SoylentNews is people
SoylentNews
In the field of cryptography, a secretly planted “backdoor” that allows eavesdropping on communications is usually a subject of paranoia and dread. But that doesn’t mean cryptographers don’t appreciate the art of skilled cyphersabotage. Now one group of crypto experts has published an appraisal of different methods of weakening crypto systems, and the lesson is that some backdoors are clearly better than others—in stealth, deniability, and even in protecting the victims’ privacy from spies other than the backdoor’s creator.
In a paper titled “Surreptitiously Weakening Cryptographic Systems,” well-known cryptographer and author Bruce Schneier and researchers from the Universities of Wisconsin and Washington take the spy’s view to the problem of crypto design: What kind of built-in backdoor surveillance works best ?
http://www.wired.com/2015/02/sabotage-encryption-software-get-caught/
[Paper]: http://www.scribd.com/doc/257059894/Surreptitiously-Weakening-Cryptographic-Systems
(Score: 4, Interesting) by Beryllium Sphere (r) on Sunday March 01 2015, @04:40AM
I could come up with a pretentious name like "Layer 8 Rollback Attack" and obscure my writing by peppering it with "L8RA", but that would just be an entertainingly meta example of the problem.
If you want to keep people from using crypto, make it hard to use, and most of them will give up and send plaintext.
Some conspiracy-minded people argue that this has already happened due to intentional sabotage. I'm not convinced, but it's alarming that there have been regular spectacular usability problems in mainstream products. It's also disturbing that nothing improves even after usability studies are published.