Thread by someone directly involved on why the ISO rejected NSA ciphers in the past (hint: they refused to justify design decisions, lied, and attacked the credibility of people who had put out actually-secure crypto):
> Either they're too incompetent to be trusted or are bad actors
I agree but am curious about one thing. If they aren't stupid won't they realize it's a terrible idea to embed weaknesses in standards destined to become so pervasive your own economy will rely on them (as well as your own military/intel)?
Also, history virtually guarantees that your most secret secrets are reasonably likely to become known to your adversaries and used against you with catastrophic consequences? Even if they could entirely subvert the standards process to plant their own backdoor that ends up everywhere, game theory dictates they might be creating their own greatest future weakness.
> If they aren't stupid won't they realize it's a terrible idea to embed weaknesses in standards destined to become so pervasive your own economy will rely on them (as well as your own military/intel)?
The Dual_EC_DRBG backdoor [1] is a asymmetric crypto based backdoor. Only the one who built the back-door has the key to access it. It's even impossible to prove the backdoor is there without knowing the key.
This way you don't weaken yourself or allies WRT 3rd parties when standardizing on that specific weakened algorithm (of course you need to closely guard your key).
The military is still on unencrypted IRC, the dog has already been fucked for years on that one. The economy doesn't really matter, and for any person they deem does matter, they can just tell them under NSLs to use something that DJB made, instead, if they even understand the difference between protocols to begin with.
From what I'm aware, the military doesn't use IRC?
IRC was inspired from BITNET, which was used by the DoD briefly and not the military as a whole?
Military networks are encrypted at the network layer?
User authentication is enforced at the session and presentation layers?
Unencrypted IRC (esp on a secure network) sounds like a massive upgrade from what I'd answer if someone here said "Guess what the military just switched to for their secure chat??" (slack or some other commercial hosted web atrocity). :)
NSA fixed the S boxes in DES, protecting users from a type of attack that wasn't yet public knowledge. Many people wrongly assumed that the NSA was trying to weaken DES, but they strengthened it.
https://www.schneier.com/blog/archives/2007/11/the_strange_s...
Thread by someone directly involved on why the ISO rejected NSA ciphers in the past (hint: they refused to justify design decisions, lied, and attacked the credibility of people who had put out actually-secure crypto):
https://twitter.com/TomerAshur/status/988696306674630656
Either they're too incompetent to be trusted or are bad actors and should be treated as such.