From: | Gaetano Mendola <mendola(at)bigfoot(dot)com> |
---|---|
To: | Greg Stark <gsstark(at)mit(dot)edu> |
Subject: | Re: Salt in encrypted password in pg_shadow |
Date: | 2004-09-10 00:38:47 |
Message-ID: | 4140F797.5090908@bigfoot.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Greg Stark wrote:
> Gaetano Mendola <mendola(at)bigfoot(dot)com> writes:
>
>
>>Well, when SHA-0 was ready NSA suggested to apply some changes in order to
>>correct some flaw discovered and SHA-1 comes out, interesting NSA never wrote
>>which flaw was corrected!
>>May be SHA-1 is trasparent water to NSA eyes :-)
>
>
> This is awfully similar to the story that's told about DES:
>
> When DES was under development the NSA told people to try a few specific
> constants for the "sboxes" stage of the cipher. As far as anyone at the time
> could tell they were completely random values and nearly any value would have
> been just as good.
>
> Then 30 years later when differential cryptanalysis was invented people found
> the values the NSA told them to use are particularly resistant to differential
> cryptanalysis attacks. Almost any other values and DES would have fallen right
> then.
>
> This means it's quite possible the NSA had differential cryptanalysis 30 years
> before anyone else. Quite a remarkable achievement. However it's unlikely that
> the same situation holds today. 30 years ago nobody outside the government was
> doing serious cryptanalysis. If you were a mathematician interested in the
> field you worked for the NSA or you changed fields. These days there's tons of
> research in universities and in the private sector in serious cryptanalysis.
> The NSA still employs plenty of good cryptanalysts but they no longer have the
> monopoly they did back then.
I will invite you to repeat the same sentence in 2034 ... :-)
Regards
Gaetano Mendola
From | Date | Subject | |
---|---|---|---|
Next Message | Chris Travers | 2004-09-10 01:02:07 | Re: Salt in encrypted password in pg_shadow |
Previous Message | Wes | 2004-09-09 23:43:32 | Re: How to determine a database is intact? |