> Thus succeeding at making the telecommunications vendors used for Top Secret US national security data less secure, the obvious goal of the US National Security Agency
NSA still has the secret Suite A system for their most sensitive information. If they think that is better than the current public algorithms and their goal is to make telecommunications vendors to have better encryption, then why doesn't they publish those so telco could use it?
> Truly, truly can't understand why anyone finds this line of reasoning plausible. (Before anyone yells Dual_EC_DRBG, that was a NOBUS backdoor, which is an argument against the NSA promoting mathematically broken cryptography, if anything.)
The NSA weakened DES against brute-force attack by reducing the key size (while making it stronger against differential cryptanalysis, though).
The thing that sets this effort apart from DES and Clipper is that USG actually has skin in the game. Neither DES or Clipper were ever intended or approved to protect classified information.
These are algorithms that NSA will use in real systems to protect information up to the TOP SECRET codeword level through programs such as CNSA 2.0[1] and CsFC.
Couldn't NSA have not known about an issue with ML-KEM, and thus wanted to prevent its commercial acceptance, which it did simply by approving the algorithm?
What's the PQC construction you couldn't say either thing about?
> Couldn't NSA have not known about an issue with ML-KEM, and thus wanted to prevent its commercial acceptance, which it did simply by approving the algorithm?
Could, but they did not do that. So, the question is to be stated: Why?
I think you could use dm-integrity over the raw disks to have checksums and protect against bitrot then you can use mdraid to make a RAID1/5/6 of the virtual blockdevs presented by dm-integrity.
I suspect this is still vulnerable to the write hole problem.
You can add LVM to get snapshots, but this still not an end-to-end copy-on-write solution that btrfs and ZFS should provide.
Why does a routing protocol matter for the banking sector? With proper encryption the route the packets of transaction data takes should not matter at all.
> QLC is basically useless unless you use it as write-once-read-many memory
The market thoroughly disagrees with your stupid exaggeration. QLC is a high-volume mainstream product. It's popular in low-end consumer SSDs, where the main problem is not endurance but sustained performance (especially writing to a mostly-full drive). A Windows PC is hardly a WORM workload.
Seems like it is though? Most consumer usage does not have much churn. For things like the browser cache that do churn the total volume isn't that high.
The comparison here is database and caching workloads in the datacenter that experience high churn at an extremely high sustained volume. Many such workloads exist.
Consumer usage does not have much churn, but the average desktop is probably doing 5-50 drive writes per year. That's far away from a heavy database load, but it's just as far away from WORM.
There's a very big difference between a workload where you have to take care to structure your IO to minimize writes so you don't burn out the drive, and a workload that is simply easy enough that you don't have to care about the write endurance because even the crappy drives will last for years.
Of course. The inferior but cheaper technology is more cost effective in most cases but for certain workloads that won't be the case despite being more affordable per unit upfront.
The workloads flash is more cost effective for (ie most of them) either aren't all that write heavy or alternatively leave the drive sitting idle the vast majority of the time. The typical consumer usecase is primarily reads while it mostly sits idle, with the relevant performance metrics largely determined by occasional bursts of activity.
This. A voting system and it security must be understandable to the average people. You can not do that with electronic voting. (Even if electronic voting can be done securely.)
Okay, average person uses a special key picked up from the DMV one time that allows them to login to vote.com and cast their vote. This is a totally normal experience and understandable by anyone who has done online banking.
It doesn't provide anonymity, which is a critical requirement for any (public) election system. It also doesn't provide security, as someone who can control the servers behind vote.com, can change anyone's vote.
One of the main goals of an electoral system is to ensure that the population trusts that their views are fairly represented.
The reason that paper voting is so good in this regard is that everybody can fully understand the entire process. It is so very, very simple. And if you need proof, you can go see the counting for yourself.
The issue with electronic voting is that there is far greater complexity. There are many valid reasons that someone could distrust it, for example:
- You might not trust the cryptography experts that claim the algorithms are secure.
- You might not trust the algorithms to be implemented correctly.
- You might not trust the computer manufacturer to have designed a secure machine.
- You might not trust the computer manufacturer to have built a defect-free machine.
- You might not trust the machine hasn't been compromised by some bad actor.
- You might not trust that there hasn't been some random bit-flips.
- You might just not understand how computers work.
- ect. ect.
Note that it is not important whether it can be proved to be correct and secure. The unique goal here is that everyone can prove to themselves that it is correct and secure. It must be obvious to everyone that they can trust it.
In my opinion, this is not possible to achieve with an electronic system.
- We already trust computers to run our markets, banks, cars, energy infrastructure, etc. Is a computer popularly untrustworthy?
- Do low-tech physical ballot systems offer good guarantees? See 2024 Russian elections [0], for an extreme counter-example.
I'd say cryptography or smart algorithms can go a long way in upholding certain invariants, but you need some infrastructure for that: e.g. key pairs per voter and a trustless counting system. If you can't get that, then you're relying on the good will of others: in some cases it's the volunteer counters, in others it's whoever deploys and operates the trust-based black box e-voting system. I think that cryptocurrencies alone should be proof to anyone observant that a trustless voting system is doable, though I'm honestly surprised by this thread, because it alludes to the opposite.
> The reason that paper voting is so good in this regard is that everybody can fully understand the entire process. It is so very, very simple. And if you need proof, you can go see the counting for yourself.
I volunteered as a scrutineer for a major Canadian political party as a teenager. You show up and watch the electionworkers open the ballot box and count the ballots. The ballots were counted fairly although some people couldn't tick the boxes correctly.
It's unclear how such a system would work in the United States, though, because you've merged all elections into a single voting day. If people struggle with ticking a single box from 5 options I can't imagine what a multipage ballot binder would be.
reply