LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
LinkBack Search this Thread
Old 09-08-2013, 10:53 AM   #16
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 6,702
Blog Entries: 51

Rep: Reputation: 1243Reputation: 1243Reputation: 1243Reputation: 1243Reputation: 1243Reputation: 1243Reputation: 1243Reputation: 1243Reputation: 1243

Considering the resources intelligence agencies have available, they can probably crack anything anybody comes up with.
 
Old 09-08-2013, 11:07 AM   #17
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Quote:
Originally Posted by brianL View Post
Considering the resources intelligence agencies have available, they can probably crack anything anybody comes up with.
Except for the one-time pad. You can also find a link to Claude Shannon's article where he proves that the one-time pad can not only provide perfect secrecy IF implemented properly, but also that any perfectly secret encryption requires one independently random key for every symbol in the message. The one-time pad has been used during the Cold War, and the great majority of the messages sent have never been or will ever be cracked. The ones that were cracked were because the implementation rules were not followed, and thus the pads were two or three or more-time pads, rather than one-time pads.

Note that this type of encryption is only practical to use when sending an important message, not for storing data locally, like block cyphers of today. Imagine having to store a key as large as the HDD you were trying to encrypt. That would be quite useless, as you could simply lock the HDD inside a vault instead.
 
Old 09-08-2013, 11:48 AM   #18
fogpipe
Member
 
Registered: Mar 2011
Distribution: Slackware 64 Current
Posts: 313

Rep: Reputation: 64
Quote:
Originally Posted by tangle View Post
The Constitution is the law of the land. They only way to change it is to Ammend it. The Patriot Act as a whole is illegal because it violates the Constitution. There are checks and balances formed when the country was formed. In the Constitution, there is a check for a tyrannical government. In no way did the founders of this country ever intend for us to live under a tyrannical government.

Here is a quote from the Delcaration of Independence that you might find interesting. Notice how Thomas Jefferson used the words right and duty.

They have all the guns and all the encryption and the election process is tightly controlled to avoid giving alternatives to the current power structure. Just shut up and go along, its easier, and if going along causes problems for you, im sure some govt agency can find an appropriate drug and dosage.
 
Old 09-08-2013, 12:51 PM   #19
tangle
Senior Member
 
Registered: Apr 2002
Location: Smithville, TN
Distribution: Slackware
Posts: 1,744

Rep: Reputation: 70
Quote:
Originally Posted by fogpipe View Post
They have all the guns and all the encryption and the election process is tightly controlled to avoid giving alternatives to the current power structure. Just shut up and go along, its easier, and if going along causes problems for you, im sure some govt agency can find an appropriate drug and dosage.
Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?
-- Patrick Henry March 23, 1775
 
Old 09-08-2013, 03:34 PM   #20
fogpipe
Member
 
Registered: Mar 2011
Distribution: Slackware 64 Current
Posts: 313

Rep: Reputation: 64
Quote:
Originally Posted by tangle View Post
Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?
-- Patrick Henry March 23, 1775
These days a dangerous character like that would have been spotted in school and appropriately dosed or confined.
 
Old 09-09-2013, 08:31 AM   #21
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,049

Rep: Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953Reputation: 953
"The Constitution of the United States" doesn't mean a damn thing unless the people of the country constantly force it to have meaning. Plenty of banana republics have very nice Constitutions.

Never expect real people to have "terribly high" motivations when Simple Greed will get the job done. There is a tremendous (and secret) amount of m-o-n-e-y to be made by, for example, "convincing a government that it must Spy on Everyone and Everything." (Just imagine how many billions of disk-drives that this is selling right now, so that top men might get to look-at the information some day ... or, for that matter, even if they never get around to it.)

So far, 95% of the US Congress isn't even "allowed" to know what they're voting for: they don't have "security clearances." But, amid all that very contented grunting and slobbering, I don't notice any of the pigs complaining about that. Nor will they ever ... why on earth should they? "They've got theirs. You can just Eat Cake."

The real lesson of the Parable of the Prodigal Son is that people tend to drive themselves downward until there is simply nowhere else farther down to go, before they first start to think (if they ever do) about what it is that caused them to wind up in a sty, alone and friendless. Entire societies can have the same ailment.

Last edited by sundialsvcs; 09-09-2013 at 08:32 AM.
 
