One such problem they have an advantage on, is factoring numbers, which (once big enough) can break some cryptosystems.
source: Redditshow context
Many theoretically strong cryptosystems are made broken by simple programming errors, like the `goto fail` bug.
source: Redditshow context
Yes, but you can easily find a transformation of the Viginère key to a key in your cryptosystem which encrypts the plaintext to the same ciphertext.
source: Redditshow context
But even with the threat of tampering with Javascript you could have a working cryptosystem with perfect forward secrecy until the point where the code for your cryptosystem is targeted and tampered with in transit, by which point you could already have transfered a persistent implementation of a cryptosystem so that you're not vulnerable to such tampering.
source: Redditshow context
As a person asking for advice, you aren't prepared for the subtleties of PGP, a very old and flaky (in implementation, not rigour) cryptosystem.
source: Redditshow context
The vast majority of cryptosystem hacks aren't based on breaking a cryptographic algorithm, just compromising the system through some other vulnerability.
source: Redditshow context
(I believe the signature cryptosystem it implements is some non-standard construction which is more or less unique to it.).
source: Redditshow context
Let's posit a different thing, then: be paranoid, and don't trust any single cryptosystem.
source: Redditshow context
And the difficulty of performing a prime factorization of a number is the fundamental key to the security of every modern cryptosystem.
source: Redditshow context
It probably does depend on the cryptosystem, but take a look at RSA signing for example.
source: Redditshow context
This is exactly how asymmetric cryptosystems work.
source: Redditshow context
I'd put in Yao's garbled circuit construction over the GM cryptosystem, it's a construction that I feel will change the course of computing forever, and also is really fucking mindblowing.
source: Reddit show context
In addition a ban on use of cryptosystems would be unconstitutional in the US.
source: Redditshow context
All symmetric cryptosystems require random public nonces, so here's a simple idea for them: When you contact your random input device, it could give you a public key encryption of x random bits and y bits to be leaked.
source: Redditshow context
If the encryption function is pseudorandom (as many are), the tampered cryptosystem is poly-time indistinguishable from an un-tampered one, even with white-box knowledge of the backdoor (it's a strong SETUP).
source: Redditshow context
Coincidentally, a few days ago I was wondering if there are any cryptosystems where it is possible to have "secondary" private keys that allows exactly one more person to decrypt messages.
source: Redditshow context
But the attack is general; this sort of thing can basically be done with any cryptosystem if you can't trust your RNG or the program generating your keys.
source: Redditshow context
You cannot let anyone generate a key for you in any cryptosystem.
source: Redditshow context
Attacks like this exist for every cryptosystem.
source: Redditshow context
Of course when you go into implementing a cryptosystem with a fuzzy idea of what you're trying to accomplish beyond "play with technology" you're going to get it wrong; and people have... there have been some total cryptographic disasters of ECIES implementations.
source: Redditshow context
GNU Privacy Guard (GPG) is one of the few cryptosystems which the recently leaked documents from the NSA regarding cryptanalysis suggest is unbreakable/unexploitable with current knowledge.
source: Redditshow context
There are attacks like this for every known cryptosystem.
source: Redditshow context
RSA, and other popular public-key cryptosystems are completely and irrecoverably broken by quantum computing and we'd need to change to entirely different algorithms.
source: Redditshow context
On the contrary, it is very difficult to create real-world cryptosystems that are resistant to attack.
source: Redditshow context
Signing being equivalent to "encrypting with a private key" is an interesting property of the RSA cryptosystem, but is not a fundamental component of asymmetric cryptosystems.
source: Redditshow context
That's almost certainly a bad idea, because it means you're effectively sharing part of your key with every user of the cryptosystem.
source: Redditshow context
On the contrary, it is very difficult to create real-world cryptosystems that are resistant to attack.
source: Redditshow context
I believe that the cryptosystem is still vulnerable to pseudorandom number generator flaws though.
source: Redditshow context
They (possibly) backdoored an implementation of the RSA cryptosystem, which is quite a bit different than backdooring the cryptosystem itself.
source: Reddit
Confidence in public key cryptosystems.
source: Redditshow context
Note that Tails is pretty damn well built to avoid being infected with malware, but against state-sponsored crackers, I doubt that any OS is entirely secure (though protocols and cryptosystems certainly can be).
source: Redditshow context
I have absolutely no idea where you're going with the schizophrenia thing, but disregarding that, there are leaked NSA documents that show them having trouble cracking cryptosystems that rely on NP-hard problems; if they had a generalized way of converting NP-hard problems to polynomial time, you'd think they'd do it
source: Reddit