Re: [gentoo-user] loop-aes + extra-ciphers...

Re: [gentoo-user] loop-aes + extra-ciphers...

[Dirk Heinrichs]

[-- Attachment #1: Type: text/plain, Size: 971 bytes --]

Am Mittwoch, 25. Juni 2008 schrieb Chris Walters:

> | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2],
> | etc) can break those algorithms relatively easy. On the other hand even
> | weaker algorithms can protect your data against laptop thieves.
>
> That's more than a rumor.  Another three letter agency (NSA) has networks
> of supercomputers that can brute force a passphrase is little time.  I am
> majoring in mathematics, and plan to specialize in cryptology.

If it is so easy for them to crack our ciphers (and the one they use 
themselves, btw.), why doesn't Kasperky ask them to crack the key of the 
GPCode virus which, according to Kaspersky's assumptions, would keep 15 
million modern PCs busy for a year. 

And, if it is so easy for them, it is as easy for other governments too, 
right? That would mean they use a cipher that's easily crackable by other 
governments. Do you really think they do?

Bye...

	Dirk

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] loop-aes + extra-ciphers...

[Alan McKinnon]

On Wednesday 25 June 2008, Dirk Heinrichs wrote:

> If it is so easy for them to crack our ciphers (and the one they use
> themselves, btw.), why doesn't Kasperky ask them to crack the key of
> the GPCode virus which, according to Kaspersky's assumptions, would
> keep 15 million modern PCs busy for a year.

There's an interesting side possibility to that one. It's entirely 
plausible that the key used to encrypt all those poor sucker Windows 
user's files isn't just any old key, but rather a very important public 
key that matches a private key the bad guys would like to have - like a 
CA's private key.

Maybe cracking that key isn't such a good idea after all. I think this 
is a case for hose-pipe decryption.

-- 
Alan McKinnon
alan dot mckinnon at gmail dot com

-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Dirk Heinrichs wrote:
| If it is so easy for them to crack our ciphers (and the one they use
| themselves, btw.), why doesn't Kasperky ask them to crack the key of the
| GPCode virus which, according to Kaspersky's assumptions, would keep 15
| million modern PCs busy for a year.
|
| And, if it is so easy for them, it is as easy for other governments too,
| right? That would mean they use a cipher that's easily crackable by other
| governments. Do you really think they do?

I didn't say it was "easy".  All I said is that it is possible, with enough
resources, to crack keys.  I very much doubt that the NSA would be interested
in cracking the key of the GPCode virus, since they are more directed to the
National Security of the US.

As for other governments, if they have large networks of supercomputers, and
cryptanalysis experts, then it would probably be just as probable that they
could crack any key from any publicly used cipher algorithm.

Regards,
Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIYqsOAAoJEIAhA8M9p9DAnswP+QEM14WCclfIljkDDhRGJ/uU
d/XJMrw7wyJxJ+jodCARFlBjnyzMYTNShIaX9jgWWQFOC85XMFAcjjeVejP7bcd5
kfmJyJFJeT0omH/68Mw7tiyN4Ft+ldovSIj2iJKU8BkLszd0E+wizM7MvIrPKyq0
xj5xZNJyimd7zSCE+F6+OHQJ+GrlMMrOv0YWUd9FrfWBW/GB635EU1KDg1YKrn4v
8goRTdS/ImtcXJTttRbOLwSCwi66Cv2RgK6BACeSxzxxkODeHy/qnKSnppxMfPxD
X4WZz+i6VW7+diUJuGojWyFooFTL/RjJOprmAWsNM4V1R0sVsHqzIzwGZSa/BzIM
J5Yzj5LQGpceP0qOVz4fAw41rEVliYlVxQNxEhlxt53UN3tQ5pGvayasZD1mLz6A
QDBZNuQkeC2ggxLPOWF6/qRiLgjFXxZ4viiEDagCGhveGdSqu78DVvlOtCbkw78D
pRdSxIU9Uc77Z7N5ZPpckHooX4argKLiPkyBpuU9alEHZd6KdjdSdFF4pPx73101
0baSIp4Ato0AZ/wciu9RIAtKwuwtlZ8bzcm3CxKeRJ1Fr6kLVoa0w3r1RkW+/T+C
hFiaLAoLfnqdUrSBDAVUuEkL8W3OOPr1SRsYY9Pp1XNykEPqIsmV+OWgzooDCJly
hUV5npf+EK4AjE5n7nc7
=Cvzy
-----END PGP SIGNATURE-----
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Alan McKinnon]

On Wednesday 25 June 2008, Chris Walters wrote:
> Dirk Heinrichs wrote:
> | If it is so easy for them to crack our ciphers (and the one they
> | use themselves, btw.), why doesn't Kasperky ask them to crack the
> | key of the GPCode virus which, according to Kaspersky's
> | assumptions, would keep 15 million modern PCs busy for a year.
> |
> | And, if it is so easy for them, it is as easy for other governments
> | too, right? That would mean they use a cipher that's easily
> | crackable by other governments. Do you really think they do?
>
> I didn't say it was "easy".  All I said is that it is possible, with
> enough resources, to crack keys.  I very much doubt that the NSA
> would be interested in cracking the key of the GPCode virus, since
> they are more directed to the National Security of the US.
>
> As for other governments, if they have large networks of
> supercomputers, and cryptanalysis experts, then it would probably be
> just as probable that they could crack any key from any publicly used
> cipher algorithm.

This is the point where I start to ask for a citation and stop listening 
to theoretical possibilities and things that might possibly could be. 
Unless of course the exact meaning of phrases like "three hundred 
thousand million years" has a different meaning in your universe than 
it does in mine.



