Re: [PLUG] encryption

Aaron Mulder on 18 Sep 2013 06:35:53 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] encryption

From: Aaron Mulder <ammulder@alumni.princeton.edu>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] encryption
Date: Wed, 18 Sep 2013 09:35:41 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=wa3ZcPGz877s6d54lt5SwJ8SPrS6qI5Q8lx2L6fyPA4=; b=OcXmNrufUiXA8spXcrlLoNhh9QyZ8h5qfyVpdkPWJe3NZ000cAHK1/s4hiyN3wiwer hYPMi+BXGgOtHkCZH6j4Lq6IZ6Ue3Bz8HVWAX9Rq9DIFXv5b9cptM8A01rF8jMWyyW0Z HBrpcj+0QY+FNxgUNLr32orAlu0nHoZWtlIcFWcAoSR4zAiPKYroGVu+RVJVC/Jx9WzF SrYmYx/JTtkd72YUB1o5b4vsK05wLcehq72EoxM0sTHaJ5TiMoJXCtn4krGistgFW3W1 FA7Pu6aC5vuWfmamIqr/Fy2W4xF6WVmn8QlAZmHjIkuHDrDPK0L2E9Z3OvDoaM6KNvns dihg==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: plug-bounces@lists.phillylinux.org

On Wed, Sep 18, 2013 at 9:15 AM, Rich Freeman <r-plug@thefreemanclan.net> wrote:
> If they have a goal of cracking 256-bit AES, and they're spending
> billions on a supercomputer to implement it, then I think there is a
> pretty high likelihood that they know of a weakness in the cipher that
> they can exploit.

On the other hand, you really have to ask yourself, if they could
break AES-256, why would they say so?  If they're going out of their
way to convince you NOT to use it, maybe it's *because* they can't
crack it?

Bottom line, it's impossible to know.  But Schneier's advice was that
since you can't know, you're going to gamble, and if you're going to
gamble, better to gamble on an open source product than a commercial
product, because at least the back doors in open source are more
likely to be noticed.  (His other advice was to avoid ECC because
whoever provides the constants may be holding a "private key" allowing
them to crack it, and the NSA provided the recommended constants.)

Thanks,
       Aaron
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] encryption
  - From: Rich Freeman <r-plug@thefreemanclan.net>

References:
- [PLUG] encryption
  - From: Stewart Lone <v592653589793238@verizon.net>
- Re: [PLUG] encryption
  - From: jeff <jeffv@op.net>
- Re: [PLUG] encryption
  - From: Art Alexion <art.alexion@gmail.com>
- Re: [PLUG] encryption
  - From: Ed Roper <ed.roper@golevelone.com>
- Re: [PLUG] encryption
  - From: Rich Freeman <r-plug@thefreemanclan.net>

Prev by Date: Re: [PLUG] encryption
Next by Date: Re: [PLUG] encryption
Previous by thread: Re: [PLUG] encryption
Next by thread: Re: [PLUG] encryption
Index(es):
- Date
- Thread