hereforawhile@lemmy.mlM to Secure Coms@lemmy.ml · 14 days agoHow the NSA can break trillions of encrypted Web and VPN connectionsarstechnica.comexternal-linkmessage-square4linkfedilinkarrow-up113arrow-down12
arrow-up111arrow-down1external-linkHow the NSA can break trillions of encrypted Web and VPN connectionsarstechnica.comhereforawhile@lemmy.mlM to Secure Coms@lemmy.ml · 14 days agomessage-square4linkfedilink
minus-squareslazer2au@lemmy.worldlinkfedilinkEnglisharrow-up7·14 days agoTl;dr It is likely 512 and 1024 bit diffie Hellman primes are within the NSA budget to predict. Move to at least 2048. Or better yet move to an elliptic curve
minus-squareCypher@lemmy.worldlinkfedilinkarrow-up4·14 days agoThe NSA paid RSA, to ‘backdoor’ the Dual Elliptic Curve Deterministic Random Bit Generator which was pushed as an industry standard for years. I don’t see why they wouldn’t have done the same with more recent algorithms.
minus-squareslazer2au@lemmy.worldlinkfedilinkEnglisharrow-up1·14 days agoThat was P256 Dual_EC_DRBG. x25519 has been the defacto replacement since 2015ish
minus-squarehereforawhile@lemmy.mlOPMlinkfedilinkarrow-up3·14 days agoThis was written 10 years ago though for context. It’s anyone’s guess what can be done with today’s computers.
Tl;dr
It is likely 512 and 1024 bit diffie Hellman primes are within the NSA budget to predict. Move to at least 2048.
Or better yet move to an elliptic curve
The NSA paid RSA, to ‘backdoor’ the Dual Elliptic Curve Deterministic Random Bit Generator which was pushed as an industry standard for years.
I don’t see why they wouldn’t have done the same with more recent algorithms.
That was P256 Dual_EC_DRBG. x25519 has been the defacto replacement since 2015ish
This was written 10 years ago though for context.
It’s anyone’s guess what can be done with today’s computers.