Google moved up its estimated deadline for quantum preparedness in cryptography to 2029—only 33 months from now. That’s earlier than previous deadlines, and they proposed the new post-quantum migration deadline because of two new papers that comprise a big jump in the state of the technology. It’s ahead of schedule, but not altogether unexpected. Cryptographers and engineers have been working on this for years, and as the deadline gets closer, it’s not surprising to see more precise timeline estimates come up.
  • Chakravanti@monero.townEnglish
    1·
    51 minutes ago

    Never once PGP/GPG in this article. EFF is not EFF.

    It’s fucking obvious. This is just pointing out the obvious.

    They take all different kinds of Crypto dontations…except the only real one. Sure, BCH or maybe Lite, I can’t think of the three letter offhand, but that’s for forcing corporate public fraudulence to pay fucking taxes by tracking it all but it’s 100% visible from origin to destination and via carrier(s).

    If you don’t know which one I’m choo-choo-ally talking about here, then go figure it out. Do you logic. There’s countless fraudulence privacy. Do your logic to it cuz there’s only one on the table that dose it properly. The rest doze it.

    • bearboiblake@pawb.socialEnglish
      16·
      13 hours ago

      There are theories that NSA has long since broken RSA and intentionally put vulnerabilities into Ec25519. I don’t know how much credence to give those rumors, but I avoid both algorithms to be safe.

      They probably have backdoors at the bare metal level anyways. There is no real chance of us defending ourselves against determined attackers from such agencies. Palantir probably doesn’t come close.

      • Redjard@reddthat.com
        6·
        8 hours ago

        My dude, rsa is fine. This article is talking about a company called rsa, not rsa encryption.
        I have never heard of doubt about rsa’s security, given enough size. The main issue with raa is that it needs to be thousands of bits in size due to not being very efficient. And of course it is not post quantum.

        • bearboiblake@pawb.socialEnglish
          11·
          11 hours ago

          There’s a pretty good blog post about potential backdoors in RSA on the Cloudflare blog but honestly I remember reading rumors about it on obscure internet forums and mailing lists going back a long time.

          For Ec25519, there’s some stuff about it in the History section of the wikipedia article.

          • CorrectAlias@piefed.blahaj.zoneEnglish
            9·
            11 hours ago

            Isn’t the NSA portion in that Wikipedia article just explaining why people moved to using ec25519? It says:

            In 2013, interest began to increase considerably when it was discovered that the NSA had potentially implemented a backdoor into the P-256 curve based Dual_EC_DRBG algorithm.[12] While not directly related,[13] suspicious aspects of the NIST’s P curve constants[14] led to concerns[15] that the NSA had chosen values that gave them an advantage in breaking the encryption.[16][17]

            “I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry.”

            — Bruce Schneier, The NSA Is Breaking Most Encryption on the Internet (2013)

            Since 2013, Curve25519 has become the de facto alternative to P-256, being used in a wide variety of applications.[18] Starting in 2014, OpenSSH[19] defaults to Curve25519-based ECDH and GnuPG adds support for Ed25519 keys for signing and encryption.[20] The use of the curve was eventually standardized for both key exchange and signature in 2020.[21][22]

            That seems to say that people left P-256 for Curve25519.

            • bearboiblake@pawb.socialEnglish
              8·
              10 hours ago

              Oh, sorry, you’re right. I can’t remember where I read about Ec25519 vulnerabilities now, but I do remember that I switched to using Ed25519 instead which was not vulnerable. I think it was something to do with random number generation, you might be able to turn something up on your preferred search engine - sorry for not being more helpful, I’m replying from my phone away from my computer.

        • bearboiblake@pawb.socialEnglish
          4·
          12 hours ago

          Never mind, sorry, I figured out what you meant lmao, sorry for being dense, I am autistic. I already upvoted your comment, I don’t like killing people because it’s generally unproductive but I am totally with you in spirit, the NSA and Palantir should be abolished and those who worked with it should be put on trial for crimes against humanity… and then maybe executed. Or just forbidden from ever being in a position of authority or power. I’m open to discuss!