-- 
Alan McKinnon
alan dot mckinnon at gmail dot com

-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Alan McKinnon wrote:
| On Wednesday 25 June 2008, Chris Walters wrote:
|> Dirk Heinrichs wrote:
|> | If it is so easy for them to crack our ciphers (and the one they
|> | use themselves, btw.), why doesn't Kasperky ask them to crack the
|> | key of the GPCode virus which, according to Kaspersky's
|> | assumptions, would keep 15 million modern PCs busy for a year.
|> |
|> | And, if it is so easy for them, it is as easy for other governments
|> | too, right? That would mean they use a cipher that's easily
|> | crackable by other governments. Do you really think they do?
|>
|> I didn't say it was "easy".  All I said is that it is possible, with
|> enough resources, to crack keys.  I very much doubt that the NSA
|> would be interested in cracking the key of the GPCode virus, since
|> they are more directed to the National Security of the US.
|>
|> As for other governments, if they have large networks of
|> supercomputers, and cryptanalysis experts, then it would probably be
|> just as probable that they could crack any key from any publicly used
|> cipher algorithm.
|
| This is the point where I start to ask for a citation and stop listening
| to theoretical possibilities and things that might possibly could be.
| Unless of course the exact meaning of phrases like "three hundred
| thousand million years" has a different meaning in your universe than
| it does in mine.

Whom are you asking for a citation from?  For which particular facts?  Do you
really doubt that the US NSA has a *lot* of supercomputers?  Do you really
doubt that they have experts in mathematics, cryptology, cryptanalysis, and
cryptography experts on staff?  Or perhaps you doubt that they can crack any
keys at all...

Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIYrCEAAoJEIAhA8M9p9DANokQAMVlJk0AoEa11ixiLCeNrEo/
RHkuMpHYeBpEAbWKhqqwdPZPE4voBdT70pbJeK5MXCoMNGpUopW4vYdtEv6WA88Q
LaPHdr9RdOf0n/7LLr6el61sbe41S5DRHLFnh63c83v0hSjyJVir+WoaOMGh0psG
wUist2SyPos7rNrgSs0MeOKM2/qSCpC0OF3HZmMQhPXVQQHSWC03T14EX+dTtSeb
+oxZ8aky0sqzfjvc84ep7zM9WUxN+JFR7bjokpzOwryiZt729nMxa3SATCcJWvhH
6RHtAK4gK9tXbZJ/70Um7D98lPLTeilImYIVAANhpkA/MwB8UN2d9BHxTdnZ5iCs
GRWAMFllDUFKTmCnx0yXkdP/UQA0VuJeqE2dVv1gn0wUft93I9fxQcGKkGc2X3r3
Vz7crUhLgVZyasXXMe5IRBr6ZbBsSX/f/2zGaTG/jDpFBBVUqV5JE1LBds0uMwre
zvsRicdAuNV2yzFYkkbOzDsupJClHqWv/xqO4gcQqArtYXuMgrPlaiF+nibW5aeM
0tZfFsZk+CE7HkpNx6GPVoCk1hTao5LfZhcx/HNk7e0v0OV4I6YkO7beFLPK4oNM
FXA2xIskjqBjjuAviP59oO0sMJYwuxH4E/DCjjxscqkzowoBc401SauK/1eeuCG4
1MAYx/+jN69eWKxMTmZT
=N/8S
-----END PGP SIGNATURE-----
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Alan McKinnon]

On Wednesday 25 June 2008, Chris Walters wrote:
> | This is the point where I start to ask for a citation and stop
> | listening to theoretical possibilities and things that might
> | possibly could be. Unless of course the exact meaning of phrases
> | like "three hundred thousand million years" has a different meaning
> | in your universe than it does in mine.
>
> Whom are you asking for a citation from?

I'm asking you to back up your totally unsubstantiated assertions that 
the NSA et al can rapidly crack decent cryptography

> For which particular facts? 

Pick any one you like from your contribution to this thread. My 
favourite would be this one:

"A final thought:  It is a fact that both the US Navy and the NSA are 
*very*
interested in cryptology and data security.  The NSA also does have 
large
networks of supercomputers that, using parallel, distributed or 
concurrent
computing principles can crack keys more quickly than you may think."

Now that's a pretty definite statement you made there. So, how quickly 
do you think I think they can do it? And how quickly can they actually 
do it?

>  Do you really doubt that the US NSA has a *lot* of supercomputers?

Not at all, in fact I would hazard an educated guess that the NSA is the 
largest consumer of supercomputers in the world, and also that they are 
very reluctant to advertise the fact. I doubt any of their machines 
appear on the Top500 list.

I say this as a natural deduction from knowing what they are mandated to 
do and how they would realistically go about doing it.

>  Do you really doubt that they have experts in mathematics,
> cryptology, cryptanalysis, and cryptography experts on staff?

Not at all, I would be stupid indeed to doubt that. As evidence, one 
only has to look at the vast amount of technical literature the NSA has 
published on the subject.

> Or 
> perhaps you doubt that they can crack any keys at all...

Don't get smart with me, jackass.

Everyone here who knows a bit about cryptography knows that give enough 
time and resources any key can be cracked.

I asked you to do a perfectly reasonable thing. You are asserting that 
the NSA can crack keys quickly, much quicker than the average geek 
thinks they can do it, but you provide no evidence of this other than 
your own assertion of it. You didn't even give any evidence of why I 
should consider you a credible and knowledgeable person in the field. 
Extraordinary assertions require extraordinary evidence and all that.

I see 4 scenarios here:

1. You are perfectly correct and can back it up. In which case I'd like 
to read the evidence.
2. You are perfectly correct and have the evidence but cannot show it to 
me due to national security or NDA. That's fine, but do say so.
3. You are presenting your knowledgeable hunch/gut feel/opinion/hearsay 
evidence as fact. that's also fine, but do say so.
4. You are simply making stuff up in varying degrees.

-- 
Alan McKinnon
alan dot mckinnon at gmail dot com

--
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Chris Walters]

Alan McKinnon wrote:
>> Or 
>> perhaps you doubt that they can crack any keys at all...
> 
> Don't get smart with me, jackass.

Fuck off, shitehead.  Call me a jackass, when I simply state facts you admitted 
to?  You're a fucking idiot.  Welcome to my ignore list.

-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Jason Rivard]

[-- Attachment #1: Type: text/plain, Size: 569 bytes --]

On Wed, Jun 25, 2008 at 9:51 PM, Chris Walters <cjw2004d@comcast.net> wrote:

> Alan McKinnon wrote:
>
>> Or perhaps you doubt that they can crack any keys at all...
>>>
>>
>> Don't get smart with me, jackass.
>>
>
> Fuck off, shitehead.  Call me a jackass, when I simply state facts you
> admitted to?  You're a fucking idiot.  Welcome to my ignore list.
>
> Now that was TOTALLY UNCALLED FOR! All he asked you to do is prove your
ludicrous statements about the NSA being able to crack any key in a "short"
amount of time. Wait for my private mail, Mr. Walters.

