Skip to comments.N.S.A. Foils Much Internet Encryption
Posted on 09/05/2013 12:14:05 PM PDT by Alter Kaker
click here to read article
Please read the Gibson article, he explains it much better than I can. But his conclusion is this:
An easy to remember long password is far harder to crack than a shorter random one.
What he recommends is that you come up with your own unique combo of characters and add them to a memorable name which can be anything, even a dictionary word.
Here’s a better example:
The password “((((((M4ndY))))))” is 10 trillion times harder to crack than “aj&8fU&*9)&*” just because it has a few more characters. The kicker is, this is true even if your name is Mandy! This is because they do not know how you padded your name so they have to search all possible combinations.
And you do not need a password keeper program to remember it!
Public-key encryption is fine if the parties have some means of authenticating each other during the key exchange. The problem with public-key encryption is that if Bob tries to send his public key to Joe over a communications medium controlled by Larry, Larry may block that message and replace it with one containing a key which Larry himself generated. If Joe tries to send a message to Bob over that medium, Larry can intercept it, decode it, re-encode it using Bob's public key, and then send it along to Bob.
Another issue with public keys, which Diffie-Hellman avoids, is that someone who comes into possession of Bob's private key will be able to retroactively decode communications that had been sent using the corresponding public key. While it would be theoretically possible for Bob to generate new key pairs with every communications session, that would be much more expensive than using Diffie-Hellman.
With tape it may be pretty easy to destroy the used portion while retaining the rest. Until fairly recently, the only really lightweight way to transport a lot of data would have been on something like a CD or DVD, and unrecoverably-destroying part of the information on one of those without harming the rest would be difficult. With most "packaged" solid state media the same problems apply, but with a "raw" NAND-flash chip partial data destruction is no problem.
Without PHYSICAL access to either one...
I wonder what WAS on them 18 minutes of ‘blank’ tape?
The calculations assume that letters are chosen randomly.
If you chose a predictable password, then the random calculations don’t apply to someone who can predict some of your letters.
If you choose “All that is gold does not glitter, not all those who wander are lost.”
Then anyone who knew you had a thing for Aragorn in Lord of the rings would have a better chance than predicted vs. random.
When the Brits were breaking the ENIGMA codes of the Germans they would bifurcate messages into known and random, and then calculate the random probability using a logarithmic estimate called the “deciban” (ban being a company that sold blank calcuating papers). They would initially focus on the ones where the randomness was smallest, such as the obligatory Luftwaffe birthday greetings to Hitler/Goering sent out in code using the exact test and spacing as the unencrypted messages doing the same.
No matter one’s encryption scheme, you can be dumb enough to make up for the encryption scheme’s smarts.
With all due respect, you have not read Gibson’s reasoning.
Unlike the Enigma machine, where knowing parts of the plain text could help uncover the start-up configuration and therefore the key, individual passwords are totally different. Knowing part of the password does not help you in any way in guessing the rest.
Even if I tell you that my name is in the password, you have no idea what the other characters are. You still have to search through all the combinations of the padding characters.
Just knowing your name is in the password reduces the possible number of combinations. \
Most calculations are done against a brute force attack, as that is usually the biggest threat.
If personal insight reduces the effective length, the brute force attack is easier.