| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA512 |
| 3 |
|
| 4 |
Sebastian Wiesner wrote: |
| 5 |
| Chris Walters <cjw2004d@×××××××.net> at Wednesday 25 June 2008, 17:14:20 |
| 6 |
| |
| 7 |
|> | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2], |
| 8 |
|> | etc) can break those algorithms relatively easy. On the other hand even |
| 9 |
|> | weaker algorithms can protect your data against laptop thieves. |
| 10 |
| |
| 11 |
| You had better used the acronym FUD instead of the word "rumor". US |
| 12 |
| government itself has declared Rijndael 256 sufficient for classified |
| 13 |
| information up to top secret. This level of security is shared among all |
| 14 |
| AES finalists like RC6 or Serpent. |
| 15 |
| |
| 16 |
|> That's more than a rumor. Another three letter agency (NSA) has networks |
| 17 |
|> of supercomputers that can brute force a passphrase is little time. |
| 18 |
| |
| 19 |
| Bruteforcing a _passphrase_ is not the same as bruteforcing a key. An both |
| 20 |
| of these don't have nothing to do with the algorithm itself. They are |
| 21 |
| side-attacks ... a weak passphrase is user idiocity, not a cipher |
| 22 |
| weakness. |
| 23 |
| |
| 24 |
|> It is not that I'm terribly paranoid about people getting my data, I just |
| 25 |
|> want to make it a little harder. |
| 26 |
| |
| 27 |
| What's the point in making the impossible even harder? |
| 28 |
| |
| 29 |
|> Of course, it is always possible to insert code that will send the |
| 30 |
|> unencrypted data, once you've logged on - not easy for the casual user, |
| 31 |
|> but for the guru, an easy thing. |
| 32 |
| |
| 33 |
| That's operating system security and has nothing to do with cryptology. |
| 34 |
| Someone having only your hard disk can't inject a rootkit into the system. |
| 35 |
|
| 36 |
Are you a cryptology expert? By the way, nothing is impossible. The only |
| 37 |
thing that cryptography attempts to do is reduce the **probability** of |
| 38 |
cracking the key and gaining access to the data as low as possible. |
| 39 |
|
| 40 |
As for brute forcing a passphrase: Since most implementations of AES |
| 41 |
(Rijndael) use a hash of the passphrase to form the key, it amounts to the same |
| 42 |
thing, in practice, as cracking the key. |
| 43 |
|
| 44 |
Cryptology is, at least partly about finding the weakest link, because that is |
| 45 |
what is likely to be attacked in any cryptosystem. If the weakest link is |
| 46 |
system security or a weak passphrase, then that weakness translates to a |
| 47 |
weakness in anything encrypted in such an environment. |
| 48 |
|
| 49 |
The US Government only keeps classified information on non-networked computers |
| 50 |
in secure environments, so the cipher used does not matter as much as the other |
| 51 |
security measures taken to ensure that the data does not fall into the wrong hands. |
| 52 |
|
| 53 |
A final thought: It is a fact that both the US Navy and the NSA are *very* |
| 54 |
interested in cryptology and data security. The NSA also does have large |
| 55 |
networks of supercomputers that, using parallel, distributed or concurrent |
| 56 |
computing principles can crack keys more quickly than you may think. |
| 57 |
|
| 58 |
Regards, |
| 59 |
Chris |
| 60 |
-----BEGIN PGP SIGNATURE----- |
| 61 |
|
| 62 |
iQIcBAEBCgAGBQJIYqmqAAoJEIAhA8M9p9DAIo8P/A17VwmkVsscVgfFzpCVDQbw |
| 63 |
69WHMmoUvn5GasVRiM2JUi2UeEDpzCuLNxYlQglFWhyvsbplV3aiJmtzVdbEitsK |
| 64 |
hpf7Jt0wNvzi25Cye/j2DJlkGh7PTGRCkrMkoirgg+JTSFC21TzAnJZSUQH3Zhv8 |
| 65 |
Inb1C53jl8/RV1KTdPOX2W/hNo1VCPfpFnhxhad8fzj59pM1UwMVktwAQtO1JmOW |
| 66 |
fQm3/mSbeLyr0L5ZKPlc5shao/QVZ7Zo9xTDU8PFrBCmmt93MODGdbaOY7IsCmsl |
| 67 |
6vWfWi1suV1a9ptPpU9ohn7YZtHlEboRMb4/mHCsj46SsI9cOo1KVLpqfiQZxd1t |
| 68 |
U1niZU8Cb67+cvEDcQ/q1eIGDMza01NR8UxtF66vHB8WrGKpLYs+ckHqJg9+hgF5 |
| 69 |
nUiY2RHeyNd3lh4vUWCY15Kh9OfK/LlL9IvGZV2Vpc066aa/EfC3AyiSSc+cMMx9 |
| 70 |
r4GQijL3wfKaDY9OUh6hJZcSZpBNTZezQ1sNZNMOm0TgDLGtJNMv5ltHjtZnxmbC |
| 71 |
Fus0IRrQVYvXT8ADZW80Ic256RWtUvn73WjBevYswa2T/Oc3o/NWc2sMrxEg8FVs |
| 72 |
a7nCa4ErSKIWRbMHTuTZLO3l6+XXjXm0sHk0qQ4JfFNkoV4gyMZq36HelAb2GsRu |
| 73 |
7NJKaZIXlOCuNiYByLfp |
| 74 |
=wp+F |
| 75 |
-----END PGP SIGNATURE----- |
| 76 |
-- |
| 77 |
gentoo-user@l.g.o mailing list |
Archives