Jase

[-- Attachment #2: Type: text/html, Size: 1203 bytes --]

Re: [gentoo-user] loop-aes + extra-ciphers...

[Alan McKinnon]

On Wednesday 25 June 2008, Jason Rivard wrote:

> Wait for my private mail, Mr. Walters.

I wouldn't bother with a private mail Jason. Tomorrow Chris will calm 
down, take a deep breath and probably contribute to the list again. It 
pretty much always works that way.

Maybe he's quick to anger. Well, so am I sometimes. But he certainly 
does not belong in that class of people who have nothing useful to 
contribute.

-- 
Alan McKinnon
alan dot mckinnon at gmail dot com

-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] PEACE!!!

[Daniel Iliev]

On Wed, 25 Jun 2008 17:51:53 -0400
Chris Walters <cjw2004d@comcast.net> wrote:

> Alan McKinnon wrote:
> >> Or 
> >> perhaps you doubt that they can crack any keys at all...
> > 
> > Don't get smart with me, jackass.
> 
> Fuck off, shitehead.  Call me a jackass, when I simply state facts
> you admitted to?  You're a fucking idiot.  Welcome to my ignore list.
> 


WOW! Both of you! Come on, guys! What is this? I've never seen such
thing here for all the years I'm on the list.

Please calm down, we are supposed to be friends here, right?


-- 
Best regards,
Daniel
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] PEACE!!!

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Daniel Iliev wrote:
| On Wed, 25 Jun 2008 17:51:53 -0400
| Chris Walters <cjw2004d@comcast.net> wrote:
|> Alan McKinnon wrote:
[snip]
| WOW! Both of you! Come on, guys! What is this? I've never seen such
| thing here for all the years I'm on the list.
|
| Please calm down, we are supposed to be friends here, right?

Sorry for the outburst.  It just gets my dander up when someone calls me
childish names on a discussion group like this.  I thought we were all friends
here - we have all chosen the same distribution (Gentoo), and we all often come
here first when we have problems.

I asked a simple question that grew into so much more.  Never did get an answer
to my simple question.  For the record, I agree that AES256 is an extremely
secure cipher, which is why I am using it.

My original question was:  Does anyone know how to compile the "extra-ciphers"
package that you can find on the loop-aes SourceForge site.

Regards,
Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIYslFAAoJEIAhA8M9p9DAxXwQAOGzP8cvDre0vNsGFitE6d7Z
4T70sDV6K2Sz9Li7QpSuewbfzDtsV7h4SAHlsc3H6PRK0qnqNQ8d0871adAXFIFR
dlYWNl4sHD2IDgXGVOosob5pw8CWPh4bKlPs5e67eys8ugc/gt+eiDHOdgTJ0fVY
9Y7cS20E1FhUumVp/Tzpqk4T9+eDWJ6ot4+M+jNcgzwYehmnaRTwxArmCac3kLHw
wy1wFYW3dtlaTEUbzccalrS+d/8cSzRRzGKVLDX7WiqkKLzpfxy53xKQ55jnO9hy
bqqMKKMZ7r1S9hpNtMBnx8WDyEnOBsZ3AuV+3CLiz4sSbKWKboTBti3FxVWwtINn
2lJDVMKB6pujhZugs1MlS5MGUrZ/j4itslOAuGXUFEsL34Wpvw3q/BPPkbc1NvWC
7BK7pHI7XIRmdVHr4fbMV5ltpvs0Dl+HB8jcFiXZb/yekwZIMs8AcGtTuCn3zuk8
4dAh6IGlhkv5sAsl8rAzR5lsVILM8SfKFREE4i3Eu5X4MBwTTMaSpEcjLSxdxXev
KsB5nWdVTZMhOEnkjxz60Pq2uxzaJ5Vxvxzuvlvu54VGc5cc/XFvg/HdRa0CpZnO
61RuXPmUwCEEKctC/BoWa0SpFdTSUs1T+BQtBQ8/1OuUnGkFaCbhcfvlUGj4jOIm
R6UutSxAUwn/rUedzzf1
=ndyG
-----END PGP SIGNATURE-----
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes

[Daniel Iliev]

On Wed, 25 Jun 2008 18:40:08 -0400
Chris Walters <cjw2004d@comcast.net> wrote:

 
> My original question was:  Does anyone know how to compile the
> "extra-ciphers" package that you can find on the loop-aes SourceForge
> site.

The following works here:

1) ebuild `equery w loop-aes` unpack

2) cd $PORTDIR/sys-fs/loop-aes-<version>/work/loop-AES-<version>/

3) make EXTRA_CIPHERS=y

4) cd ../../

5) touch .compiled

6) cd

7) ebuild `equery w loop-aes` merge


(I actually stopped only up to step 3, but it finished w/o error)


Since you said something about lack of documentation about loop-aes,
have you already found this?

http://loop-aes.sourceforge.net/loop-AES.README


NOTE: "In order to support AES and other ciphers, mount, umount,
losetup, swapon and swapoff need to be patched and
recompiled."

There's a hope - Gentoo may provide a patched version of util-linux.
In case those tools are not already patched I wouldn't go that far on
a system which is not especially dedicated for this encryption test of
yours.


HTH

-- 
Best regards,
Daniel
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Daniel Iliev wrote:
| On Wed, 25 Jun 2008 18:40:08 -0400
| Chris Walters <cjw2004d@comcast.net> wrote:
|
|
|> My original question was:  Does anyone know how to compile the
|> "extra-ciphers" package that you can find on the loop-aes SourceForge
|> site.
|
| The following works here:
|
| 1) ebuild `equery w loop-aes` unpack
|
| 2) cd $PORTDIR/sys-fs/loop-aes-<version>/work/loop-AES-<version>/
|
| 3) make EXTRA_CIPHERS=y
|
| 4) cd ../../
|
| 5) touch .compiled
|
| 6) cd
|
| 7) ebuild `equery w loop-aes` merge
|
|
| (I actually stopped only up to step 3, but it finished w/o error)
|
|
| Since you said something about lack of documentation about loop-aes,
| have you already found this?
|
| http://loop-aes.sourceforge.net/loop-AES.README
|
|
| NOTE: "In order to support AES and other ciphers, mount, umount,
| losetup, swapon and swapoff need to be patched and
| recompiled."
|
| There's a hope - Gentoo may provide a patched version of util-linux.
| In case those tools are not already patched I wouldn't go that far on
| a system which is not especially dedicated for this encryption test of
| yours.

