[openssl-users] Lattice Ciphers
colony.three at protonmail.ch
Mon Dec 18 16:26:21 UTC 2017
>> Okay, FF does ECDHE not DHE/EDH. The whole industry does that, and most are using X25519 which was developed by Dan Bernstein.
> FF [claims it does DHE/EDH](https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29), but it does not actually, in practice. It does either EC, or RSA. I've tested it. (v52) This does not look like an accident.
>> The Guardian article you referenced didn’t even have the word curve in it. My question – do you have a reference that shows Schneier says not to use elliptic curve – was not answered.
> You don't have to read the article if you don't want to.
> "Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can."
>> - The NSA actually provided the elliptic curves for NIST's standards. And the Snowden docs now show that those curves are related.
>> No they do not show that the curves are related. And BTW, NIST just put 25519 and 448 into their recommended list.
> By its nature (secrecy), nothing public will prove the curves are related. But Snowden documents show that they are. And related curves have an inherent shortcut to cracking, which any well-funded haqxor or state-sponsored entity will have access to.
> From: noloader at gmail.com
>>> Later I realized that was the best warning Google and Schmidt could
>>> give. He basically told you government has infiltrated their systems,
>>> and you should avoid their systems if security and privacy matters.
> What great PR, that it's become almost instinctive for people to ascribe benevolance to G**gle. I believe that Schmidt was telling us his true position though.
> The one I am angry with is Mozilla, for not giving us a choice. Chrome is a choice?! Safari is a choice?! IE is a choice?! No. They are not.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users