If they had some completely unknown attack, I doubt they would leak it during an interview about their new facility... which is going to draw a lot of attention from privacy advocates and tin foil hatters.
Possibilities include:
1. Disinformation. Maybe it's about hashes, either SHA-1 (unlikely since there are known, feasible, collision attacks) or an unknown vulnerability in SHA-2 variants, and the NSA is trying to make people look elsewhere by talking about how they're going to decrypt mountains of old data.
2. GSM. I don't think the entities the NSA cares about consider GSM secure, so I doubt it.
3. RSA, DSA, plain DH. It's no secret that the NSA has been strongly encouraging suite B (EC-based) variants of older ciphersuites. But why would they encourage people to be skeptical about security of existing non-EC public key crypto just a few years after they're able to start cracking it?
4. AES. Nightmare scenario (no replacement in the pipeline).
Perhaps someone else has discovered whatever the vulnerability is, and they're too visible and cannot be coerced into shutting up, but were induced to shut up temporarily; in that case this could be part of a disclosure strategy by the NSA, possibly about a factoring/DLP advance enabling cracking of plain RSA and/or DH.
The article doesn't say anything was cracked, and the "breakthrough" is mentioned when talking about supercomputing. It would take a mind-boggling supercomputing breakthrough to put 128 bit block ciphers at risk. Could this be Bamford trying to sell more books by creating drama?
> the NSA has been strongly encouraging suite B (EC-based)
> variants of older ciphersuites.
There is so much structure in the arithmetic of elliptic curves that I would expect ECC methods to be cracked before RSA/DSA. I assumed they were talking about ECC when they claimed a new attack.
Ignoring mathematical properties, the timing wouldn't make sense. Barely anyone used ECDSA/ECDH until very recently, and still it's rare. It wouldn't make sense that the NSA has been pushing suite B for gov agencies since this "breakthrough".
Possibilities include:
1. Disinformation. Maybe it's about hashes, either SHA-1 (unlikely since there are known, feasible, collision attacks) or an unknown vulnerability in SHA-2 variants, and the NSA is trying to make people look elsewhere by talking about how they're going to decrypt mountains of old data.
2. GSM. I don't think the entities the NSA cares about consider GSM secure, so I doubt it.
3. RSA, DSA, plain DH. It's no secret that the NSA has been strongly encouraging suite B (EC-based) variants of older ciphersuites. But why would they encourage people to be skeptical about security of existing non-EC public key crypto just a few years after they're able to start cracking it?
4. AES. Nightmare scenario (no replacement in the pipeline).
Perhaps someone else has discovered whatever the vulnerability is, and they're too visible and cannot be coerced into shutting up, but were induced to shut up temporarily; in that case this could be part of a disclosure strategy by the NSA, possibly about a factoring/DLP advance enabling cracking of plain RSA and/or DH.
The article doesn't say anything was cracked, and the "breakthrough" is mentioned when talking about supercomputing. It would take a mind-boggling supercomputing breakthrough to put 128 bit block ciphers at risk. Could this be Bamford trying to sell more books by creating drama?