Thanks for this.  I will give it a try, when I get a chance.  It is not really
an encryption test, as you put it, so much as it is frustration at not being
able to get the extra ciphers to compile.

Oh, and Gentoo already patches util-linux with the patch from loop-aes.  One
big problem that people are experiencing right now it that since the testing
version of util-linux got bumped up, the old patch will not work anymore - this
has to be fixed upstream, but I doubt they will do so until the new version of
util-linux is proven stable.  For some reason, the 2.6.24 kernel patch works
with the 2.6.25 version of the kernel, probably because the files it changes
have not yet changed.

Regards,
Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIYv89AAoJEIAhA8M9p9DABGIP/AkFjbXRxbpU3NP7PDxDJcSh
q9YrrbF6Nma/LswbRGxZDk1wnze0r9Ger2j/irqzH1dscYsCYFmY5wYX2JhxYq4t
CxdkV3WcbJ2QfhHmxoPbO1trz4lpfdyS3aG32RquIXVFfLG/gsSkD0m9j3l+UuG8
SatydhlezVfBKiMyIYEtZWbCf6Hm/rgAeLTSmMaqVAVkbwisdr6Kn3h1VGRlSxOO
8dPwwf0mu+zB+tydbpEPzIhpJJYEPtUoWYy6FhPJbCDj7IWDaMDjymCcaikPz88Q
dHqn9gVTC0K5oI7nBJFAaryAu3p+h6QSQuBMSXHSJZ2GHNvRt7qduH/r+XfuIJcZ
3wnQ5vKbUSXDaDmnCWaG/UjXV1C60lyDDn6fh9AjxdvuqfmSur3DdunUCyupwtg2
51RPc3JxCSYPiop8NG1MYhO7qv5Z6R1NJg1VH9KwVPUVlB8K2KdE3RAmhzL6xC27
RkYHI4yLEN2CwThBG/kRmvc4MBAHTc7dY/fm/XZrsLhDzLIAGawKtOVaubNRID9Q
m8GmyGMNyjhEpdra79aL9NUeNcZEyD12bJG/5OlFdl4nbeqCjVV+gok9ELNo3UIM
g6mb2mPG/EiMgk0imKbVqjdmnlUKK5Wk3609NGEXPUmtN4pWvPgQPC0W8XQUg6dI
NTZ/d7Lu23tw2t7lSoTj
=2CfF
-----END PGP SIGNATURE-----
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes

[Daniel Iliev]

On Wed, 25 Jun 2008 22:30:25 -0400
Chris Walters <cjw2004d@comcast.net> wrote:


> | The following works here:
> |
> | 1) ebuild `equery w loop-aes` unpack
> |
> | 2) cd $PORTDIR/sys-fs/loop-aes-<version>/work/loop-AES-<version>/
> |
> | 3) make EXTRA_CIPHERS=y
> |
> | 4) cd ../../
> |
> | 5) touch .compiled
> |
> | 6) cd
> |
> | 7) ebuild `equery w loop-aes` merge
> |
> |
> | (I actually stopped only up to step 3, but it finished w/o error)
> |
> |
> | Since you said something about lack of documentation about loop-aes,
> | have you already found this?
> |
> | http://loop-aes.sourceforge.net/loop-AES.README
> |
> |
> | NOTE: "In order to support AES and other ciphers, mount, umount,
> | losetup, swapon and swapoff need to be patched and
> | recompiled."
> |
> | There's a hope - Gentoo may provide a patched version of util-linux.
> | In case those tools are not already patched I wouldn't go that far
> | on a system which is not especially dedicated for this encryption
> | test of yours.
> 
> Thanks for this.  I will give it a try, when I get a chance. 


Sorry, from your reply I saw there's an error in my message:

Step 2 should read: "$PORTAGE_TMPDIR/portage" instead of "$PORTDIR"

Anyways you'll see the correct directory for your system from the output
of "ebuild unpack". My apologies and good luck.


-- 
Best regards,
Daniel
-- 
gentoo-user@lists.gentoo.org mailing list

[gentoo-user] loop-aes + extra-ciphers...

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Thanks to all who replied to my previous question.  This question is related.
Has anyone gotten the 'extra-ciphers' (you can get them from the loop-aes site)
to compile with the loop-aes kernel patch in place?  If so, could you give me a
hint on how to do this?

Also, someone said that it was possible to encrypt using multiple passphrases
using dm-crypt.  To be clear are we talking about the same type of multiple
passphrases that can be used with AES and Serpent with loop-aes?  In other
words, you set up a number pg passphrases (64 or 65), and the first block uses
the first passphrase, the second block uses the second one, etc.  The 65th
passpharse is added to the hash of the encryption passphrase.  Also (as if that
weren't enough), is it possible to encrypt the passphrases  or keys in dm-crypt
with gnupg, like it is with loop-aes?  If so, please give examples.

