorithm are in fact deterministic. The Times article 
suggests that the NSA could recover such keys in trivial time from as 
little as 32 bytes of encrypted data. Previous Times and Guardian 
articles indicate that the NSA has planted similar back doors in other 
algorithms and in end-to-end encryption hardware such as VPN servers and 
SSL/TLS accelerators.

It's no longer a matter of having sufficient resources to break 
encrypted messages. It's a matter of having sufficient resources or 
sufficient luck to identify and exploit the back doors that the NSA has 
secreted in FIPS standards and possibly other standards.

-- 
Rich P.