this post was submitted on 13 Oct 2023
571 points (98.6% liked)

Technology

58143 readers
5397 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
571
Mathematician warns US spies may be weakening next-gen encryption (www.newscientist.com)
submitted 11 months ago by RobotToaster@mander.xyz to c/technology@lemmy.world
51 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] otter@lemmy.ca 191 points 11 months ago (18 children)

Relevant bit for those that don't click through:

Daniel Bernstein at the University of Illinois Chicago says that the US National Institute of Standards and Technology (NIST) is deliberately obscuring the level of involvement the US National Security Agency (NSA) has in developing new encryption standards for “post-quantum cryptography” (PQC). He also believes that NIST has made errors – either accidental or deliberate – in calculations describing the security of the new standards. NIST denies the claims.

“NIST isn’t following procedures designed to stop NSA from weakening PQC,” says Bernstein. “People choosing cryptographic standards should be transparently and verifiably following clear public rules so that we don’t need to worry about their motivations. NIST promised transparency and then claimed it had shown all its work, but that claim simply isn’t true.”

Also, is this the same Daniel Bernstein from the 95' ruling?

The export of cryptography from the United States was controlled as a munition starting from the Cold War until recategorization in 1996, with further relaxation in the late 1990s.[6] In 1995, Bernstein brought the court case Bernstein v. United States. The ruling in the case declared that software was protected speech under the First Amendment, which contributed to regulatory changes reducing controls on encryption.[7] Bernstein was originally represented by the Electronic Frontier Foundation.[8] He later represented himself.[9]

source; https://en.wikipedia.org/wiki/Daniel_J._Bernstein

[–] steventhedev@lemmy.world 84 points 11 months ago (1 children)

It is indeed one and the same. This is the post that triggered this article (warning: it's long and not well organized): https://blog.cr.yp.to/20231003-countcorrectly.html

Credit where credit is due, DJB is usually correct even if he could communicate it better.

[–] dack@lemmy.world 54 points 11 months ago

Honestly, I think his communication here is fine. He's probably going to offend some people at NIST, but it seems like he's already tried the cooperative route and is now willing to burn some bridges to bring things to light.

It reads like he's playing mathematics and not politics, which is exactly what you want from a cryptography researcher.

load more comments (16 replies)