Regards,
Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIYatgAAoJEIAhA8M9p9DAcpkQAIwEuT/aVkYSSEXhoYgE0nMb
I4A/F4eyd/vUi7/uxgKjcB/zpepgpuidzBU+K3skKiEl8ktWqPmWdFrEYg0h2Wbj
NfTrPDpCycKfHv3ikIRF492PhFmIGf8JbmRGRNr9q93suITVpXdOE0mfqZp90dwR
c3yo/2rKPM4/uRSt3WzL1UutblBaaA7Z7PpuzrYfB3QFrCZWgCPmW8bdqohWibpv
kY9N15O2dsB9Fm0c1De/teWoF6tVLEsCFOKLS8tDuwAMnabFWV4AveTMjk3xxOgx
hjO3MbwSTBpjICX+xXOUItvqRI9hfh/bY5BWyxx3iTxY0HnonAiWcyXXaJpnqxUf
0FfbGKO8NVvDiFfCuvfXg7tYLM84yYrZtYIqk9WhjxzSGtZVoBRXlDO3VbsPyTf7
Im34qLzqlqLMpLYUh2w22yhAKo/Um2OEiC1/52HyZX5nPgxxMDbefOe0/Bb/Ua82
OW/TqFymuTvcq3QTUOeKCLnk1PEB6iHjDzUb24Sbhr/5y+WFTblLipCECwJENFD4
iRhUpeIOSr9wiOrrErQat8O7N30+NLLaTIYrMI21QgNlEPEfFIvFxLEP+PnMPRzY
V9UjhYyBxBZyTVPEDjMvUPrTFJdgGFyw1kEnlu6znbSrtMMtH0+95bmOdJvCg1fH
Fx0XyMbEsWMm8GpbjU0H
=PrSp
-----END PGP SIGNATURE-----
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Dirk Heinrichs]

[-- Attachment #1: Type: text/plain, Size: 819 bytes --]

Am Mittwoch, 25. Juni 2008 schrieb ext Chris Walters:

> Also, someone said that it was possible to encrypt using multiple
> passphrases using dm-crypt.

That was me. To be correct: I wrote that with LUKS (which is based on 
dm-crypt) it is possible to use multiple keys (a key may be a passphrase or 
a keyfile on disk). LUKS does this by rserving the first block of an 
encrypted volume for meta data. Again: see http://luks.endorphin.org for 
the details.

Bye...

	Dirk
-- 
Dirk Heinrichs          | Tel:  +49 (0)162 234 3408
Configuration Manager   | Fax:  +49 (0)211 47068 111
Capgemini Deutschland   | Mail: dirk.heinrichs@capgemini.com
Wanheimerstraße 68      | Web:  http://www.capgemini.com
D-40468 Düsseldorf      | ICQ#: 110037733
GPG Public Key C2E467BB | Keyserver: wwwkeys.pgp.net

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] loop-aes + extra-ciphers...

[Daniel Iliev]

On Tue, 24 Jun 2008 22:20:20 -0400
Chris Walters <cjw2004d@comcast.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> Thanks to all who replied to my previous question.  This question is
> related. Has anyone gotten the 'extra-ciphers' (you can get them from
> the loop-aes site) to compile with the loop-aes kernel patch in
> place?  If so, could you give me a hint on how to do this?


Perhaps they appear as kernel modules? I'm just guessing.


> Also, someone said that it was possible to encrypt using multiple
> passphrases using dm-crypt.  To be clear are we talking about the
> same type of multiple passphrases that can be used with AES and
> Serpent with loop-aes?

Yes, you can have multiple passwords with dm-crypt-luks.


> In other words, you set up a number pg
> passphrases (64 or 65), and the first block uses the first
> passphrase, the second block uses the second one, etc.  The 65th
> passpharse is added to the hash of the encryption passphrase.


Never bothered to go so deep in the internals, but...

I had a busyness laptop with non-sensitive (in my opinion) data, but
the managers were quite paranoid about that, so I had to encrypt the
drives to save myself the administrative trouble in case it was stolen.
I followed the gentoo-wiki how-to [1] and found out that encrypting the
hdd visibly slowed down the system.

Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2],
etc) can break those algorithms relatively easy. On the other hand even
weaker algorithms can protect your data against laptop thieves.

What I'm saying is that it is pointless to get very crazy about strong
and heavy algorithms. After all if your enemies are not after your
hardware, but after your data, they could always physically force you
to reveal the password.


> Also (as if that weren't enough), is it possible to encrypt the
> passphrases  or keys in dm-crypt with gnupg, like it is with
> loop-aes?  If so, please give examples.
> 

Yes, you could do something like:

head /dev/urandom | gpg --symmetric -a > key.gpg
gpg --decrypt key.gpg | cryptsetup luksFormat /dev/some-block-device
gpg --decrypt key.gpg | cryptsetup luksOpen /dev/some-block-device


(The above commands are not correct, their sole purpose is to show the
idea)


[1] System Encryption DM-Crypt with LUKS: http://tinyurl.com/clrk6

[2] M.A.V.O.: http://tinyurl.com/4badqs ; http://tinyurl.com/4chhph :D



-- 
Best regards,
Daniel
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Daniel Iliev wrote:
| On Tue, 24 Jun 2008 22:20:20 -0400
| Chris Walters <cjw2004d@comcast.net> wrote:
[snip]
| Perhaps they appear as kernel modules? I'm just guessing.

I think that is how they are supposed to appear, but I can't seem to get them
to compile, and the instructions are not too helpful.

[snip]

| Yes, you can have multiple passwords with dm-crypt-luks.

That is good.
[snip

| Never bothered to go so deep in the internals, but...
|
| I had a busyness laptop with non-sensitive (in my opinion) data, but
| the managers were quite paranoid about that, so I had to encrypt the
| drives to save myself the administrative trouble in case it was stolen.
| I followed the gentoo-wiki how-to [1] and found out that encrypting the
| hdd visibly slowed down the system.
|
| Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2],
| etc) can break those algorithms relatively easy. On the other hand even
| weaker algorithms can protect your data against laptop thieves.

That's more than a rumor.  Another three letter agency (NSA) has networks of
supercomputers that can brute force a passphrase is little time.  I am majoring
in mathematics, and plan to specialize in cryptology.  I doubt they'd let me
publish an algorithm that is very hard to break...  It is not that I'm terribly
paranoid about people getting my data, I just want to make it a little harder.
Of course, it is always possible to insert code that will send the unencrypted
data, once you've logged on - not easy for the casual user, but for the guru,
an easy thing.

| What I'm saying is that it is pointless to get very crazy about strong
| and heavy algorithms. After all if your enemies are not after your
| hardware, but after your data, they could always physically force you
| to reveal the password.

Yes, I suppose that they could do that, using torture or something like that.