Old 09-09-2013, 08:39 AM   #22
tangle
Senior Member
 
Registered: Apr 2002
Location: Smithville, TN
Distribution: Slackware
Posts: 1,744

Rep: Reputation: 70
Quote:
Originally Posted by sundialsvcs View Post
"The Constitution of the United States" doesn't mean a damn thing unless the people of the country constantly force it to have meaning.
Yep
 
Old 09-09-2013, 11:47 AM   #23
/dev/random
Member
 
Registered: Aug 2012
Location: Ontario, Canada
Distribution: Slackware 14.1, LFS-current, NetBSD 6.1.3
Posts: 116

Rep: Reputation: 38
Quote:
Originally Posted by LarryLQ View Post
So I guess https, SSL, gpg and ssh tunneling is useless in today's world...

It seems that NSA is above the law. Hell, they have violated court orders on collecting data on American citizens. It's not right for them to treat American citizens as domestic terrorists.

SSL as always had issues, you don't need to attack the cypher itself, you can hit it with side channel attacks, such as BREACH which attacks the https servers compression algorithm, because of the way it compresses the requests one can inject clear text into the header and then solve for parts of the session key (if your really good at it, you can get the whole session key in 30 secs).

OpenPGP, will never be cracked in a very long time, (they have not yet been able to factor 1024bit keys, assuming they can and have, 2048 is miles away from being cracked..) What you are trying to achieve when cracking RSA encryption is solving n to solve n you need the prime number... if you can factor the prime number (the whole length of the key) then it is possible to solve for n which mean they could break it. the problem is (even with quantum computers) this won't be crackable in some time. Everyone seems keen on quantum computers, but have no idea how they work or why... a quantum computer will not solve RSA in our life times, if you try to crack a 4096bit key assuming you could build a quantum computer large enough (4 trillion quid bits) that are in full swing for about 90 years, then yes you could crack 4096Bit encryption (assuming there are no huge leaps in this field that is) and by 90 years from now we wouldn't be using 4096bit keys anymore anyways.

Also quantum computers do not solve problems any faster then a regular computer, because they can see whole sets of data and does not operate serially (like modern pcs do) doesn't magically give them the ability to solve problems any faster. You here people mention quantum and computer in the same sentence and it's like it's a magic box or something that can do anything.


So SSH/PGP/RSA unless you are using 1024bit keys are still safe, and even then there is no evidence that 1024bit keys have even been broken yet.

Last edited by /dev/random; 09-09-2013 at 11:49 AM.
 
Old 09-09-2013, 12:19 PM   #24
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Remember that the NSA has computers designed specifically to do there kinds of operations very quickly.

The NSA will surely be able to break an encryption BEFORE there is any evidence that anyone can do so. I'm not saying RSA can be broken, but you shouldn't assume that it can't be.

See chapter 10:
http://www.cryptovirology.com/cryptovfiles/newbook.html

Last edited by H_TeXMeX_H; 09-09-2013 at 12:21 PM.
 
Old 09-09-2013, 12:47 PM   #25
moxieman99
Member
 
Registered: Feb 2004
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 407

Rep: Reputation: 78
Quote:
Originally Posted by H_TeXMeX_H View Post
AES was developed with the "help" of the NSA, so you won't find me going anywhere near it.
I thought AES was open-source?
 
Old 09-09-2013, 05:46 PM   #26
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian
Posts: 2,308

Rep: Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768
Quote:
Originally Posted by /dev/random View Post
a quantum computer will not solve RSA in our life times,
A quantum computer should be able to solve factoring (and hence RSA) quite quickly, however, it might turn out to be like cold fusion: always 20 years away...

Quote:
if you try to crack a 4096bit key assuming you could build a quantum computer large enough (4 trillion quid bits)
I'm pretty sure only 4096 qbits would be required.

Quote:
Also quantum computers do not solve problems any faster then a regular computer, because they can see whole sets of data and does not operate serially (like modern pcs do) doesn't magically give them the ability to solve problems any faster. You here people mention quantum and computer in the same sentence and it's like it's a magic box or something that can do anything.
Quantum computers can't magically solve everything faster, but factoring is one of the things they can solve faster given our current knowledge. It is also possible that factoring can be solved quickly on a classical computer if some mathematical advance is discovered.

Quote:
So SSH/PGP/RSA unless you are using 1024bit keys are still safe, and even then there is no evidence that 1024bit keys have even been broken yet.
I agree with this.
 
Old 09-09-2013, 05:50 PM   #27
k3lt01
Senior Member
 
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with Slackware 14.
Posts: 2,453

Rep: Reputation: 506Reputation: 506Reputation: 506Reputation: 506Reputation: 506Reputation: 506
Quote:
Originally Posted by sundialsvcs View Post
"The Constitution of the United States" doesn't mean a damn thing unless the people of the country constantly force it to have meaning. Plenty of banana republics have very nice Constitutions.

