-----Original Message----- From: Alvaro Zuniga To: [email protected] Sent: 6/18/03 6:20 PM Subject: Re: NSA's decryption clusters vs GPG, et.al. was RE: GPG does not pro vide "end to end encryption", but only mail c onte nt encryption was RE: [brlug-general] Cox and smtp pain today.
Dear John: I suppose from this point of view there is not need to even bother with encryption because brute force eventually prevails. John: Not at all. The dilemma that the NSA faces is that they want to decrypt messages A,B,C,... but they will always have limited resources to perform brute force decryption. So, they better be damned sure that message A is the most important of all the messages they want to decrypt. However, a better cipher requires that many more computers exponentially; therefore, we could at least make it more difficult for those who really care about our business. John: Or just have more people using encryption. I've read estimates that less than 1% of Internet traffic is encrypted. By merely advocating that more people use encryption and raising that to 2%, we would require the NSA and other intelligence operations to double their decryption resources. This is the nightmare scenario that keeps the NSA IT Director up at night. This reminds me of that John Travolta movie swordfish where the computer person gradually quintuple the encryption of an algorithm to hide a bank account. He also kept switching the values every few seconds ensuring that it would be impossible to decrypt using brute force. John: As long as those values are random enough. If any pattern to those values could be predicted and duplicated, brute force would still work. John Hebert _______________________________________________ General mailing list [email protected] http://brlug.net/mailman/listinfo/general_brlug.net
