On Sat, Nov 21, 2009 at 05:42:48PM -0500, Samuel Baldwin wrote:
quoted text
> 2009/11/21 AG <computing.account@googlemail.com>:
> > Depends on whether one trusts the NSA or not.
> 
> That's the nice thing about open source software; we don't have to,
> because we can verify their code or mathematics ourselves.

Anything can be backdoored. An agency that wants to do so would probably
be less obvious about it.

I don't know the current state of NSA mathematical research, obviously,
but it used to be THE biggest employer of mathematicians on the planet,
and there was a point when it had a considerable advance in cryptography
to about anybody else.

It's a well-documented story that the NSA suggested changes to the DES
initialisation vector before it became a standard.

Backdoor ? no.

Resistance to differential cryptanalysis ? you bet.

The fun thing about that is that, at that point, differential cryptanalysis
hadn't been invented... and wouldn't be for roughly ten years. For the
general public, that is.

I don't know if they still have this kind of advance. Probably less.


Good luck verifying the mathematics yourself, though.