Pixel Envy

Written by Nick Heer.

One of the Missing Pieces in the NSA/Encryption Reporting

While the reporting by the Guardian, Times, and ProPublica was first-rate, the general-audience nature of those publications omitted some of the more technical details of how the NSA is bypassing encryption standards. Well, that, and the intelligence agencies concerned asked the news agencies not to report these findings.

A more detailed story about a new TSL encryption standard, for example, appeared in Wired in 2007. Bruce Schneier:

Random numbers are critical for cryptography: for encryption keys, random authentication challenges, initialization vectors, nonces, key-agreement schemes, generating prime numbers and so on. Break the random-number generator, and most of the time you break the entire security system. Which is why you should worry about a new random-number standard that includes an algorithm that is slow, badly designed and just might contain a backdoor for the National Security Agency.

Schneier apparently has access to the documents provided by Edward Snowden. I’m excited for the potential of a more technical breakdown, in addition to these high-level summaries. I suspect that there’s a lot more to be revealed.