[snip]
| Yes, you could do something like:
|
| head /dev/urandom | gpg --symmetric -a > key.gpg
| gpg --decrypt key.gpg | cryptsetup luksFormat /dev/some-block-device
| gpg --decrypt key.gpg | cryptsetup luksOpen /dev/some-block-device
|
|
| (The above commands are not correct, their sole purpose is to show the
| idea)

Thanks for the ideas, and for the links.  I will be checking them out.

| [1] System Encryption DM-Crypt with LUKS: http://tinyurl.com/clrk6
|
| [2] M.A.V.O.: http://tinyurl.com/4badqs ; http://tinyurl.com/4chhph :D

Regards,
Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIYmDJAAoJEIAhA8M9p9DA0skQAOOPam7lkhP6q+8XstmaUX5s
O0zIyEHyIjxi6o2cln60UVXFzac89VvJ4fXYWgA9KcagedGsbWCljp/92Xynyqng
3lnZUWPZPkr0+M5khbO8EKMfEOlx4klWkbXX7kbyNWiSs1b9uWoJJqcb7fpU0mc8
6/Z/4v2EmkTCML1UHdNYaJkeJL7Tr0OxfK0gt9V8xadcZAyJQbF1YpZCqtlBEpdn
Fom/tSwgpNn8Lxj5KdbFuNimflDDs4MlOfIsPUTm95mxlTw79YvTg2zqKEzmEvFE
Zu3q9867JbStBLUzWJ/sB1WdTWmULm8q1N4tgGC/si02lTHHkpNoX9Sey2fw/w2x
CrGBqALNyl3Buh2jMZY4+ALEr+YKnKIZFEybQtKlj971vtrj9s6m6yQM0GUoy41g
zzjuIBarrr0NYwZI2rGSF/9aSoksD7GD8JIeLlDuJMpRowwsuU50IwR7cBZ2LfpX
heNoxLdUfCdzeXeKOtyoPJNIvDv1LxwuUvlcxXT9vbU/ufvznCzOXlpKyoOWuL29
+aKJVKtzM4wCX+suqJZqva3npyXQMWnk45MjhE7KNvFA8k/OfBZkdxJ9F187iJi1
UoVNeenYgwogC4Y5jXKXdPNdaiFfe+byrIAmdWZOFYhPMBKY5OXO/pVcgp6kfAMe
DJDh7m7neS1/8IPmfmG0
=SUZm
-----END PGP SIGNATURE-----
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Sebastian Wiesner]

[-- Attachment #1: Type: text/plain, Size: 1555 bytes --]

Chris Walters <cjw2004d@comcast.net> at Wednesday 25 June 2008, 17:14:20

> | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2],
> | etc) can break those algorithms relatively easy. On the other hand even
> | weaker algorithms can protect your data against laptop thieves.

You had better used the acronym FUD instead of the word "rumor".  US 
government itself has declared Rijndael 256 sufficient for classified 
information up to top secret.  This level of security is shared among all 
AES finalists like RC6 or Serpent.

> That's more than a rumor.  Another three letter agency (NSA) has networks
> of supercomputers that can brute force a passphrase is little time.

Bruteforcing a _passphrase_ is not the same as bruteforcing a key.  An both 
of these don't have nothing to do with the algorithm itself.  They are 
side-attacks ...  a weak passphrase is user idiocity, not a cipher 
weakness.

> It is not that I'm terribly paranoid about people getting my data, I just
> want to make it a little harder.

What's the point in making the impossible even harder?

> Of course, it is always possible to insert code that will send the
> unencrypted data, once you've logged on - not easy for the casual user,
> but for the guru, an easy thing. 

That's operating system security and has nothing to do with cryptology.  
Someone having only your hard disk can't inject a rootkit into the system.

-- 
Freedom is always the freedom of dissenters.
                                      (Rosa Luxemburg)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-user] loop-aes + extra-ciphers...

[Chris Walters]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Sebastian Wiesner wrote:
| Chris Walters <cjw2004d@comcast.net> at Wednesday 25 June 2008, 17:14:20
|
|> | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2],
|> | etc) can break those algorithms relatively easy. On the other hand even
|> | weaker algorithms can protect your data against laptop thieves.
|
| You had better used the acronym FUD instead of the word "rumor".  US
| government itself has declared Rijndael 256 sufficient for classified
| information up to top secret.  This level of security is shared among all
| AES finalists like RC6 or Serpent.
|
|> That's more than a rumor.  Another three letter agency (NSA) has networks
|> of supercomputers that can brute force a passphrase is little time.
|
| Bruteforcing a _passphrase_ is not the same as bruteforcing a key.  An both
| of these don't have nothing to do with the algorithm itself.  They are
| side-attacks ...  a weak passphrase is user idiocity, not a cipher
| weakness.
|
|> It is not that I'm terribly paranoid about people getting my data, I just
|> want to make it a little harder.
|
| What's the point in making the impossible even harder?
|
|> Of course, it is always possible to insert code that will send the
|> unencrypted data, once you've logged on - not easy for the casual user,
|> but for the guru, an easy thing.
|
| That's operating system security and has nothing to do with cryptology.
| Someone having only your hard disk can't inject a rootkit into the system.

Are you a cryptology expert?  By the way, nothing is impossible.  The only
thing that cryptography attempts to do is reduce the **probability** of
cracking the key and gaining access to the data as low as possible.

As for brute forcing a passphrase:  Since most implementations of AES
(Rijndael) use a hash of the passphrase to form the key, it amounts to the same
thing, in practice, as cracking the key.

Cryptology is, at least partly about finding the weakest link, because that is
what is likely to be attacked in any cryptosystem.  If the weakest link is
system security or a weak passphrase, then that weakness translates to a
weakness in anything encrypted in such an environment.

The US Government only keeps classified information on non-networked computers
in secure environments, so the cipher used does not matter as much as the other
security measures taken to ensure that the data does not fall into the wrong hands.

A final thought:  It is a fact that both the US Navy and the NSA are *very*
interested in cryptology and data security.  The NSA also does have large
networks of supercomputers that, using parallel, distributed or concurrent
computing principles can crack keys more quickly than you may think.

