top | item 45494716

(no title)

philodeon | 4 months ago

You seem blind to the obvious corollary to that fact, which is if cryptosystems based on ring-LWE hardness have been worked on by giants for 30 years, then those same cryptosystems have been cryptanalyzed for 30 years, and a significant chunk of cryptanalytic research stays in NSA’s Classified Mathematics Library.

You’ve admitted you were “loudly wrong” when you announced Dual-EC couldn’t be an NSA cryptography backdoor. Snowden let us all know the NSA spends $250 million every year secretly convincing/bribing the private sector to use bad cryptography. Despite that history, you are still convinced there’s no way ML-KEM is an NSA cryptographic backdoor and that all the bizarre procedural errors in the PQ crypto contest are mere coincidences.

[checks my text messages] Lucy just texted me, Thomas. She’s outside waiting for you to kick her football.

discuss

tptacek|4 months ago

See, this is what I mean; this is the kind of logic Bernstein knows he's engaging with when he writes these things.

philodeon|4 months ago

When someone discovers the trick necessary to decrypt ML-KEM in an hour and publishes it in the unclassified sphere, I assume your response will be “hey, I may have been wrong yet again, but at least I wasn’t impudent!”