Linked by Thom Holwerda on Sat 3rd Nov 2012 00:35 UTC
OpenBSD Theo de Raadt has announced the release of OpenBSD 5.2. The OpenBSD 5.2 release page has a detailed list of all changes and improvements. As always, I would love for someone to write proper items about OpenBSD releases - it's outside my interests and cursory glances don't do it justice.
Thread beginning with comment 540968
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Comment by marcp
by kwan_e on Sun 4th Nov 2012 00:46 UTC in reply to "RE: Comment by marcp"
kwan_e
Member since:
2007-02-18

"OpenBSD has vnconfig -k capabilities with built-in Blowfish support [I don't trust AES and other stuff].

??... You don't trust one of most thoroughly cryptoanalysed cipher, don't trust in its many cryptoanalyses done by best cryptologists?
"

There are some people who are automatically suspicious of anything approved by some authority. In the case of encryption, it's the fear that there's a back door in the design that would allow the authorities to break it easily.

Reply Parent Score: 2

RE[3]: Comment by marcp
by marcp on Sun 4th Nov 2012 11:02 in reply to "RE[2]: Comment by marcp"
marcp Member since:
2007-11-23

Bingo. If it's designed by government to encrypt, then it's also designed by government to decrypt. Think about it: which government would allow to design cipher that is not breakable by themselves? that would be totally illogical. They want security, but they want to hold the master key ... that's easier than remote installation of government sponsored spyware [used in many operations], etc. You don't have to ask for the keys to encrypt. You can do it yourself.

You are a wo/man of big faith, zima.

P.S oh, and why do you think they did hardware acceleration for AES? it's not a surprise. They want wide adoption.

Edited 2012-11-04 11:04 UTC

Reply Parent Score: 2

RE[4]: Comment by marcp
by kwan_e on Mon 5th Nov 2012 02:36 in reply to "RE[3]: Comment by marcp"
kwan_e Member since:
2007-02-18

Bingo. If it's designed by government to encrypt,


But the AES isn't designed by the government. It was chosen from independent competing teams. Specific IMPLEMENTATIONS of AES could definitely have backdoors and I think it would be stupid to assume none of them did, but the design itself is quite hard to have a backdoor put in.

That's why in my initial comment, I only touched on design implying the fear about the design of AES is a bit paranoid. Everyone could review the design, and if no such agency were able to inject a backdoor into the design, you can bet the Russians, Chinese and Indians have the mathematical expertise (or can pay for it if they didn't) to figure it out.

Backdoors are a three way street and, whatever you think about the US congress and senate and the CIA and FBI, no such agency does not seem to have the same incompetence.

For a luddite like me, if it's good enough for Bruce Schneier, it's good enough for me.

Reply Parent Score: 4

RE[4]: Comment by marcp
by zima on Wed 7th Nov 2012 21:00 in reply to "RE[3]: Comment by marcp"
zima Member since:
2005-07-06

That's bordering on paranoia (hm, and you just accepted the post of kwan_e kinda pointing this position as such) ...part of which often is: seeing simple facts not quite the way they are ("the government" didn't design AES)

Apart from what kwan_e says - if you think the govs world over (many ~competing ones) could conceivably pull off SUCH stunt, of silencing ALL pro cryptologists ...then how do you know that Blowfish isn't similarly compromised? (even better: "let's release this much weaker Blowfish cipher for those who really want to hide secrets from us!")

Hell, why do you trust the microcode in your CPUs? (that would be probably much easier to pull off, with only two US-based major x86 vendors)

What govs really use if they want your secrets, apart from planting of trojans, are good old interpersonal skills or - if they really want your secrets - rubber hose cryptoanalysis.

And the AES got accelerated in more recent CPUs because IT WAS ALREADY WIDELY ADOPTED

Reply Parent Score: 2

RE[3]: Comment by marcp
by zima on Wed 7th Nov 2012 20:45 in reply to "RE[2]: Comment by marcp"
zima Member since:
2005-07-06

There are some people who are automatically suspicious of anything approved by some authority. In the case of encryption, it's the fear that there's a back door in the design that would allow the authorities to break it easily.

What's funny-sad, those seem to be quite often the same people who shout the loudest that... the government can't do anything right.

Reply Parent Score: 2