Never expect real people to have "terribly high" motivations when Simple Greed will get the job done. There is a tremendous (and secret) amount of m-o-n-e-y to be made by, for example, "convincing a government that it must Spy on Everyone and Everything." (Just imagine how many billions of disk-drives that this is selling right now, so that top men might get to look-at the information some day ... or, for that matter, even if they never get around to it.)

So far, 95% of the US Congress isn't even "allowed" to know what they're voting for: they don't have "security clearances." But, amid all that very contented grunting and slobbering, I don't notice any of the pigs complaining about that. Nor will they ever ... why on earth should they? "They've got theirs. You can just Eat Cake."

The real lesson of the Parable of the Prodigal Son is that people tend to drive themselves downward until there is simply nowhere else farther down to go, before they first start to think (if they ever do) about what it is that caused them to wind up in a sty, alone and friendless. Entire societies can have the same ailment.
Extremely well said.
 
Old 09-10-2013, 05:50 AM   #28
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Quote:
Originally Posted by moxieman99 View Post
I thought AES was open-source?
Yeah, but where did the constants used come from ?
 
Old 09-11-2013, 08:12 AM   #29
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Are the NIST Standard Elliptic Curves Back-doored?
http://it.slashdot.org/story/13/09/1...es-back-doored

Quote:
"In the wake of Bruce Schneier's statements that he no longer trusts the constants selected for elliptic curve cryptography, people have started trying to reproduce the process that led to those constants being selected ... and found it cannot be done. As background, the most basic standard elliptic curves used for digital signatures and other cryptography are called the SEC random curves (SEC is 'Standards for Efficient Cryptography'), a good example being secp256r1. The random numbers in these curve parameters were supposed to be selected via a "verifiably random" process (output of SHA1 on some seed), which is a reasonable way to obtain a nothing up my sleeve number if the input to the hash function is trustworthy, like a small counter or the digits of PI. Unfortunately it turns out the actual inputs used were opaque 256 bit numbers, chosen ad-hoc with no justifications provided. Worse, the curve parameters for SEC were generated by head of elliptic curve research at the NSA opening the possibility that they were found via a brute force search for a publicly unknown class of weak curves. Although no attack against the selected values are currently known, it's common practice to never use unexplainable magic numbers in cryptography standards, especially when those numbers are being chosen by intelligence agencies. Now that the world received strong confirmation that the much more obscure and less widely used standard Dual_EC_DRBG was in fact an NSA undercover operation, NIST re-opened the confirmed-bad standards for public comment. Unless NIST/the NSA can explain why the random curve seed values are trustworthy, it might be time to re-evaluate all NIST based elliptic curve crypto in general."
Another reason for my recommendation that you look up the encryption on the net, on wiki. Search the page for "NSA", if the search comes up positive, choose another encryption.

Another reason to use twofish is because Bruce Schneier, Niels Ferguson, and others designed it, and at least these two seem more trustworthy.

A previous article:
http://cyberwarzone.com/did-nsa-put-...ption-standard

As for AES and Serpent also see:
http://en.wikipedia.org/wiki/XSL_attack

EDIT: My other concern is hash algorithms, because there aren't that many that weren't designed by the NSA (like the SHA). I'm currently using whirlpool because it is supported in the kernel, but would rather use something like:
https://blake2.net/

I know there are these sites for some info on hash functions that have been broken:
http://ehash.iaik.tugraz.at/wiki/The_Hash_Function_Zoo
http://en.wikipedia.org/wiki/Cryptog...ash_algorithms

Last edited by H_TeXMeX_H; 09-11-2013 at 08:25 AM.
 
Old 09-12-2013, 10:47 AM   #30
nobahn
LQ Newbie
 
Registered: Sep 2013
Location: Great Lakes region
Distribution: LinuxMint 15 & OpenSUSE 12.3 KDE
Posts: 12
Blog Entries: 2

Rep: Reputation: 0
Exclamation

Quote:
Originally Posted by tangle View Post
Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?
-- Patrick Henry March 23, 1775
Paradoxically enough, the man would -- in later years -- go on to purchase slaves!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: The NSA is Commandeering the Internet LXer Syndicated Linux News 3 08-16-2013 03:00 AM
LXer: XKeyscore: NSA tool collects 'nearly everything a user does on the internet' LXer Syndicated Linux News 0 07-31-2013 03:02 PM
LXer: XKeyscore: NSA tool collects 'nearly everything a user does on the internet' LXer Syndicated Linux News 0 07-31-2013 12:41 PM
Can Demand Paging be disabled or circumvented? ajmayhall Linux - Newbie 13 12-16-2007 08:04 PM
LXer: AT&T Forwards ALL Internet Traffic Into NSA Says EFF LXer Syndicated Linux News 0 04-06-2006 11:21 AM


All times are GMT -5. The time now is 08:52 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration