Google moved up its estimated deadline for quantum preparedness in cryptography to 2029—only 33 months from now. That’s earlier than previous deadlines, and they proposed the new post-quantum migration deadline because of two new papers that comprise a big jump in the state of the technology. It’s ahead of schedule, but not altogether unexpected. Cryptographers and engineers have been working on this for years, and as the deadline gets closer, it’s not surprising to see more precise timeline estimates come up.
I think you’re missing the point. Dual_EC_DRBG is a random number generator, standardized by National Institute of Standards and Technology. It was a NIST standard, widely used by many others beyond the RSA corporation itself, and is likely still in use. We know for a fact that the RSA corporation was compromised by the NSA, but this goes beyond them. More importantly, what else has the NSA compromised that don’t we know about? This is just one story.
You can save your replies, I’m not going to discuss this further.
Edit: Jesus, dude, you are seriously invested in defending NSA backdoors, huh? Keep screaming into the void. I’m changing nothing, keep yapping if you want to.
This is clearly referring to the algorithm. You don’t “break” a company.
There is also little reason to bring up the RSA company at all, it is for all intents completely irrelevant.
Please just edit your root message to talk about the EC (Dual_EC_DRBG) that is not really in use anywhere but at least real and something security people know of.
If you say the nsa has broken rsa, you are making a lot of sysadmins sweat for no reason.
Speaking of which
25519 is the fixed one. It is also not backdoored. Please fix that aswell. It is only Dual_EC_DRBG that is affected, not RSA nor ECDSA/ED25519