Skip to main content

View Diary: Don't Even THINK of Using Encryption Software to Escape NSA Scrutiny (81 comments)

Comment Preferences

  •  They can't (8+ / 0-)

    AES-128 and AES-256 are unbreakable. There is not a supercomputer that could ever be built that could come close to defeating these encryptions.

    Not to say they can't steal passwords, use social engineering, or other such methods to get the information. However, just a straight AES-256 encrypted message with a proper password is unbreakable.

    (-5.50,-6.67): Left Libertarian
    Leadership doesn't mean taking a straw poll and then just throwing up your hands. -Jyrinx

    by Sparhawk on Mon Jun 24, 2013 at 09:38:35 AM PDT

    [ Parent ]

    •  A 256 bit long key may be large enough but... (8+ / 0-)

      ...they probably have other ways to break an encryption algorithm.  

      And using strong encryption attracts their attention.  

      Daily Kos an oasis of truth. Truth that leads to action.

      by Shockwave on Mon Jun 24, 2013 at 09:42:28 AM PDT

      [ Parent ]

      •  There are no other ways (12+ / 0-)

        Certainly using strong encryption may attract attention (until soon when I predict strong crypto will simply be the default state of affairs for most communication). Even now, US security agencies have been complaining publically about more and more widespread use of strong crypto interfering with their spying.

        However, even AES-128 is unbreakable. Remember, it's a public algorithm and a lot more people than the NSA are looking at it. If there was a flaw, it would have been discovered and published already. Despite all the money and resources the government has, they aren't gods. Strong crypto is many, many orders of magnitude more difficult than any reasonable estimate of human computing power. They just aren't doing it, any implication to the contrary is probably disinformation to discourage use of strong crypto.

        (-5.50,-6.67): Left Libertarian
        Leadership doesn't mean taking a straw poll and then just throwing up your hands. -Jyrinx

        by Sparhawk on Mon Jun 24, 2013 at 09:52:20 AM PDT

        [ Parent ]

        •  Until quantum computing kicks in (10+ / 0-)

          https://en.wikipedia.org/...

          Integer factorization is believed to be computationally infeasible with an ordinary computer for large integers if they are the product of few prime numbers (e.g., products of two 300-digit primes).[13] By comparison, a quantum computer could efficiently solve this problem using Shor's algorithm to find its factors. This ability would allow a quantum computer to decrypt many of the cryptographic systems in use today, in the sense that there would be a polynomial time (in the number of digits of the integer) algorithm for solving the problem. In particular, most of the popular public key ciphers are based on the difficulty of factoring integers (or the related discrete logarithm problem, which can also be solved by Shor's algorithm), including forms of RSA. These are used to protect secure Web pages, encrypted email, and many other types of data. Breaking these would have significant ramifications for electronic privacy and security.

          Daily Kos an oasis of truth. Truth that leads to action.

          by Shockwave on Mon Jun 24, 2013 at 10:07:13 AM PDT

          [ Parent ]

            •  Wonder if NSA also breaking into databases on net (0+ / 0-)

              servers. For example, I have a software program for physicians that stores data that is AES encrypted to protect personal health information -- which is supposed to be protected by law (HIPAA). Because the software is web based, and the data in the database is used in dynamic web pages, NSA could in theory be gong after that, too. Is NOTHING safe from NSA snooping?

              Very scary, what "we" have created. I have no problem with prevention of international cybercrime. But Snowden's revelations suggest that individual, relatively low-level staffers may have the technical ability to snoop on whomever they want -- because they can do it in absolute secrecy. Even if we're not yet really worried about Big Brother, how about crazy Jimmy?

              This is all being done by our government, in our names. The potential for abuse is astronomical. The lack of all accountability and any meaningful oversight is very frightening. (I mean, Michele frigging Bachmann is on the Intelligence Committee!)

              This is no longer a government of the people, by the people, and for the people. Unless, of course, people now means megacorporations.

        •  They're working on breaking it (7+ / 0-)

          They make have already done so. We'll never know.

          NSA's New Data Center And Supercomputer Aim To Crack World's Strongest Encryption

          Using what will likely be the world’s fastest supercomputer and the world’s largest data storage and analysis facility, the NSA plans to comb unimaginably voluminous troves of messages for patterns they could use to crack AES and weaker encryption schemes, according to Bamford’s story. A few of the facts he’s uncovered:

          (from the Wired piece he's referencing:)
          When the Department of Energy began a supercomputing project in 2004 that took the title of the world’s fastest known computer from IBM in 2009 with its “Jaguar” system, it simultaneously created a secret track for the same program focused on cracking codes. The project took place in a $41 million, 214,000 square foot building at Oak Ridge National Lab with 318 scientists and other staff. The supercomputer produced there was faster than the so-called “world’s fastest” Jaguar.

          The NSA project now aims to break the “exaflop barrier” by building a supercomputer a hundred times faster than the fastest existing today, the Japanese “K Computer.” That code-breaking system is projected to use 200 megawatts of power, about as much as would power 200,000 homes.

          "Compassion is the radicalism of our time." ~ Tenzin Gyatso, 14th Dalai Lama -7.88, -6.21

          by Siri on Mon Jun 24, 2013 at 10:13:26 AM PDT

          [ Parent ]

        •  in practice there is another way (2+ / 0-)
          Recommended by:
          Sandino, cynndara

          Snowden was quoted in Ars Technica as saying that when they encountered encrypted messages, the security at either end was "weak enough" that they could usually obtain the decrypted version.  Now anyone going to the trouble to encrypt messages will at least have decent antispyware /firewall installed.  So Snowden was saying that the NSA has the ability to defeat these systems and trespass upon just about any computer and take whatever contents they like.

