The U.S. are fighting with encryption, again...

[Bronzu]

The article:

Code:

 https://cyberlaw.stanford.edu/blog/2020/06/there%E2%80%99s-now-even-worse-anti-encryption-bill-earn-it-doesn%E2%80%99t-make-earn-it-bill-ok

Honestly it's difficult for me to believe how much some U.S. politicians hate encryption, specifically with this kind of magnitude! To me it looks like they are heading towards a 1984 scenario with these kind of attitudes, yikes!
It probably won't pass, but as the article says it might be made this insane to make the EARN IT act look "more reasonable", yeah right...
I'm glad OpenBSD is based in Canada, and sure hope none of this garbage gets over to Europe directly. Even if some terrible ideas were already introduced, like contact tracing.

[Prevet]

I find it weird how in that Snowden movie they claimed that computers, phones, and commercial operating systems have NSA back doors in them, yet in the USA politicians are getting hysterical about encryption. If the computers and phones have NSA back doors, why do the politicians care if the communications between them are encrypted? Why not ask the NSA for the access codes?

[jggimi]

It isn't necessarily "backdoors," per se, though Mr. Stone may have used that term in his screenplay for dramatic impact. It appears to be manipulation of cryptographic constants in published standards, to provide decryption advantages.

I was looking into Curve25519 today, and learned that there was conjecture of a possible backdoor in a NIST-standard psuedo random number generator, noted below. Beyond that -- and more importantly -- were all the constants that were used in Elliptic Curve Cryptography standards of the day which were called into question.

Quote:

Originally Posted by Wikipedia

Curve25519 was first released by Daniel J. Bernstein in 2005, but interest increased considerably after 2013 when it was discovered that the NSA had potentially implemented a backdoor into Dual_EC_DRBG. While not directly related, suspicious aspects of the NIST's P curve constants led to concerns that the NSA had chosen values that gave them an advantage in breaking the encryption.

"I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry." — Bruce Schneier, The NSA Is Breaking Most Encryption on the Internet (2013)

Since then, Curve25519 has become the de facto alternative to P-256, and is used in a wide variety of applications....

[jggimi]

Some years ago, I took an introduction to cryptography class that Stanford offered online. It began well enough, but my insufficient background in mathematics theory made the course impossible to continue by the 8th or 9th week in.

[e1-531g]

Quote:

Originally Posted by Prevet

I find it weird how in that Snowden movie they claimed that computers, phones, and commercial operating systems have NSA back doors in them, yet in the USA politicians are getting hysterical about encryption. If the computers and phones have NSA back doors, why do the politicians care if the communications between them are encrypted? Why not ask the NSA for the access codes?

1. Perhaps they can't break without much resources and undetected everywhere.
2. This kind of technology subversion may be found unlawful or more regulated/supervised by court in the future. It is better for them to pass a law to make it lawful.
Some actions may be now lawful for national security, but not lawful for regular criminal investigations.