Regards,
Chris
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJIYqmqAAoJEIAhA8M9p9DAIo8P/A17VwmkVsscVgfFzpCVDQbw
69WHMmoUvn5GasVRiM2JUi2UeEDpzCuLNxYlQglFWhyvsbplV3aiJmtzVdbEitsK
hpf7Jt0wNvzi25Cye/j2DJlkGh7PTGRCkrMkoirgg+JTSFC21TzAnJZSUQH3Zhv8
Inb1C53jl8/RV1KTdPOX2W/hNo1VCPfpFnhxhad8fzj59pM1UwMVktwAQtO1JmOW
fQm3/mSbeLyr0L5ZKPlc5shao/QVZ7Zo9xTDU8PFrBCmmt93MODGdbaOY7IsCmsl
6vWfWi1suV1a9ptPpU9ohn7YZtHlEboRMb4/mHCsj46SsI9cOo1KVLpqfiQZxd1t
U1niZU8Cb67+cvEDcQ/q1eIGDMza01NR8UxtF66vHB8WrGKpLYs+ckHqJg9+hgF5
nUiY2RHeyNd3lh4vUWCY15Kh9OfK/LlL9IvGZV2Vpc066aa/EfC3AyiSSc+cMMx9
r4GQijL3wfKaDY9OUh6hJZcSZpBNTZezQ1sNZNMOm0TgDLGtJNMv5ltHjtZnxmbC
Fus0IRrQVYvXT8ADZW80Ic256RWtUvn73WjBevYswa2T/Oc3o/NWc2sMrxEg8FVs
a7nCa4ErSKIWRbMHTuTZLO3l6+XXjXm0sHk0qQ4JfFNkoV4gyMZq36HelAb2GsRu
7NJKaZIXlOCuNiYByLfp
=wp+F
-----END PGP SIGNATURE-----
-- 
gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] loop-aes + extra-ciphers...

[Sebastian Wiesner]

[-- Attachment #1: Type: text/plain, Size: 3569 bytes --]

Chris Walters <cjw2004d@comcast.net> at Wednesday 25 June 2008, 22:25:18
> Are you a cryptology expert?

Are you then?

> The only thing that cryptography attempts to do is reduce the 
> **probability** of cracking the key and gaining access to the data as low 
> as possible.  

No news.  That's, why cryptology defines "security" not as "being impossible 
to crack", but as "being sufficiently improbable to crack".  The only 
cipher, that can't be "brute-forced", is the OTP, which is 
considered "perfectly secure".

> As for brute forcing a passphrase:  Since most implementations of AES
> (Rijndael) use a hash of the passphrase to form the key, it amounts to
> the same thing, in practice, as cracking the key.

First of all, you can perform hard disk encryption _without_ a passphrase.  
You can store keyfiles on smart cards, usb sticks, etc.  In this case, you 
can generate a _truely random_ key. 

Using a passphrase is the most insecure approach, but still, with a 
sufficiently random passphrase, you can gain a level of security, that even 
the NSA will find difficult to come around.

The randomness of a 30-char passphrase does of course by far not match the 
randomness of a 256-bit key, so there is a real chance, that it can be 
guessed by brute force.  Still it will take much cpu time, which is not 
endless, even to the NSA.  

In such a case, the question is, if the data, you ciphered, is really worth 
the effort of putting a super computer into work for a long time to try any 
possible passphrase.

> Cryptology is, at least partly about finding the weakest link, because
> that is what is likely to be attacked in any cryptosystem.

Of course, absolutely true.  Hard disk encryption is by far not perfect, 
just look at the cold boot attacks that gained public interest in the last 
time.  But you didn't talk of _cryptosystems_ in your previous posts, you 
did talk about _algorithms_.  

Summarizing, the modern ciphers themselves are secure, as there is mostly no 
way to crack them save a brute-force attack on the key.  On the other hand, 
cryptosystems built around these algorithms can of course contain 
weaknesses and holes, like weak passphrases, unsecure key storage, etc.

> The US Government only keeps classified information on non-networked
> computers in secure environments, so the cipher used does not matter as
> much as the other security measures taken to ensure that the data does
> not fall into the wrong hands.

May be.  I do not know, which restrictions apply to US classified data, I 
only know about official statements, the US government made towards the 
security of AES.

> A final thought:  It is a fact that both the US Navy and the NSA are
> *very* interested in cryptology and data security.  The NSA also does
> have large networks of supercomputers that, using parallel, distributed
> or concurrent computing principles can crack keys more quickly than you
> may think.

You can use simple mathematics to find out, that even the largest super 
computers, having one peta flop, needs millions of years to perform an 
exhaustive search through AES key space.  

Anyway, you may believe, what you want to believe, I'm just reflecting, what 
real experts like Bruce Schneier have been telling for years:  It's wrong 
to trust into simple ciphers, but it's equally wrong, to believe, that 
anything can be broken.

my 2 cents

-- 
Freedom is always the freedom of dissenters.
                                      (Rosa Luxemburg)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-user] loop-aes + extra-ciphers...

[Jason Rivard]

[-- Attachment #1: Type: text/plain, Size: 5075 bytes --]

On Wed, Jun 25, 2008 at 9:24 PM, Sebastian Wiesner <basti.wiesner@gmx.net>
wrote:

> Chris Walters <cjw2004d@comcast.net> at Wednesday 25 June 2008, 22:25:18
> > Are you a cryptology expert?
>
> Are you then?


  I doubt that either of you are cryptology experts. I've known a few, and I
am a crypto-expert, who has worked for the government of the US.

>
> > The only thing that cryptography attempts to do is reduce the
> > **probability** of cracking the key and gaining access to the data as low
> > as possible.
>
> No news.  That's, why cryptology defines "security" not as "being
> impossible
> to crack", but as "being sufficiently improbable to crack".  The only
> cipher, that can't be "brute-forced", is the OTP, which is
> considered "perfectly secure".


There is no such thing as perfectly secure, but a cipher algorithm that
would take *all* the computers on Earth a year or more to crack is pretty
secure.

>
> > As for brute forcing a passphrase:  Since most implementations of AES
> > (Rijndael) use a hash of the passphrase to form the key, it amounts to
> > the same thing, in practice, as cracking the key.
>
> First of all, you can perform hard disk encryption _without_ a passphrase.
> You can store keyfiles on smart cards, usb sticks, etc.  In this case, you
> can generate a _truely random_ key.
>
> Using a passphrase is the most insecure approach, but still, with a
> sufficiently random passphrase, you can gain a level of security, that even
> the NSA will find difficult to come around.
>
> The randomness of a 30-char passphrase does of course by far not match the
> randomness of a 256-bit key, so there is a real chance, that it can be
> guessed by brute force.  Still it will take much cpu time, which is not
> endless, even to the NSA.