          •  Snowden is saying lots of things that may or may (0+ / 0-)

            not be possible. Formulated as a conjecture to explore, I fully expect that NSA is doing that. Meaning that if they found an encrypted message and knew the end-points where the actual readers would be it may be possible to penetrate the remote system and recover a plaintext version. Solving that in the general case is about as difficult as brute forcing the encryption.

            •  no and no (0+ / 0-)
              they found an encrypted message and knew the end-points where the actual readers would be
              umm, the destination is on the header of the email, unencrypted.
              Solving that in the general case is about as difficult as brute forcing the encryption.
              nope.  as stated elsewhere on this thread it is not currently possible to brute force well done encryption.
              •  Um, no, (0+ / 0-)

                Encrypted e-mail sent to person at Yahoo.com. Tell me where the actual reader is? (Just to help, they don't use pop, only access via webmail.)

                Yes brute forcing encryption is essentially impossible, as is solving the general case problem of "breaking into random end-point computer."

                •  oh, please (0+ / 0-)

                  in case you haven't been watching even the FBI can get the IP addresses of logins to yahoo accounts.

                  As to the latter, the vast majority of machines use Windows, which in case you haven't noticed require very frequent updates so adversaries cannot "gain control over your computer".  You think the creators of Flame ( you know what that was don't you? ) are not ahead of the curve on this one?

        •  NSA: "Don't use AES-128, we can't read it" (0+ / 0-)

          There's one born every minute.

    •  Assuming no back doors (1+ / 0-)
      Recommended by:
      wilderness voice

      or flaws in the algorithm or implementation.

      •  It's a public algorithm (4+ / 0-)

        Flaws will most likely be exposed in public.

        (-5.50,-6.67): Left Libertarian
        Leadership doesn't mean taking a straw poll and then just throwing up your hands. -Jyrinx

        by Sparhawk on Mon Jun 24, 2013 at 11:10:55 AM PDT

        [ Parent ]

        •  By the best cryptographic experts (2+ / 0-)
          Recommended by:
          ImpeachKingBushII, oblomov

          in the world. Sure, they may blog about it, or they may already work for the NSA. The least profitable thing to do would be reveal it without first selling or otherwise exploiting that knowledge.  This is one reason why the Snowden flap is so stunningly tangential. He did a very brave and stupid thing going public. He could have sold his information. Probably a number of his colleagues already have. The idea that the ChiComs or Russkies learned anything they didn't already know from Snowden is pretty ridiculous, and the real horror is not necessarily that the NSA has gathered basically all digital communication, but how insecurely they are holding it.

          Quis ipsos custodes custodiet

          •  Yeah, but if he had sold it, ... (2+ / 0-)
            Recommended by:
            Sandino, greengemini

            he sure enough would be guilty of some crime.  That he didn't (that we know of) speaks volumes as to his intent and credibility.

            "Two things are infinite: the universe and human stupidity, and I am not sure about the universe." -- Albert Einstein

            by Neuroptimalian on Mon Jun 24, 2013 at 11:42:51 AM PDT

            [ Parent ]

            •  Clearly he is guilty of a crime either way (3+ / 0-)
              Recommended by:
              oblomov, Neuroptimalian, cynndara

              That he basically sacrificed at least his freedom, if not his life, to  tell the people of the world that Big Brother was, in fact, listening, was indeed heroic. Whether his minor crime is even comparable to the massive government/corporate criminality he revealed, secret judicial fig leaves notwithstanding, is barely open to debate.

            •  if the NSA says you're guilty you're guilty... (2+ / 0-)
              Recommended by:
              Sandino, ichibon

              ...they are the final arbiter. No probable cause necessary. No defense accepted. It all falls under "protecting state secrets". No congress critter or senator in his right mind will touch the NSA with a 10 foot poll. Remember, it's a given if they have dossiers on us, they have libraries on them.

              "I wish to have no connection with any ship that does not sail fast, for I intend to go in harm's way." John Paul Jones

              by ImpeachKingBushII on Mon Jun 24, 2013 at 12:50:49 PM PDT

              [ Parent ]

    •  You do realize that they don't have to (3+ / 0-)
      Recommended by:
      jessical, Sandino, cynndara

      AES, right? While I don't share your strong belief in the impossibility of breaking any encryption algorithm, I would like to point out that, given the broad access and authorities being asserted by the organization in question, "breaking" is unlikely to be THE way for them to access your encrypted information.

      If you are already in the building, why would you be wasting time trying to break down the door? If they are already tapped in and have the ability to intercept the packet (think rogue proxy), why would they expend resource trying to break what they can sniff?

    •  "if a computer made it a computer can break it"... (0+ / 0-)

      ...I had a buddy in the Navy that was born with a pc in his crib. He broke the National Defense encrypted codes (before 9/11). The Navy "ordered" him to show them how he did it. Or else he could get a Dishonorable discharge and do a stretch in Leavenworth, Kansas. This guy could write page after page of code effortlessly like you were writing your mommy a letter. He wasn't just good. He was DAMN good!

      "I wish to have no connection with any ship that does not sail fast, for I intend to go in harm's way." John Paul Jones

      by ImpeachKingBushII on Mon Jun 24, 2013 at 12:40:55 PM PDT

      [ Parent ]

    •  if you use a simple one-time cipher pad, that is (1+ / 0-)
      Recommended by:
      cynndara

      cryptologically unbreakable.  There is no method of analysis that can break it. And it requires no computer at all to use.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site