this post was submitted on 10 Apr 2026
32 points (97.1% liked)

Privacy

5497 readers
164 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 1 year ago
MODERATORS
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
32
Yikes, Encryption’s Y2K Moment is Coming Years Early (www.eff.org)
submitted 4 hours ago by schnurrito@discuss.tchncs.de to c/privacy@lemmy.dbzer0.com
15 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] bearboiblake@pawb.social 3 points 2 hours ago (1 children)

There's a pretty good blog post about potential backdoors in RSA on the Cloudflare blog but honestly I remember reading rumors about it on obscure internet forums and mailing lists going back a long time.

For Ec25519, there's some stuff about it in the History section of the wikipedia article.

[–] CorrectAlias@piefed.blahaj.zone 2 points 1 hour ago (1 children)

Isn't the NSA portion in that Wikipedia article just explaining why people moved to using ec25519? It says:

In 2013, interest began to increase considerably when it was discovered that the NSA had potentially implemented a backdoor into the P-256 curve based Dual_EC_DRBG algorithm.[12] While not directly related,[13] suspicious aspects of the NIST's P curve constants[14] led to concerns[15] that the NSA had chosen values that gave them an advantage in breaking the encryption.[16][17]

"I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry."

— Bruce Schneier, The NSA Is Breaking Most Encryption on the Internet (2013)

Since 2013, Curve25519 has become the de facto alternative to P-256, being used in a wide variety of applications.[18] Starting in 2014, OpenSSH[19] defaults to Curve25519-based ECDH and GnuPG adds support for Ed25519 keys for signing and encryption.[20] The use of the curve was eventually standardized for both key exchange and signature in 2020.[21][22]

That seems to say that people left P-256 for Curve25519.

[–] bearboiblake@pawb.social 2 points 1 hour ago

Oh, sorry, you're right. I can't remember where I read about Ec25519 vulnerabilities now, but I do remember that I switched to using Ed25519 instead which was not vulnerable. I think it was something to do with random number generation, you might be able to turn something up on your preferred search engine - sorry for not being more helpful, I'm replying from my phone away from my computer.