Chris Walters <[EMAIL PROTECTED]> at Wednesday 25 June 2008, 22:25:18 > Are you a cryptology expert?
Are you then?
> The only thing that cryptography attempts to do is reduce the
> **probability** of cracking the key and gaining access to the data as low
> as possible.
No news. That's, why cryptology defines "security" not as "being impossible
to crack", but as "being sufficiently improbable to crack". The only
cipher, that can't be "brute-forced", is the OTP, which is
considered "perfectly secure".
> As for brute forcing a passphrase: Since most implementations of AES
> (Rijndael) use a hash of the passphrase to form the key, it amounts to
> the same thing, in practice, as cracking the key.
First of all, you can perform hard disk encryption _without_ a passphrase.
You can store keyfiles on smart cards, usb sticks, etc. In this case, you
can generate a _truely random_ key.
Using a passphrase is the most insecure approach, but still, with a
sufficiently random passphrase, you can gain a level of security, that even
the NSA will find difficult to come around.
The randomness of a 30-char passphrase does of course by far not match the
randomness of a 256-bit key, so there is a real chance, that it can be
guessed by brute force. Still it will take much cpu time, which is not
endless, even to the NSA.
In such a case, the question is, if the data, you ciphered, is really worth
the effort of putting a super computer into work for a long time to try any
possible passphrase.
> Cryptology is, at least partly about finding the weakest link, because
> that is what is likely to be attacked in any cryptosystem.
Of course, absolutely true. Hard disk encryption is by far not perfect,
just look at the cold boot attacks that gained public interest in the last
time. But you didn't talk of _cryptosystems_ in your previous posts, you
did talk about _algorithms_.
Summarizing, the modern ciphers themselves are secure, as there is mostly no
way to crack them save a brute-force attack on the key. On the other hand,
cryptosystems built around these algorithms can of course contain
weaknesses and holes, like weak passphrases, unsecure key storage, etc.
> The US Government only keeps classified information on non-networked
> computers in secure environments, so the cipher used does not matter as
> much as the other security measures taken to ensure that the data does
> not fall into the wrong hands.
May be. I do not know, which restrictions apply to US classified data, I
only know about official statements, the US government made towards the
security of AES.
> A final thought: It is a fact that both the US Navy and the NSA are
> *very* interested in cryptology and data security. The NSA also does
> have large networks of supercomputers that, using parallel, distributed
> or concurrent computing principles can crack keys more quickly than you
> may think.
You can use simple mathematics to find out, that even the largest super
computers, having one peta flop, needs millions of years to perform an
exhaustive search through AES key space.
Anyway, you may believe, what you want to believe, I'm just reflecting, what
real experts like Bruce Schneier have been telling for years: It's wrong
to trust into simple ciphers, but it's equally wrong, to believe, that
anything can be broken.
my 2 cents
--
Freedom is always the freedom of dissenters.
(Rosa Luxemburg)
signature.asc
Description: This is a digitally signed message part.
