[tor-talk] Fwd: Can You Trust NIST?

Roger Dingledine arma at mit.edu
Tue Oct 22 17:39:02 UTC 2013


On Fri, Oct 18, 2013 at 10:45:15PM -0400, Niels Elgaard Larsen wrote:
> On 13-10-18 10:10 AM, Tom Goldman wrote:
> >Recently, I stumbled upon a very interesting article at
> >http://spectrum.ieee.org/telecom/security/can-you-trust-nist
> >  Does this mean that Tor could technically be weakened by the NSA?
> 
> TOR does not have to only use NIST encryption.
> I am sure the TOR developers were aware of the problem with  Dual EC
> DRBG from back in 2006.

See the previous version of this thread (with more answers)
https://lists.torproject.org/pipermail/tor-talk/2013-September/thread.html#29933

I recommend reading the rest of Nick Mathewson's posts on that page too.

--Roger



More information about the tor-talk mailing list