unformed 0 #26 October 11, 2004 I am a programmer. I've studied cryptography. I have a good idea of what I'm talking about. 1) You can not crack 128-bit key in 45 seconds with today's technology unless you have a massive number of machines. I do believe that the NSA is about ten years ahead of everybody else, but being able to crack 128 bit encryption in 45 seconds is a ridiculous claim. If it was that simple, why would the goverment even care if you used it? 2) It is absolutely impossible to monitor 75% of the internet. With the amount of traffic going through, it is impossible and not practical. Monitoring email could be possible, but the costs for monitoring all mail would be way too high. If they were to monitor anything, they would have a program which watches for certain words on the mail server as it comes in, and, if needed, flag the mail and put it aside for an agent to later review. Claiming that the government has the capability to monitor even half of the traffic on the internet and they are able to break 128-bit encryption in 45 seconds is a ridiculous claim ... I do believe that if they could do it, however, they would be.This ad space for sale. Quote Share this post Link to post Share on other sites
unformed 0 #27 October 11, 2004 Quote Never say it isn't possible...Hell, 512-bit RSA was broken in one week back in 99 with a Cray that wasn't that impressive considering what's available today. Linky Technology has gotten considerably faster since then. Jesus, did you even read the link you put up? In the comments there's another link to: ftp://ftp.cwi.nl/pub/herman/NFSrecords/RSA-155 A 512-bit key was cracked, but it did NOT take one week with a Cray. QuoteSieving was done on about 160 175-400 MHz SGI and Sun workstations, on 8 300 MHz SGI Origin 2000 processors, on about 120 300-450 MHz Pentium II PCs, and on 4 500 MHz Digital/Compaq boxes. The total amount of CPU-time spent on sieving was 35.7 CPU years estimated to be equivalent to approximately 8000 mips years. Calendar time for sieving was 3 1/2 months.This ad space for sale. Quote Share this post Link to post Share on other sites
PhreeZone 15 #28 October 11, 2004 AES is very different then 3DES, Blowfish or SlipJack. Using hash methods can greatly reduce the cycle time. Knowing the cyprto math behind a method can also help you in determining the keys. 3DES for instance can be extremely weak if all 3 keys turn out to be the same. Using things like variable length keys helps this because all 3 can not be the same, but shorter keys are easier to crack. Thats one of the benifits of Blowfish, anything between 32 and 448 bits can be the key. AES is much, much harder to crack, but DES, 3DES, and various other methods are fairly easy if you understand cryptographic math and have lots of $ to throw at it. I got lost at a 6 bit cypher, but I imagine just more knowledge about math would help there. There is also the issue of not even needing to crack anything if you already have everyones keys. Cracking a crypto system is not a matter of brute force. It's a matter of looking for mathematical patterns, bits of predictability where there should'nt be one, memory sniffing, or even knowing an unknown weakness in the product that you don't tell anyone about.Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites