Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: CodeToad

“The NSA can read faster than you can any encrypted message you may ever receive. Now the FBI has that ability.’

A lot of people are of that opinion, but it’s not true. If you use a random 128 bit password the NSA will still be able to break it by brute force, but it could take 100 years unless they get lucky. If their REALLY lucky they, of course, could get it on the first try. Of course if your really lucky you could win the power ball 5 times in a year too...


21 posted on 09/25/2014 4:05:58 PM PDT by babygene ( .)
[ Post Reply | Private Reply | To 14 | View Replies ]

To: babygene

I’m an not going to hijack this thread educating you but you have no idea had cryptography works if since you think that.


22 posted on 09/25/2014 4:07:14 PM PDT by CodeToad (Romney is a raisin cookie looking for chocolate chip cookie votes.)
[ Post Reply | Private Reply | To 21 | View Replies ]
To: babygene
A lot of people are of that opinion, but it’s not true. If you use a random 128 bit password the NSA will still be able to break it by brute force, but it could take 100 years unless they get lucky. If their REALLY lucky they, of course, could get it on the first try. Of course if your really lucky you could win the power ball 5 times in a year too...

Quite true. It would appear that one of the biggest problems with publicly avaialble crypto is the key generation phase. serious  bugs have been found in key and entropy generation routines over the year. It's apparently something that is fairly easy to get majorly wrong, and it's not obvious unless you are specifically looking for it. It's actually fairly difficult for computers to generate truely random numbers, absent a physical source of true randomness.

With the processing power we have available today, there is no reason not to use anything less than 256 bit (or equivalent) keys or more unless you are doing real-time encryption of phone calls or something.

The hardest thing about encryption is simply protecting your private keys. Given how hard the NSA and the rest of FedGov works to hack random people's computers just because they can, it's tough to do without using an external token that can be disconnected the 99% of the time you're not encrypting your email.

Then, the other side of it is that you need to get your recipients to understand that encryption isn't just something used by terrorists. The police state has done a really good job of making it harder to use than it should be. Hell, I was using PGP back when it was a command line DOS program.  Given the rise of the internet, and general connectedness, you should be using clear text for a small minority of your communications by now.

Sadly, people just don't understand or value their privacy enough to take that step.

39 posted on 09/25/2014 10:52:20 PM PDT by zeugma (The act of observing disturbs the observed.)
[ Post Reply | Private Reply | To 21 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson