Encryption Algorithms

Discussion in 'privacy technology' started by FluxGFX, Feb 7, 2003.

Thread Status:
Not open for further replies.
  1. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Encryption algorithms
    CAST. CAST is a 128-bit block cipher. It is a strong, military-grade encryption algorithm, which has a solid reputation for its ability to withstand unauthorized access.

    AES. The new AES (Advanced Encryption Standard) is Rijndael, a block cipher designed by Joan Daemen and Vincent Rijmen. It was chosen by NIST because it is considered to be both faster and smaller than its competitors. The key size and block size can be 128-bit, 192-bit, or 256-bit in size and either can be increased by increments of 32 bits.

    IDEA. IDEA is the algorithm used for all RSA Legacy keys generated by PGP.

    Triple-DES. Triple-DES is a U.S. Government algorithm that has withstood the test of time. It?s an encryption configuration in which the DES algorithm is used three times with three different keys.

    Twofish. Twofish is a new 256-bit block cipher, symmetric algorithm created by Bruce Schneier. Twofish is one of five algorithms that the U.S. National Institute of Standards and Technology (NIST) is considering as a replacement for the current Advanced Encryption Standard (AES).

    Blowfish is a symmetric block cipher that can be used as a drop-in replacement for DES or IDEA. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for both domestic and exportable use. Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. Since then it has been analyzed considerably, and it is slowly gaining acceptance as a strong encryption algorithm. Blowfish is unpatented and license-free, and is available free for all uses.

    DES is a block cipher - i.e. it acts on a fixed-length block of plaintext and converts it into a block of ciphertext of the same size by using the secret key. In DES, the block size for plaintext is 64 bits. The length of the key is also 64 bits but 8 bits are used for parity. Hence the effective key length is only 56 bits. In 3DES, we apply 3 stages of DES with a seperate key for each stage. So the key length in 3DES is 168 bits.
            Decryption is done by applying the reverse transformation to the block of ciphertext using the same key. Since the same key is used both in encryption and decryption, DES is a symmetric key cipher. This method differs from algorithms like the RSA encryption which use different keys to encrypt and decrypt a message.

    Now what I'm wondering is what would be the best encryption method wich would give ANY KIND of Agency like CIA, NSA, MS5, NAD, etc.. a really f* pain in the AS*
     
  2. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    Probably none of the above if such a three letter agency truly wanted to read your text. Say for instance you received an encoded transmission from that bin laden bozo, my money says they will get what they want.

    Point is, we don't know their capabilities because that info isn't shared with people outside of those agencies. Even if they told us, it is unlikely that the info would be the whole truth. So just insert the latest conspiracy theory here.

    Beyond all that, most of the stated algorithms are probably OK since it is unlikely any three letter agency will ever have an interest in you. Well lets hope anyway
     
  3. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Good point.

    But has for three letters agencies well we won't go their might lead to unwated information ;)

    But thought of using multiple algorithms.... with various bit size and various way of encryption and method would cause for a little pain in arses...
     
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Well, just make sure that however you encrypt it, you remember how to decrypt it, otherwise, it is you that will have the pain... And your data will end up being as useful as if it was stored in WOM (Write-Only Memory). ;)
     
  5. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    yes indeed. Even I can write a truly uncrackable encryption algorithm if you don't need the file decrypted again. I call it "16 X secure file wipe"
     
  6. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Interesting LOL..... but no, I don't want the file to be wiped ;) thought several layers of encryption with various algorithm with different size.... could be an idea ? no ?
     
  7. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    Several different layers would help if:

    1) they can beat the first layer in an acceptable amount of time

    2) They can't beat them all in an acceptable amount of time

    3) They have ready made decryption algorithms for some but not all the encryption algorithms you used.

    It wouldn't help if:

    1) they have ready made decryption algorithms for all the different ones you used

    2) they can't beat the first one anyway

    3) they just beat you into giving them up.

    4) they pass new legislation denying you the right to your privacy as it pertains to you using encryption.

    5) they hack your pathetically insecure windows box and steal all your passwords that are in memory from the last time you decrypted something and then assume you identity while you rot in a cell at some unmarked military installation. Have a nice day ;)
     
  8. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Hey,

    That's hilarious !

    OMG ;)

    Getting into my PC.... not really ;) anyhow ;) but several different layers of encryption with various algorithm would be an idea ;)
     
  9. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    I think it is overkill.

    It is more likely to waste your own time than anything. If you are using MS windows, you aren't going to last long against such an opponent.

    Some times it pays to know when you are out of your league ;) Ever heard the expression "If you have to ask you can't afford it"? Well that kinda apllies here. If you need to ask what encryption algorythms to use and in what combination, chances are you lack the extensive skills required to repell heavily funded agencies. Frankly I would be surprised (to say the least) if many here could.. Billion dollar intentions are not easily denied. I am not saying it can't be done, but it probably would require a little more knowledge than most of us here have. Changing OSes is probably necessary as well. I'd rather try to defend a stripped down *nix machine than XP.

    I don't mean to insult your abilities FluxGFX, what I have said applies to myself included. I am learning how to code basic encoding algorithms and the mathematical number theory behind them but my ability at this point is infantile compared to the RSA for instance. This is not likely to change any time soon.

    I recommend some acedemic research into the area, to see how mathematically complicated this stuff was 50 years ago, and to try to understand how far this has evolved. Truly daunting. There in an old tomb in my university's library on cryptology, the math primer at the beginning is beyond me at this point but by next spring I should be ready to start in earnest.
     
  10. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Hey.

    Oh you haven't insulted my in anyway ;) don't worry I can take a good slap on the wrist when I have a huge babling mouth ;)

    Of course at one point or not this agencies will brake it. Just trying to figure out what combo of encryptions and various bit size in lenght...... in other words I'm amusing my self ;)
     
  11. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    The algorithm isn't as important as the program deploying that algorithm and your ability to use it correctly.

    Unicron is correct, I believe at the HIGHEST levels of the government your encryption may possible do you no good. And that's not a given - it's just --- as he said --- we don't know. But for routine FBI criminal cases (as an example) they simply cannot crack an encrypted file using a strong encryption algorithm, with a strong key, and hashed correctly. Most well-known encryption programs (employing strong encryption) pass this test. But, the end-user is the weakest link with the passphrase.

    Unlike Unicron, who is a big Linux user :) (I'm trying), I think there are plenty of programs for the Windows platform that would provide encryption that (for all practical purposes) are uncrackable with known technology today. That is why we went through the whole Clipper Chip fight in the early nineties. As for criminal prosecutions and the need to get into an encrypted file, the user usually claims to not remember it or pleads the fifth amendment, which protects those in the USA anyway from having to "cough it up." Many an encrypted file sits on FBI computers without a way to crack it. Passwords in memory is not a problem for programs that eliminate that as an issue, plan to spend fifty to one hundred dollars for a truly secure program.

    Good luck!

    John
    Luv2BSecure
     
  12. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Ummm good point,

    Can you point out good programs on Linux & Windows enviroment that would do a badass job ?
     
  13. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
Loading...
Thread Status:
Not open for further replies.