Silent Circle moving away form nist ciphers like AES after NSA revelations

Discussion in 'privacy technology' started by tuatara, Aug 20, 2014.

Thread Status:
Not open for further replies.
  1. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
  2. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Some of us have been making that recommendation for a long time.
     
  3. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    Yes i was one of them, https://www.wilderssecurity.com/threads/polymorphic-cipher.321583/ but we were before our time. In those days it was already obvious that the forces to get everybody on AES ONLY were extremely strong. Even in this forum. Not one recommendation or product was adviced with a encryption cipher developed in this millenium. :)
     
  4. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    It was and still is very clear that it is almost impossible to get a product with a new cipher on the market, products were considered bad before analysed. The Polymorph encryption had the same problems in those days. But the same with many others.
    Even cascade encryption was dangerous.
    Many developers complained about this. But ... "The NSA could not break AES, nor get their passwords".
    So they were only working on Cryptic crosswords there i assume :)
    In the meantime it became clear fast, that every security weakness you make , or keep intact, for your own benefit,
    can and will be exploited by others against you. Many important documents and data is stolen is fallen in the hands of the wrong parties or countries because of weak security/weak encryption in hard and software.
     
    Last edited: Aug 20, 2014
  5. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    Can users do a quick back of the napkin top5 of what to use or not then?
    and they need to be available in truecrypt and other popular software.

    1) blowfish
    5) AES

    Sadly that is all i know apart from avoiding AES ever since the US government wanted us to use the clipper chip and its weak encryption years ago I got a little paranoid.
     
  6. blainefry

    blainefry Registered Member

    Joined:
    Jan 25, 2014
    Posts:
    165
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Definitely. Was just looking at a few threads from 2012 where both of us tried to make that point. Every time the subject comes up, "experts" come out of the woodwork recommending AES, some of which post about nothing else.
     
Loading...
Thread Status:
Not open for further replies.