Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment: Re:Shame on them (Score 1) 179

by TechyImmigrant (#48947411) Attached to: Mathematicians Uncomfortable With Ties To NSA, But Not Pulling Back

So you did nothting to help the West defend itself or to defeat Soviet and Nazi power? And you think that is a good thing?

I judge those that came to the wrong decision poorly.

Pride in poor judgment is it?

I wasn't alive at that time and the world was a very different place. These days, if you live in Europe or America you are more likely to have your talents directed towards ill advised wars for the wrong reasons. If you were a French engineer developing missiles you would have found them being used against your NATO allies, casting doubt on the alliance.

The world is asymmetric. Not all choices are morally equal.

Comment: Re:How far does the taint go? (Score 1) 179

by TechyImmigrant (#48945175) Attached to: Mathematicians Uncomfortable With Ties To NSA, But Not Pulling Back

>we're talking about ivory-tower researchers whose work is mostly not applicable to either the real world or the digital one.

Actually I could do with a few hard core mathematicians. I have some very real world cryptographic implementation issues that pivot on the truth of some heavily ivory-tower-esque mathematical questions.

There are companies that can and do employ academic mathematicians and appreciate the work they do. Both large corps and small companies.

There's probably an old professor somewhere who is amazed that elliptic curves in additive groups are at the center of real world crypto battles and people really do lobby their governments over curve choice.

Comment: Re:Oh, (Score 1) 179

by TechyImmigrant (#48945143) Attached to: Mathematicians Uncomfortable With Ties To NSA, But Not Pulling Back

Ask yourself why you weren't alarmed by the dual-ec-drbg until the Snowden thing happened.

Those of us who were having to make decisions about the design and deployment of RNGs prior to Snowden were under no illusion that it wasn't backdoored and acted accordingly. The papers were published. The facts were known. Snowden added nothing but publicity and drew focus from the media.

I would express my opinion on it to anyone who's eyes wouldn't glaze over, which it approximately nobody who didn't already know. Nowadays, people ask me to explain it, because it's interesting to them, because it was in the media.

For the record, the CTR-DRBG is fine, but inefficient. The hash and HMAC-DRBGs offer less performance for more hardware or cycles. The dual-ec-drbg was horrible from any implementation angle even before you consider it was broken. So you could be justifiably suspicious of anyone choosing to implement it in place of one of the other three options. The sad thing is number theory methods offer lots of benefits, but the dual-ec-drbg has screwed the whole field. I predict that you will not be seeing an EC based PRNG in NIST or ISO or the IEEE any time in the next decade.

Comment: Re:they start YOUNG (true story) (Score 1) 179

" what are the two basic types of ciphers?" (fwiw I wasn't sure if they meant symmetric vs asymmetric or block vs stream)"

The answer they were looking for was: substitution and transposition.

Straight from the NSA activity book for kids. I have a copy. They give (or gave) them away at the museum next door.

To the systems programmer, users and applications serve only to provide a test load.