Hacker News new | ask | show | jobs
by ryanlol 2752 days ago
I don't believe so. If one of those states managed to seize a US nuclear weapon, that'd be evidence of such a failure.

The specific case of protecting backdoor keys really comes down to keeping from getting physically stolen, which at least the US government should be perfectly capable of.
1 comments
natch 2752 days ago
Mere assertions that they "should be perfectly capable" are just vacuous statements that don't mean anything.

1) We're not just talking about the US government that will have access to keys.

2) The US government has shown itself to be perfectly capable of losing secrets. I'm not saying, as you did, they "should be." I'm saying they have proved it. So have the governments of other countries.

3) We don't know how those countries got all the information they have. We may know where some of their information came from, but not all of it.

4) NSA is supposed to be our best and brightest at protecting secrets. Look what they did.

5) Some proposals for encryption backdoors allow for access by law enforcement at almost any level, down to local sheriff / police. They would probably stop just above mall cop, if they could.

If you have a retort to just some of these points, unfortunately that doesn't fix the problem. You would have to be able to answer all of them. A leak only takes one weak point.

link
ryanlol 2752 days ago
>We're not just talking about the US government that will have access to keys.

Well I doubt the $insert_country would want to share their keys with others. Why would they? It'd make far more sense to send in encrypted message and get decrypted message back.

>The US government has shown itself to be perfectly capable of losing secrets.

But not even remotely comparable secrets. We're essentially talking about a physical item here, not a secret you can lose without losing possession of that item.

>Some proposals for encryption backdoors allow for access by law enforcement at almost any level, down to local sheriff / police

This may present logistical challenges for handling decryption requests, but I don't see it as a huge issue for keeping the keys from leaking.

Obviously I'm not actually advocating this, I just think that you're making some rather dishonest arguments here.

link
natch 2752 days ago
>We're essentially talking about a physical item here

I don’t even... OK, you have yourself a nice rest of your day.

link
ryanlol 2752 days ago
How do you propose the keys would escape a HSM? You wouldn't keep this stuff connected to the network, so someone would have to get physical access to even attempt to attack it.
link
natch 2752 days ago
lol!
link
ryanlol 2751 days ago
Do you even know what a HSM is? Did you consider their existence before initially commenting?

If you do know what HSMs are, do you believe that they’re all useless?

Idk where the “lol!” came from, we’re talking about extremely standard cryptographic key storage here.

link