It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Strong Encryption
page: 12
share:
in another thread, crypto was mentioned and with some of the recent news items i thought it may be wise
to touch on crypto and get a good thread going on it.
www.schneier.com...
so, the "math" is still strong...
for symmetrical crypto:
at least 256 with SHA512
asymmetrical (GPG)
you want at least a 2048 key 3072 may be something we should be considering now. and use DSA and ElGamal.
truecrupt has a "cascade" option when your creating a VOL, which is encrypt with 3 algorithms and SHA512.
Ghostinshell
to touch on crypto and get a good thread going on it.
www.schneier.com...
so, the "math" is still strong...
for symmetrical crypto:
at least 256 with SHA512
asymmetrical (GPG)
you want at least a 2048 key 3072 may be something we should be considering now. and use DSA and ElGamal.
truecrupt has a "cascade" option when your creating a VOL, which is encrypt with 3 algorithms and SHA512.
Ghostinshell
reply to post by Ghostinshell
Two little things I saw with my very own eyes:
1. "The Bowling Alley" - could decrypt anything in less than ten seconds. 1990's technology.
2. An AT&T telephone that was absolutely secure when communicating with another phone of that model line. There were some very upset intel folks.
Two little things I saw with my very own eyes:
1. "The Bowling Alley" - could decrypt anything in less than ten seconds. 1990's technology.
2. An AT&T telephone that was absolutely secure when communicating with another phone of that model line. There were some very upset intel folks.
reply to post by Ghostinshell
truecrupt has a "cascade" option when your creating a VOL, which is encrypt with 3 algorithms and SHA512.
The most critical aspect of TrueCrypt is that it is open source. That means that the three letter agencies have not put in a back door. You can have all the strength in the world but if a backdoor is there you are gone.
P
reply to post by pheonix358
A backdoor does not have to be some injected clandestine code. It can be in the mathematical architecture used, a fundamental weakness or predictive relationship that no one has figured out as yet, but someone knows what it is.
A backdoor does not have to be some injected clandestine code. It can be in the mathematical architecture used, a fundamental weakness or predictive relationship that no one has figured out as yet, but someone knows what it is.
charlyv
reply to post by pheonix358
A backdoor does not have to be some injected clandestine code. It can be in the mathematical architecture used, a fundamental weakness or predictive relationship that no one has figured out as yet, but someone knows what it is.
I completely agree, yet that is the nature of the beast. For every new law that is passes the encryption community comes up with a solution, sometimes very amusing ones. The US government passed laws on export of encryption that if I remember, stopped PGP from being exported. The Law was flawed. The program was printed out and legally left the country since no one thought of it being carried out in paper format.
The UK brought in draconian laws which were made fairly redundant by hidden containers and so it goes on.
The good guys are pretty damn good, quick to provide alerts of weaknesses. I will say that they are winning and have been for a while.
To have a weakness as you suggest is why TrueCrypt uses a cascade of methods. You have to defeat all three and that is near to impossible.
P
"near to impossible" Don't we know the ramifications in that statement!
As we are all bozo's on this bus, there will always be someone that will add 1 to a googolplex.
Perhaps the only place we are safe is in the bathroom.
As we are all bozo's on this bus, there will always be someone that will add 1 to a googolplex.
Perhaps the only place we are safe is in the bathroom.
edit on 21-9-2013 by charlyv because: to early to spell right
with all the password cracking software thats out and about, it would not surprise me if there is some pretty crazy parallel crypto cracking software
running on super computers. but, thats very expensive my guess is
veryus "side" or MTM types of attacks are used instead.
like, someone uses 4096 key, so you key log them, or get the root CA for the sites there logging into so you can see
there SSL traffic.... then you can capture all the login info...
veryus "side" or MTM types of attacks are used instead.
like, someone uses 4096 key, so you key log them, or get the root CA for the sites there logging into so you can see
there SSL traffic.... then you can capture all the login info...
delete
edit on 10/22/2013 by staple because: (no reason given)
reply to post by charlyv
Actually it is the kitchen. Turn on the microwave and the water faucet. Speak softly. Kills most eavesdropping.
Actually it is the kitchen. Turn on the microwave and the water faucet. Speak softly. Kills most eavesdropping.
I would stay away from cascade. The more complex a security system the more vulnerable it can be. I would also go with an algorithm that is not widely
used. The one that is most used will be the one most targeted. I would be dumbfounded if the CIA and the NSA could not crack AES. IMHO it is
theoretically possible with a system that is already in place. I wont give any details but I would steer clear of it. However, I am not worried about
the CIA or the NSA for that matter there's not really anything they would want with me, and I do not make a habit of visiting Islamic websites. If
you know what I mean.
Pimpintology
I would stay away from cascade. The more complex a security system the more vulnerable it can be. I would also go with an algorithm that is not widely used. The one that is most used will be the one most targeted. I would be dumbfounded if the CIA and the NSA could not crack AES. IMHO it is theoretically possible with a system that is already in place. I wont give any details but I would steer clear of it. However, I am not worried about the CIA or the NSA for that matter there's not really anything they would want with me, and I do not make a habit of visiting Islamic websites. If you know what I mean.
while thats true, eg more complexity is not a good thing; but the truecrypt docs:
www.truecrypt.org...
gives you some options. as long as the encryption process is correct, even tho internally there is a shared key
the actual ciphertext theoretically should be stronger. but hey i am not a cryptologist....
new topics
-
It's toast
General Chit Chat: 2 hours ago -
Man Stabbed or Cardiac arrest on Westminster Bridge, London, UK
Mainstream News: 4 hours ago -
A fix for the Trans players in sports
Social Issues and Civil Unrest: 5 hours ago -
Petition Calling for General Election at 564,016 and rising Fast
Political Issues: 8 hours ago
top topics
-
Petition Calling for General Election at 564,016 and rising Fast
Political Issues: 8 hours ago, 14 flags -
A fix for the Trans players in sports
Social Issues and Civil Unrest: 5 hours ago, 11 flags -
Rep. Alexandria O. Cortez Says Forcing People to Use The Correct Bathroom is Dangerous.
US Political Madness: 15 hours ago, 7 flags -
Man Stabbed or Cardiac arrest on Westminster Bridge, London, UK
Mainstream News: 4 hours ago, 7 flags -
It's toast
General Chit Chat: 2 hours ago, 6 flags -
Cooperation zones
World War Three: 16 hours ago, 4 flags
active topics
-
Petition Calling for General Election at 564,016 and rising Fast
Political Issues • 50 • : angelchemuel -
Man Stabbed or Cardiac arrest on Westminster Bridge, London, UK
Mainstream News • 7 • : NorthOS -
Ok this is some BS now WTH
Rant • 16 • : VariedcodeSole -
Results of the use of the Oreshnik missile system in Dnepropetrovsk
World War Three • 202 • : Oldcarpy2 -
Well, here we go red lines crossed Biden gives the go ahead to use long range missiles
World War Three • 342 • : putnam6 -
France gives Ukraine license to fire long-range missiles at Russia
World War Three • 35 • : Oldcarpy2 -
A fix for the Trans players in sports
Social Issues and Civil Unrest • 14 • : lilzazz -
It's toast
General Chit Chat • 4 • : mysterioustranger -
Jaguar Rebrand Video Causes "WTF?" Moment - Seriously Weird
Automotive Discussion • 34 • : lilzazz -
President-Elect TRUMP Picks Former Florida A.G. PAM BONDI to be U.S. Attorney General.
2024 Elections • 67 • : lilzazz
2