From: Wol <antlists@youngman.org.uk>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.
Date: Sat, 23 Sep 2023 15:00:12 +0100 [thread overview]
Message-ID: <e1179588-5b99-4eb1-be59-3de4a6f6595d@youngman.org.uk> (raw)
In-Reply-To: <a22521e4-b504-2d92-2e1d-1b77063f081f@gmail.com>
On 23/09/2023 14:35, Dale wrote:
> Another question. Are people trying to work on better encryption given
> current encryption can be cracked? I read some things changed after
> Snowden. I'm just not sure what and if more changes are needed even
> today.
> If you wanted the most secure and hard to crack encryption, what
> would you use? How does one tell cryptsetup to use it? I have several
> encryption options here but no idea what is the best or even just good.
If you want encryption that can't be cracked, go for RSA. It's uncrackable.
Now you might be wondering why I say that, given that is a simple,
well-known attack, but it's true. You can trick me into encoding as much
plain text as you like, where you can intercept the cipher text, and you
will not be able to crack the cipher itself. What you need to do is get
hold of ONE of my key-pairs. The public one of course is usually freely
available, and if you get hold of the private one it's game over.
You can then mathematically solve "the puzzle of the keys" from my
public pair and recover the private key. This is why RSA keys keep
getting bigger - it takes more and more brute force to solve.
I don't know enough about ECC - do you crack it or solve it?
Both these ciphers however have a massive weakness - make a mistake
setting them up and the solution becomes easy. RSA relies on multiplying
two huge primes together. Dunno what ECC relies on. If one of your RSA
primes is not, in fact, prime then factoring the huge product becomes
easy, and recovering all the keys built from it is simple.
ECC specifies various parameters, and the official standard ECC
parameters were discovered to contain a flaw. Was that an intentional
back door? It's thought it was an accident.
But I think cryptographers have abandoned crackable ciphers now - if
it's crackable then it's easily crackable. And all other ciphers simply
rely on the asymmetric effort taken to create a key or solve a key.
Cheers,
Wol
next prev parent reply other threads:[~2023-09-23 14:00 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-19 5:36 [gentoo-user] Password questions, looking for opinions. cryptsetup question too Dale
2023-09-19 8:26 ` Michael
2023-09-19 9:10 ` Jude DaShiell
2023-09-20 2:41 ` Dale
2023-09-20 2:59 ` [gentoo-user] " Grant Edwards
2023-09-20 4:49 ` Dale
2023-09-20 20:22 ` Frank Steinmetzger
2023-09-20 20:51 ` Rich Freeman
2023-09-20 21:56 ` Frank Steinmetzger
2023-09-20 6:47 ` [gentoo-user] " hitachi303
2023-09-23 10:57 ` Wols Lists
2023-09-19 10:00 ` Rich Freeman
2023-09-19 11:13 ` Dale
2023-09-19 11:47 ` Michael
2023-09-19 13:30 ` hitachi303
2023-09-20 2:52 ` Dale
2023-09-20 4:19 ` Dale
2023-09-20 12:28 ` Michael
2023-09-20 18:05 ` Frank Steinmetzger
2023-09-23 12:39 ` Wols Lists
2023-09-23 13:35 ` Dale
2023-09-23 14:00 ` Wol [this message]
2023-09-23 15:05 ` Dale
2023-09-23 16:08 ` Rich Freeman
2023-09-19 9:03 ` hitachi303
2023-09-19 9:13 ` Dale
2023-09-23 12:47 ` Wols Lists
2023-09-23 13:42 ` Dale
2023-09-23 15:44 ` Håkon Alstadheim
2023-09-19 9:16 ` Jude DaShiell
2023-09-19 11:22 ` Dale
2023-09-20 16:18 ` Hoël Bézier
2023-09-20 16:39 ` Jack
2023-09-20 17:54 ` Jude DaShiell
2023-09-27 9:43 ` [gentoo-user] " Nikos Chantziaras
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e1179588-5b99-4eb1-be59-3de4a6f6595d@youngman.org.uk \
--to=antlists@youngman.org.uk \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox