Announcement

Collapse
No announcement yet.

The Controversial Speck Encryption Code Will Indeed Be Dropped From The Linux Kernel

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • ilmaisin
    replied
    Originally posted by Bates357 View Post

    This is something really bad, how the code include backdoors if it's Open Source?
    Open source does not somehow magically make backdoors disappear. It only means that others can also look at the code, making the likelihood of getting caught of all kinds of foul play more likely. That is basically what is happening now. Keep in mind that this is not a some kind of trivial backdoor, but a potential mathematical weakness of a cryptographic algorithm.

    Leave a comment:


  • Bates357
    replied
    Originally posted by phoronix View Post
    Phoronix: The Controversial Speck Encryption Code Will Indeed Be Dropped From The Linux Kernel

    While Google got the NSA-developed Speck into the Linux kernel on the basis of wanting to use Speck for file-system encryption on very low-end Android (Go) devices, last month they decided to abandon those plans and instead work out a new "HPolyC" algorithm for use on these bottom-tier devices due to all the concerns over Speck potentially being back-doored by the US National Security Agency...

    http://www.phoronix.com/scan.php?pag...ng-Next-Kernel
    This is something really bad, how the code include backdoors if it's Open Source?

    Leave a comment:


  • edgmnt
    replied
    Originally posted by GunpowaderGuy View Post
    marjancek could not they check it with a theorem prover ?
    Aside from one-time pads, no encryption method has been proven secure. This isn't very surprising because we don't know (provably) if one-way functions really exist, if P equals NP or not, or whether integer factorization is truly a hard problem. Even if you could prove those things, you still need some constructive insight into how things work, e.g. simply proving P = NP does not necessarily provide a way to solve NP problems quickly. So we rely on cryptoanalytical tests to get some peace of mind, rather than anything certain.

    Leave a comment:


  • GunpowaderGuy
    replied
    marjancek could not they check it with a theorem prover ?

    Leave a comment:


  • Guest
    Guest replied
    Jewish censorship doesn't let you post the truth about jews?

    https://www.haaretz.com/jewish/.prem...iers-1.5254336

    Jews have most of the mass media in USA. They're killing innocent women and children in Palestine and even in Israel. There were 150 thousands of jews in Hitler's army. Jews were killing Polish people during and after WW2. It's all confirmed. UN, NSA, CIA and many other organizations and agencies are controlled by jews.

    Leave a comment:


  • LightBit
    replied
    Originally posted by jpg44 View Post

    RSA, the algorithm is a very simple concept, been studied for years and years. Not much room in it for shenanigans. its unlikely to be vulnerable, but the key length may need to get longer . Many people like RSA because of the simplicity and that it can be understood easily.

    If you meant the company, thats whole other matter and your probably right.
    Speck is very simple algorithm too. It is also not something revolutionary new (typical ARX).

    I don't think Speck is backdoor-ed, but it could have a bit more rounds. I think it is more about politics than actual fear of backdoor.
    I like Speck, but I don't care, if they remove it since it is easy to implement anyway.
    Last edited by LightBit; 06 September 2018, 02:57 PM.

    Leave a comment:


  • c117152
    replied
    Originally posted by cRaZy-bisCuiT View Post

    This might be the case since it's not allowed for us citizens to use 4096 bit PGP keys. You know what? LOL! :'D
    Yup that's my concern as well. I guess they have some ASIC cluster brute forcing 2k RSA in reasonable times that would be rendering impractical going 4k.

    Leave a comment:


  • nomadewolf
    replied
    Originally posted by some_canuck View Post
    People seem to forget that the NSA has their fingers in openssl and RSA as well, both of which almost everyone uses on a daily basis.
    That is why openssl is not safe.

    Leave a comment:


  • cj.wijtmans
    replied
    I would say nationalism is anticorrupt not corrupt.

    Leave a comment:


  • DavidKL
    replied
    Religion and nationalism are corrupt, regardless of the brandings. They're also rather irrelevant to the larger problem here. That problem is that even people who are following the law are destroyed. There is no room for idealism. That's true of the corporate world, too. Steve Schmidt mocked Google's "Don't be evil" motto, saying it was the stupidest thing he had ever heard. And, it was — because corporations aren't about being moral. They're amoral by definition because they're about selling things for more than they're worth, convincing the majority of customers, via marketing, to give more of their life (money) than the product provides back to them in life enhancement. He asked what evil is and said the only time he'd heard of it is in the Bible, which implies that it's an irrelevant anachronism. Which it is, when it comes to corporations and our global plutocracy. Plutocracy is about the goodness of an individual being determined by their net worth (mainly how large their financial wealth is). How good that person is is also largely determined by how well they defend the privilege of other elites.

    Anyone who is seen as a danger to elite privilege runs afoul of the law because law is, principally, designed to foster that privilege. That is why people who behave lawfully, as Mr. Scudder did, end up being destroyed. There is nearly zero tolerance for idealism. It is also why people who make the effort to stand up for their interests (by reading things like the Linux Journal and understanding security enough to not be as easily passively exploited) are also branded as bad apples.

    Leave a comment:

Working...
X