
Barr's crypto backdoor claim is a fallacy, which I'll show with math - miles
https://twitter.com/ErrataRob/status/1154473459247828992
======
asdkhadsj
A lot of people here commenting on how Barr won't care/etc. I don't see that
as the point for this discussion.

In my view; If "we"[1] are to win, these types of information sharing/etc
posts are essential. As commenters have pointed out, Barr won't care about
this logic. In fact, there is no logic that Barr and his ilk will care about.
Yet there are hundreds of thousands of people who simply have no idea. They
are not uncaring or malicious, crypto is a complex topic and they're not
computer people. Barr and his group will _(and have!)_ spin crypto to be
something terrorists and pedophiles solely use to get away with evil. We need
to have equal, if not greater, "counter spin" to at least combat the
propaganda.

Call it educating the public or call it propaganda, it doesn't matter. We may
not win if we publish articles like this, but we will certainly lose if "we"
are the only ones that care about this topic. When the game is played on such
a large scale we can't depend on people being informed, we need to bring
people information.

I don't intend to discuss how effective information on this subject will be to
the "common" person; but I think we need to try. Lest we lose crypto with
thunderous applause.

[1]: People who care about crypto and privacy/etc.

 _edit_ : Many typos. Coffee, save me.

------
tessierashpool
Barr and others like him have been saying this stuff for decades. Showing them
the math has limited utility. Geeks have been doing that for decades too, with
limited results. Barr and his predecessors don't read math, they wouldn't
understand it if they did, and even if they understood it, they would demand
backdoors anyway. Barr in particular has already demonstrated that national
security and our economy are less important to him than increased power. It's
probably true of all these government people making all these false claims
about cryptography since the mid 1990s, but it's demonstrably true of Barr.
(The Trump coverup he's currently attempting is not even his first coverup as
Attorney General. He did similar work for a previous administration.)

------
twothamendment
Math won't change his mind (or other politicians). I think they already know
what they can do with a backdoor and why it is bad. I don't think they care.

------
admax88q
There are other means of backdooring rather than setting key size.

I'm not saying its a good idea, but there are means to make cryptosystems that
are breakable by the NSA but not anyone else. Consider the concerns around the
Dual_EC random number generator that was pushed by the NSA. People believe
that the NSA has a backdoor into that random number generator due to how the
constants were generated. There are similar concerns for various ECC curves.

So the government could mandate that industry uses their specific RNG or
specific ECC curves. Effectively giving them a backdoor that nobody else has.

It's disingenuous to argue its a bad idea because its impossible to build.
It's also a bad argument strategy, as once someone learns that it can be built
they will assume that you're lying to push your agenda and not trust further
arguments you put forward.

~~~
UncleEntity
> Effectively giving them a backdoor that nobody else has.

Until they do...then you go from 100% to 0% as TFA states.

All it takes is someone figuring out how the NSA generated their magic
constants (which obviously contain a flaw) and its game over.

~~~
admax88q
Sure but that's not the argument that the article made. Thats an important
point to discuss and there may be ways to mitigate the damage of such a
compromise (multiple curves, per key escrow). The article made a ridiculous
argument for why backdooring is "impossible". Presumably they made it to
persuade laypeople but what they really did is misinform laypeople and set
them up to be pushed to the other side when they find they've been lied to.

Not to mention you're also fucked if an unintentional flaw is discovered in
AES or similar. You still need to be able to upgrade you crypto in response to
advances in the state of the art, or leakage of important secrets.

------
deogeo
I see the focus on practicality as a bit misguided. Even if it could be done,
giving the government (and its friends) covert access to all information is
dystopian.

Looking at the recent history of pretty much any country (including the US,
let alone Russia or China, or North Korea) should show what a terrible idea
this is.

Edit: It wouldn't even improve safety. Imagine how convenient it would be for
the military-industrial-prison complex to know everything about every anti-war
activist. The increased oppressive capacity would more than make up for any
decrease in crime.

That's all assuming Americans have turned fully utilitarian, and discarded any
pesky ideals such as 'freedom' that might further tilt this analysis.

------
the_snooze
"Keys Under Doormats" should be required reading on the issue of exceptional
access. [https://www.schneier.com/academic/paperfiles/paper-keys-
unde...](https://www.schneier.com/academic/paperfiles/paper-keys-under-
doormats-CSAIL.pdf)

tl;dr Governments are vague about what they actually require in terms of
exceptional access. And few ever discuss how to mitigate the inevitable multi-
jurisdiction conflicts, like if China compels Apple to unlock phones belonging
to US-friendly intelligence assets.

