[tor-dev] The consequences of key compromise (or the reasons for changing)

Marsh Ray marsh at extendedsubset.com
Fri Nov 4 15:46:00 UTC 2011

On 11/04/2011 01:39 AM, Jon Callas wrote:
> It's certainly laudable to worry about TLAs with ASICs. They probably
> can't break 80-bit crypto yet, but that's why you need to get off of
> it now.
> On the other hand, no TLA worth their salt is buying ASICs to crack
> crypto. They are buying zero-day kernel 'sploits. That's how the
> Germans are beating Skype. Keep that in perspective. The half life of
> an ASIC is 18 months. Zero-days are much more effective and much
> cheaper.

I think this does not follow. Just because they are buying 0-days 
doesn't mean that they are not also buying ASICs (or at least FPGAs). My 
guess is that there are some adversaries with more money for 
cybershenanigans than they know what to do with right now.

- Marsh

More information about the tor-dev mailing list