Post on Encryption software

Hi!

I am a very BIG fan of encryption software ,and my favorite for container encryption is TrueCrypt .org But apart from PGP which i use also for files whats as good as pgp for files thats freeware (pref open source) and whats a good text encryptor?

I prefer to use algorithms - TWOFISH, SERPENT - those only. I do not trust the "standard" and i researched the algos extensively and why what was chosen to be the new AES and why what was not chosen. Serpent is the best and Twofish has the benefit of speed and security level better than AES. I am not interested in programs that use AES exclusively but if i am forced i will use blowfish although i would rather not.


WG

[TNT]

Quote:

Originally Posted by TECHWG

Hi!

I am a very BIG fan of encryption software ,and my favorite for container encryption is TrueCrypt .org But apart from PGP which i use also for files whats as good as pgp for files thats freeware (pref open source) and whats a good text encryptor?

I'm not sure of the question here, are you looking for an open source PGP replacement or for a good symmetric file encryption program? If you're looking for a PGP replacement, you can get GnuPG which is exactly that. It has no graphical interface, but that can be added through WinPT which is also open source. If you're looking for file encryption, I currenly use TrueCrypt too and I see no reason why you should switch.

i guess i will stay with what i have already then

Thanks anyway

[lotuseclat79]

Quote:

Originally Posted by TECHWG

Hi!

I am a very BIG fan of encryption software ,and my favorite for container encryption is TrueCrypt .org But apart from PGP which i use also for files whats as good as pgp for files thats freeware (pref open source) and whats a good text encryptor?

I prefer to use algorithms - TWOFISH, SERPENT - those only. I do not trust the "standard" and i researched the algos extensively and why what was chosen to be the new AES and why what was not chosen. Serpent is the best and Twofish has the benefit of speed and security level better than AES. I am not interested in programs that use AES exclusively but if i am forced i will use blowfish although i would rather not.


WG

Hi TECHWG,

Care to share on why you would rather not use Blowfish?

-- Tom

i have just read somethings that suggest its not "as" secure as other algorithms, but the one algorim thats new i will never trust is AES or rijndael or what ever its name is. anything i read about it suggests A) its already been cracked and B) it has weakness's that can be exploited

I have read that an animal rights activist group was arrested for illegal sabotage or something and their hdd was cracked in less than a week (they used AES +strong passphrase)

Umm it said you were the last one to post yet i was . . .? weirrd anyway this post will tell you i posted again after you.

Advanced Encryption Standard (AES), also known as Rijndael

http://en.wikipedia.org/wiki/Rijndael

Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard contest, where it came second to Rijndael.

http://en.wikipedia.org/wiki/Serpent...tion_algorithm

On most software platforms Twofish is slightly slower than Rijndael (the chosen algorithm for AES) for 128-bit keys, but somewhat faster for 256-bit keys.

http://en.wikipedia.org/wiki/Twofish

The wiki lists a lot of other encryption methods also.


StevieO

[securityx]

Quote:

Originally Posted by TECHWG

i have just read somethings that suggest its not "as" secure as other algorithms, but the one algorim thats new i will never trust is AES or rijndael or what ever its name is. anything i read about it suggests A) its already been cracked and B) it has weakness's that can be exploited

I have read that an animal rights activist group was arrested for illegal sabotage or something and their hdd was cracked in less than a week (they used AES +strong passphrase)

I follow this stuff very closely. I can tell you with complete certainty that Rijndael (AES) has never been cracked when used properly. Yes, I read a year or two ago that a Greenpeace related group had information used against them that was taken from encrypted files. They were using dictionary words in their password. It doesn't matter how secure your encryption algorithm is if the user does something dumb like this group did.

As for weaknesses, there is a theoretical algebraic attack (discovered 4 years ago) that is so far removed from practicality that it is of no concern whatsoever.

AES is safe and secure. To suggest otherwise, without some serious research and proof of any kind, is irresponsible in a forum like this. If you had the proof, trust me, you would be on the front page of the New York Times tomorrow morning.

[lotuseclat79]

Quote:

Originally Posted by TECHWG

i have just read somethings that suggest its not "as" secure as other algorithms, but the one algorim thats new i will never trust is AES or rijndael or what ever its name is. anything i read about it suggests A) its already been cracked and B) it has weakness's that can be exploited

I have read that an animal rights activist group was arrested for illegal sabotage or something and their hdd was cracked in less than a week (they used AES +strong passphrase)

Hi TECHWG,

The algorithms available in TrueCrypt are:
Encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent (256-bit key), Triple DES, and Twofish (256-bit key). Supports cascading (e.g., AES-Twofish-Serpent).

I fail to see how Blowfish could be less secure than Twofish. From the statement above it appears that Twofish and AES-256 are about equivalent.

Anyone care to elaborate?

-- Tom

Securityx is right on the mark. AES is good and secure.