[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-user
Subject:    Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.
From:       Wol <antlists () youngman ! org ! uk>
Date:       2023-09-23 13:57:38
Message-ID: e1179588-5b99-4eb1-be59-3de4a6f6595d () youngman ! org ! uk
[Download RAW message or body]

On 23/09/2023 14:35, Dale wrote:
> Another question.  Are people trying to work on better encryption given 
> current encryption can be cracked?  I read some things changed after 
> Snowden.  I'm just not sure what and if more changes are needed even 
> today.

> If you wanted the most secure and hard to crack encryption, what 
> would you use?  How does one tell cryptsetup to use it?  I have several 
> encryption options here but no idea what is the best or even just good.

If you want encryption that can't be cracked, go for RSA. It's uncrackable.

Now you might be wondering why I say that, given that is a simple, 
well-known attack, but it's true. You can trick me into encoding as much 
plain text as you like, where you can intercept the cipher text, and you 
will not be able to crack the cipher itself. What you need to do is get 
hold of ONE of my key-pairs. The public one of course is usually freely 
available, and if you get hold of the private one it's game over.

You can then mathematically solve "the puzzle of the keys" from my 
public pair and recover the private key. This is why RSA keys keep 
getting bigger - it takes more and more brute force to solve.

I don't know enough about ECC - do you crack it or solve it?

Both these ciphers however have a massive weakness - make a mistake 
setting them up and the solution becomes easy. RSA relies on multiplying 
two huge primes together. Dunno what ECC relies on. If one of your RSA 
primes is not, in fact, prime then factoring the huge product becomes 
easy, and recovering all the keys built from it is simple.

ECC specifies various parameters, and the official standard ECC 
parameters were discovered to contain a flaw. Was that an intentional 
back door? It's thought it was an accident.

But I think cryptographers have abandoned crackable ciphers now - if 
it's crackable then it's easily crackable. And all other ciphers simply 
rely on the asymmetric effort taken to create a key or solve a key.

Cheers,
Wol

[prev in list] [next in list] [prev in thread] [next in thread]