What's frustrating for me is this obsession governments have with the encryption aspect of cryptography, and the carelessness they have with the authentication (signing) aspect of cryptography. If they break the former, they break the latter. The authentication aspect should assure sender and receiver both their mutual identities and the veracity of message content. If any portion of that authenticity goes away, massive trust is lost. Signed digital documents, legal or even everyday emails, is then broken. Both current and historical documents are affected. Voice conversations and voicemail can be recorded, modified, and rebroadcast - my conversation with a bank, a broker, reciting my SSN, all of that can be used with a copy of my own voice in ways that hurt me or other people and implicate me.
I'm convinced elements in governments are playing with matches. I don't know that it's malicious, but at the least it's obliviousness.
It may be inevitable that this gets severely broken, and that's the thing to plan for - the aftermath - not dissimilar to compsec practice of preparing for infiltration by better protecting data itself rather than relying solely on the idea of an impenetrable network.
I'm convinced elements in governments are playing with matches. I don't know that it's malicious, but at the least it's obliviousness.
It may be inevitable that this gets severely broken, and that's the thing to plan for - the aftermath - not dissimilar to compsec practice of preparing for infiltration by better protecting data itself rather than relying solely on the idea of an impenetrable network.