Posted on 12/07/2010 6:53:04 PM PST by MeekOneGOP
Supporters of WikiLeaks around the world have downloaded a file the site calls an insurance policy, Palmer reported. The files are encrypted with a code so strong it's unbreakable, even by governments.
If anything happens to Assange or the website, the plan was for a key to go out to unlock the files. There would theoretically be no way to stop the information from spreading like wildfire, because so many people already have copies.
"What most folks are speculating is that the insurance file contains unreleased information that would be especially embarrassing to the U.S. government if it were released," said Declan McCullagh, chief political correspondent for CNET, a CBS company.
It was unclear Tuesday whether Assange's surrender would prompt WikiLeaks to distribute the key to the encrypted file, but Hrafnsson's reaction Tuesday morning made it seem unlikely.
(Excerpt) Read more at cbsnews.com ...
Maybe put him up in Club Gitmo for a year or so first? :)
(This assumes that his file was not surreptitiously replaced with another file that simply contains the script to every Roger Corman film ever made)
I can’t believe there is any code so strong that the NSA computers can’t break it.
ha!
That seems to have been a BLUFF now, perhaps?
There are now. But the password must be long and complex so as to thwart a brute force attack. Something like what you can generate here for your wireless network... GRC's Ultra High Security Password Generator
Put him in general Pop. Lots of Patriots among criminals...
You mean those gut-busting CRAY supercomputers at the NSA can’t break them?
I find that hard to believe. Not impossible, mind you, but hard. Of course, even if they could, they would keep that ability super-duper tippy-top secret, so who knows?
You better believe it. There are several symmetric ciphers that have no attacks against them. Note that AES-256 doesn't have a "password" - it uses a random 256-bit (32 bytes, approx. 200 latin uppercase letters) key. The only known attack against AES-256 is brute force, and that is not feasible because 2256 different keys is a lot; probably there is not enough time left in the Universe to try them all.
OK, this is a subject I admit not knowing a lot about, but I seem to recall some years back when PGP came out that there were some people saying that all these super-encryption programs have “backdoors” built into them at the design stage, or they would not be releasable — governments would simply not allow it.
Now, based on what I am gleaning from this thread, the long war of codes vs. decryption has been won by the code makers.
Interesting.
I'd like to comment a bit here, since we are on the subject. PGP was open source initially and for many years. The US government indeed forbade export of the software. Then Phil Zimmerman, author of the PGP, printed books with the source code, and the government couldn't block export of those books because of the 1st Amendment. Books were then typed into the computer by foreign volunteers, and the code compiled. This proved to the US government that certain prohibitions are unenforceable, and the policy changed.
The open source nature of PGP allowed any programmer to see what's there, so the code had no obvious backdoors. One could say that might have been backdoors in the math, but many cryptographers looked at the code, poked and prodded it in various ways, and no such backdoor was ever found.
One needs to understand that PGP uses not one set of ciphers but two. One layer is used to encrypt the document itself. This layer is very fast and very simple. It is typically a symmetric block cipher. AES is a modern family of such ciphers, but there are other. These ciphers are extensively analyzed, and they are well known (anyone can download a copy.) Such a cipher has a key, and the same key can encrypt and decrypt. But how do you deliver this key securely?
Delivery of keys is provided by another layer of crypto; this is an asymmetric cipher, which means it has several keys and they are not interchangeable. In particular, Alice can encrypt a message so that only Bob can decrypt it; even Alice herself can't do it. Those are very interesting ciphers; they are complex and slow, and potentially they may be broken. They are used only to deliver the key for the other, symmetric cipher. Over the years mathematicians came up with formal proofs that depend only on very few basic theories about numbers, and as long as those theories remain true the cipher is reasonably unbreakable. (Those asymmetric ciphers are based on extremely large prime numbers.) RSA is one such cipher, the first one. You can read about that here, it's an easy reading and you don't need to be a mathematician to understand how it works.
Today PGP Inc. is a for-profit corporation that makes quite a few good security products for businesses. Free version, known as GnuPG, is available for hobbyists and for anyone who cares. PGP and GnuPG are not only useful for encryption of secrets, they can be also used to authenticate a document. I can "sign" a document electronically, and everyone can check that it's my signature, using public half of my key. Only the holder of the secret half of the key can sign; this means that if I signed something and the signature is valid then I must have the secret half in my posession.
We use cryptography every day when we access secure Web sites. Online banking would have been impossible without those technologies. Wikipedia has an article about all that.
This is potentially even more intriguing than Al Capone's Vault.
Here’s an interesting story about a recent attempt by the FBI to break the encryption of a popular open source program called TrueCrypt. They gave up after 12 months of banging on it. I’ve used TrueCrypt myself for years. It’s a great program.
FBI hackers fail to crack TrueCrypt
http://news.techworld.com/security/3228701/fbi-hackers-fail-to-crack-truecrypt/
If you Google fbi+truecrypt+brazil you’ll find dozens of stories about it. The only known vulnerability to this is brute force. Your password must be sufficiently long and have a lot of entropy/randomness. ALWAYS use uppercase letters, lowercase letters, numbers, and special characters. A 7 digit number can be cracked in a couple of seconds, while a 7 digit string of ascii (254 different characters) might take a thousand years on the same computer. And a string of 63 characters might take millions or billions of years.
My wireless networks all have passwords like that. I get a huge string of high entropy random characters and make it the password. I burn that onto a CDRom in a TXT file, and if I need to get a computer on the network I insert the CD and copy/paste the password. The NSA could be next door and they’d probably not break it in ten thousand years because the number of possible passwords is staggering.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.