[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] Second Swiss firm allegedly sold encrypted spying devices

On 11/26/20 9:48 PM, iang wrote:

Swiss public television, SRF, has found a second company besides Crypto AG was involved in manufacturing manipulated devices allegedly used for spying by foreign intelligence.

I can confirm that this is mainline news in Switzerland (even though it is shadowed by news about its terrible handling of the Corona crisis). The Tagesanzeiger had a long article about this, and from what I remember about that article, they were somewhat confused about Ueli Maurer's role in vetting Onmisec's crypto algorithms.

From memory (which may or may not be faulty):

It seems that Omnisec gave the impression that their productss had been vetted by Maurer, an ETH professor and renowned cryptographer. Maurer denies this, saying that because of scientific prudence he would never vet products that he didn't own. He says that his role was more that of a "second opinion". But then the Tagesanzeiger writes that "Omnisec disputes this, claiming that Maurer had "attacked" their algorithm". (Quote from memory, translation mine.)

I honestly don't see a contradiction here. You can, as part of a second opinion, try a few attacks on the crypto, and report that these failed. But that is far from a successful vetting of the algorithm or product.


The cryptography mailing list
cryptography AT metzdowd.com