zlacker

>>Fabian+(OP)
I mostly read this thinking "good news". No, seriously, the documents suggest that the NSA hasn't made fundamentally important advances in decryption or uncovered significant weaknesses that academia doesn't know about. Now, that's not too much of a reassurance, because what academia (and the NSA) know is that HTTPS is in pretty terrible state, end-point security remains a significant problem, IPSec is a terrible protocl and so on.

It does raise the question what all the mathematicians are doing at NSA, and why they don't seem to have come up with any meaningful results. Suggests they are a waste of money, but then that's all of the NSA.

I suggest all of you check the original material (powerpoints w/ screenshots). A lot of people here suffer from the action movie mentality where they think the NSA is not like any other government agency, i.e. inefficient, behind the times, filled with horrible middle managers, deadweight, .. you get the idea. Things like the enterprise Java web interface, the CSV mass data export and "genericIPSec_wrapper.pl" can quickly dispel that myth.

>>revela+95
It doesn't matter how many mathematicians they have, they can't break good encryption. Unless the NSA has a super secret quantum computer that even Snowden didn't know about...

>>oneway+W5
Well until 2 Israeli guys "rediscovered" differential cryptanalysis against DES in the late 80's no one knew about it either, no one with the exception of the NSA and the DES working group at IBM that is, even tho to them that weakness was known for almost 2 decades.

Additionally something like an effective attack against AES, RSA, or any other major encryption standard will probably be so compartmentalized that it won't even have a code word.

But on the other hand S31176 refers to a program which provides cryptanalysis against VPN (IPSEC, SSL and more) and it claims that they can decrypt (some of) the traffic. http://www.spiegel.de/media/media-35515.pdf