t *Y*
Long ago the US government wanted to put a "clipper chip" in everybody's computer. This chip would encrypted traffic (wasn't common at the time) but witih a backdoor so that law enforcement could see your data.
Later NIST recommended Dual_EC_DRBG encryption that suspiciously could have been constructed with a backdoor, and later evidence from Snowden indicated that it probably did have this backdoor.
Also the P curves (P-224, P-256, and P-384) were constructed with numbers that are unexplained and could weaken the algorithm if you know the secret of how those numbers were chosen.
Chrome and Firefox do not support ed25519 in TLS, but they do support the P-curves.
I suspect TLS isn't secure against the NSA unless both sides are using algorithms that the NSA can't break, which in the browser HTTP world is hardly possible.
ed25519 isn't the only algorithm with nothing up it's sleeve (https://en.wikipedia.org/wiki/Nothing-up-my-sleeve_number) but it has become the most popular and is quite efficient.
In the rust world, if you control both endpoints, you can use a more trustworthy TLS like https://github.com/mikedilger/alt-tls If you don't control both endpoints, the TLS will probably fail to negotiate a secure algorithm.
nostr:nevent1qqs0f0q9fcmwne865ecu6xy6qy0xl53pws2ewhpxtf429huj4hlrn2qfuvutz
Discussion
No replies yet.