I don't think I can really comment on this, except to say that smart cards
and usb thumb drives are the way to go for security. As long as you can keep
control of the device.

>
> In such a case, the question is, if the data, you ciphered, is really worth
> the effort of putting a super computer into work for a long time to try any
> possible passphrase.


Mr. Walters' claim is not that they would put a single super-computer to
decrypting it, but a "network of supercomputers". I truly don't think you
have to worry about that occurring, unless you are deemed a danger to US
National Security. Even then, AES is very hard to crack. The major weakness
is the person who encrypts the data. Under questioning, most will give up
their keys.

>
> > Cryptology is, at least partly about finding the weakest link, because
> > that is what is likely to be attacked in any cryptosystem.
>
> Of course, absolutely true.  Hard disk encryption is by far not perfect,
> just look at the cold boot attacks that gained public interest in the last
> time.  But you didn't talk of _cryptosystems_ in your previous posts, you
> did talk about _algorithms_.


By themselves algorithms are relatively useless. It is only the application
of those algorithms that make them useful. In this case, Mr. Walters pointed
out how *NOT* to apply cipher algorithms. Some of the ways, anyway.

>
> Summarizing, the modern ciphers themselves are secure, as there is mostly
> no
> way to crack them save a brute-force attack on the key.  On the other hand,
> cryptosystems built around these algorithms can of course contain
> weaknesses and holes, like weak passphrases, unsecure key storage, etc.
>
> > The US Government only keeps classified information on non-networked
> > computers in secure environments, so the cipher used does not matter as
> > much as the other security measures taken to ensure that the data does
> > not fall into the wrong hands.
>
> May be.  I do not know, which restrictions apply to US classified data, I
> only know about official statements, the US government made towards the
> security of AES.


I can neither confirm nor deny Mr. Walters' statement. I will state that the
United States Government does, in fact, use ciphers to communicate with
Embassies, Military Camps and Bases abroad, and Naval vessels. That hardly
fits Mr. Walters' statement.

>
> > A final thought:  It is a fact that both the US Navy and the NSA are
> > *very* interested in cryptology and data security.  The NSA also does
> > have large networks of supercomputers that, using parallel, distributed
> > or concurrent computing principles can crack keys more quickly than you
> > may think.
>
> You can use simple mathematics to find out, that even the largest super
> computers, having one peta flop, needs millions of years to perform an
> exhaustive search through AES key space.
>
> Anyway, you may believe, what you want to believe, I'm just reflecting,
> what
> real experts like Bruce Schneier have been telling for years:  It's wrong
> to trust into simple ciphers, but it's equally wrong, to believe, that
> anything can be broken.


It is equally wrong to believe that any cipher is immune to attack, but it
is not nearly as easy as Mr. Walters would have you believe.

>
>
> my 2 cents
>

My nickel... Jase

[-- Attachment #2: Type: text/html, Size: 6872 bytes --]

Re: [gentoo-user] loop-aes + extra-ciphers...

[Sebastian Wiesner]

[-- Attachment #1: Type: text/plain, Size: 3317 bytes --]

"Jason Rivard" <jase.rivard@gmail.com> at Wednesday 25 June 2008, 23:53:23
> > > The only thing that cryptography attempts to do is reduce the
> > > **probability** of cracking the key and gaining access to the data as
> > > low as possible.
> >
> > No news.  That's, why cryptology defines "security" not as "being
> > impossible
> > to crack", but as "being sufficiently improbable to crack".  The only
> > cipher, that can't be "brute-forced", is the OTP, which is
> > considered "perfectly secure".
>
> There is no such thing as perfectly secure,

A OTP cannot be broken using brute force, so the term "perfectly secure" 
fits here, imho, at least a bit ;)

> > In such a case, the question is, if the data, you ciphered, is really
> > worth the effort of putting a super computer into work for a long time
> > to try any possible passphrase.
>
> Mr. Walters' claim is not that they would put a single super-computer to
> decrypting it, but a "network of supercomputers".

Does that difference really matter for ciphers like AES or at least for 
brute-force attacks on random 256-bit keys?

> I truly don't think you 
> have to worry about that occurring, unless you are deemed a danger to US
> National Security. Even then, AES is very hard to crack. The major
> weakness is the person who encrypts the data. Under questioning, most
> will give up their keys.
>
> > > Cryptology is, at least partly about finding the weakest link,
> > > because that is what is likely to be attacked in any cryptosystem.
> >
> > Of course, absolutely true.  Hard disk encryption is by far not
> > perfect, just look at the cold boot attacks that gained public interest
> > in the last time.  But you didn't talk of _cryptosystems_ in your
> > previous posts, you did talk about _algorithms_.
>
> By themselves algorithms are relatively useless. It is only the
> application of those algorithms that make them useful.

Still, there is a difference between the algorithm as such and a 
cryptosystem applying this algorithm.

Btw, apart from general stuff like weak passphrases, that apply to most 
cryptosystems, really bad leaks often came from weak algorithms.  Consider 
WEP. 

> > > A final thought:  It is a fact that both the US Navy and the NSA are
> > > *very* interested in cryptology and data security.  The NSA also does
> > > have large networks of supercomputers that, using parallel,
> > > distributed or concurrent computing principles can crack keys more
> > > quickly than you may think.
> >
> > You can use simple mathematics to find out, that even the largest super
> > computers, having one peta flop, needs millions of years to perform an
> > exhaustive search through AES key space.
> >
> > Anyway, you may believe, what you want to believe, I'm just reflecting,
> > what
> > real experts like Bruce Schneier have been telling for years:  It's
> > wrong to trust into simple ciphers, but it's equally wrong, to believe,
> > that anything can be broken.
>
> It is equally wrong to believe that any cipher is immune to attack

I don't and I did not say so, things like the Debian disaster bring you back 
to reality from dreams ...

-- 
Freedom is always the freedom of dissenters.
                                      (Rosa Luxemburg)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 197 bytes --]