Jump to content
Not connected, Your IP: 3.238.228.237
Sign in to follow this  
Royee

NSA close to breaking AES encryption?

Recommended Posts

No, they're not anywhere close to breaking AES-128, 192 or 256. Look at the date. This is old news. Bruce Schneier has written about it in the past and has said many times that AES will take quite a bit of time to break- on the order of decades, centuries or even longer. AES-192 and 256 are considered good enough for top secret docs in the US. PGP (RSA asymmetric), on the other hand, may be broken over the next 10 or 20 years. THAT is pretty scary!

 

And remember: regardless of the algorithm used, if your passphrase isn't long enough then a sufficiently powerful computer can guess it in a few days or even hours. No need for a such a passphrase for anything but whole disk encryption, PGP and other things where someone can seize your data and try to decrypt it an unlimited amount of times.

Share this post


Link to post

According to that article NSA has modifed supercomputers to target specific algorithms. Their priority would be AES. If you decide not to use AES then don't get a CPU that supports AES because it appears to slow down alternatives like Twofish. Twofish is actually faster than AES at 256-bit on most platforms.

http://en.wikipedia.org/wiki/Twofish

http://en.wikipedia.org/wiki/Serpent_%28cipher%29


You can test password strength here.
https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html

Share this post


Link to post

You could use truecrypt instead even with a weak password.

 

There are a few decrypter tools for Truecrypt, even commercial ones like from Elcomsoft.

I would rather take my hands of Truecrypt or Bitlocker if we're talking about security.

Share this post


Link to post

 

You could use truecrypt instead even with a weak password.

 

There are a few decrypter tools for Truecrypt, even commercial ones like from Elcomsoft.

I would rather take my hands of Truecrypt or Bitlocker if we're talking about security.

 

Hello,

 

can you please elaborate?

 

Kind regards

Share this post


Link to post

 

 

 

 

You could use truecrypt instead even with a weak password.

There are a few decrypter tools for Truecrypt, even commercial ones like from Elcomsoft.

I would rather take my hands of Truecrypt or Bitlocker if we're talking about security.

There are bruteforce tools for it, but with multiple containers encased in one another on a hidden truecrypt volume, they would be absolutely useless. http://www.truecrypt.org/faq <<They say and I quote "it could take thousands or millions of years".

In case you haven't noticed, Elcomsoft searches for keys if the true crypt volume is already mounted and you hibernated or locked out of your PC, searching for keys in memory dump and hibernation files!= decryption. This is solved here http://www.truecrypt.org/docs/hibernation-file.

Share this post


Link to post

for added protection using truecrypt use some random file as a keyfile.  But don't make a mistake i made and use a photo.  I later was playing around with picasa and found out that it alters jpgs in some way, thus destroying the keyfile.  (this also provides a good excuse as to why you cant give the feds access to the volume)  Luckily I had a backup. 

 

 A tip for creating a 64 char password that you can remember. And it IS important to have a strong password. Take a phrase you can easily remember  and a salt, something like +$+  replace all spaces with the salt then somewhere add a block of random characters that don't for a word, be sure to use caps somewhere.  

 

Also in truecypt select never save history.  Under settings there are options to auto-dismount including a set idle time to dismount.  Check the preserve modification timestamp so you can say 'I haven't used that file in forever, i don't remember that password'   You can also set hot key to force a dismount and then close truecrypt.  If you are really worried about the security of your computer type in your password using the onscreen keyboard to bypass any keyloggers that may be installed without your knowledge.  

 

One good use for a TC volume is to hold a virtual machine but if you don't want to go that route you can use sandboxie to run apps virtually inside the volume.  If you were to run a p2p or browser in sandboxie then the browser history, cookies, acquired malware adware, virus and whatever else you suck off the net will be nicely contained inside your volume.  If a program that is running inside of sandboxie opens up another program then it too is in the sand box.  It's nice.

 

 

 

....sorry, my adderall just kicked in.

Share this post


Link to post

thanks bay that is some good information there,  I can see have a long way to go to mastering and understanding security and anonymity,  as my friend always said big brother is watching us !

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...