Dream on, Greenwald.

it will take Time and Assets to do so, thus the NSA will have to focus on important targets, rather than wasting Time with Bulk Collection.

Now, had he said "It will take them a long time to break....", he'd not have been talking out of a suboptimal orifice.

But he said what he said.

I mean, just forcing your way through the keyspace isn't really "breaking" the cipher (for one thing, you never really "know" you've done it if that's all you're doing); breaking it is about finding bit correlations, which (thanks to the NSA, ironically enough) we have ciphers that are impervious to.

I think most people get the point. Sometimes it's better not to be so smart.

And there is reason to think the NSA has some hardware that can do this.

They have had three tries to get out in front of it, but instead, failed miserably by being shown as telling untruths to the American people.

Considering that there is no possibility it could be cracked in his lifetime or even his great-great-great-great-great-great-grandson's life, it's a pretty safe bet that GG said it "can't" be broken, rather than for it to take a very long time to break.

in my lifetime computers have gone from room size to palm size...

Just sayin'

The Sun will go nova before that happens.

processing speeds have dramatically increased in the years (since the mid 80's) that I have been on computers and the Internet. You cannot even fathom what even 20 yrs of technology will bring.

That means that we'll have another 13 or so periods where potential processing power will double (240 months/18 months). That means that potential processing power will be about 8192 times greater than it is today. All that means is that AES 256 could potentially be cracked within a few millenia rather than a few million years using some of the best technology of the day. Using conventional computing methods, we are extremely far away from breaking AES 256. Now, if we see some breakthroughs in Quantum Computing in the next few decades, machines like that might come quite a bit closer.

you cannot even grok what it will be and Moore's Law is no judge. Just ask the folks that sold the framework for Windows to Bill Gates. Who could have guessed?

Moore's Law has recently been proven to be too optimistic, processors haven't been keeping pace. Again, barring some massive quantum leap in processing power (such as large scale quantum computing), AES 256 won't be crackable for a very long time. As it stands, no one needs to worry about the NSA accessing their documents if they're encrypted using AES 256.

Remember I told you so!

I doubt any of us will be on this message board when it happens.

so ...you never know...

It will be here long after I am not. I was here when I got an upgrade for my 2400 baud modem to a 14400 and thought I was godlike.

was in heaven.

when Katrina blew in and destroyed all the infrastructure for months, it was a wake up call. I have a back up for back ups, these days.

in every way possible about how horrible it was, but it taught me some things.

And I *still* wouldn't want to go through it despite what it taught me because it sucked ass for weeks on end. I was thrilled when I got my first taste of Taco Bell 5 months after the storm hit, and I still had to go 30 miles to get it. That's how bad it sucked.

When you realize how damn much you love milk, can't get it except in tiny quantities, that's pretty much when you know how bad it sucked.

When you celebrate that you can finally flush a toilet? It's like Christmas and you run around flushing all of them just because YOU CAN. That's how you know it sucked.

and have never lost it. I can imagine how eye opening it must be.

and flushing a toilet for granted -ever- again.

But I'm also steel-spined enough to actually ride out a disaster, all that comes with it and rebuild, while bitching about it incessantly.

900 baud in fact...I was one of damn few females with the hobby back then....

could we even think then that such powerful computer processors would be in the very pockets of most people as they are now?

does that mean?

I didn't take too much time trying to figure it out, but if you get an answer that is intelligible, let me know LOL.

Would definitely take many more times that amount, because it doesn't take into account necessary maintenance of the machine, downtime due to excessive heat, and backup to store the keys that were non-functional while the machine was down for necessary maintenance.

I love efficient hardware probably more than is healthy, but even in the best case scenario, you have to always add at least 5% downtime/suboptimal functionality to any box on the planet at BEST. That's provided that there never is a hardware failure or a power interruption. Or that you need to move it somewhere in it's 20 year life span. Or that it's rack needs to be re adjusted. Or that it's switching interface died. Or that it got too cold one day in the server room, or too hot.

All of that shit happens.

There are some things that it takes about 10 people to explain so that people GET IT. Particularly when they are invested in not understanding and not getting it as a function of their profession.

AES-192 and AES-256 will remain pretty much crack proof for a rather long time to come. 2^256 is an almost incomprehensibly large number.

And you still are talking about maybe 1/3rd of the keyspace

That would be cool, though.

We don't even know how big the universe is let alone how many atoms in it.

" target="_blank">

that we occupy a tiny place in the heavens."

It's just a matter of time.

All of the worlds computers could be working in concert and it would STILL take thousands of years to crack AES-256. So, for all intents and purposes, it IS uncrackable.

is rather relative. If there is no back door to AES-256 encryption, which is highly unlikely but could be possible as a very long shot, breaking it even with GPU's, which far eclipse CPU's in parallel processing necessary to brute force a key, you are looking at maybe your children's children getting it. And that's with intelligent algorithms and Moore's law on GPU's.

The mathematics is well known and actually kind of simple.

It depends on mathematical functions that are one way, lacking an analytical solution to the inverse function except for exhaustive search.

If the key space is large enough there is not enough computer resources on the planet to crack the code in any reasonable amount of time.

Since the mathematics is fairly simple, usually depending on the product of very large prime numbers -- finding prime factors is not analytically solvable, the algorithms are fairly simple as well. The security is inherent because the functions are designed to be one way trap doors.

Many encryption programs are released in open source which cannot credibly be claimed has back doors. If there were the hundreds of programmers all over the world working on these programs would be aware of it. If you believe there are back doors, get the source code yourself and point it out.

And No! Strong encryption -- available on any home computer -- is not crackable either. So, it's secure.

has searched for one, and as I said, it's a very long shot. I should have said to the nearest black hole long shot.

I've inspected and compiled the source, and like you, I know there isn't. I always leave the door open for the possible, no matter how out of this world improbable it is.

Practically speaking, though, I agree.

It would be easier to find security holes in the protocols than sneak in a back door. But as you point out, CS majors and such are ever tightening up those protocols and eliminating those holes.

In short, I am pretty damned sure that strong encryption is fairly impervious to systematic attacks. The math isn't that complex; it's number theory after all. (Integer arithmetic, for those who don't know.) It works because things like factoring very large numbers has no analytic solution.

If it could have been done, it would have been done long ago, and protocol exploits to get to the machine data storehouse that has the clear data is far easier than cracking it once it gets anywhere.

It's true that there is currently no efficient factoring algorithm, and it is probably true that there will never be one, at least until quantum computers become workable.

However, there is no proof that factoring can't be solved efficiently. The only "proof" is that people have been trying to find an algorithm for ages and haven't been able to. Then again, people have also been trying for ages to prove that factoring can't be solved efficiently, and they haven't been able to do that either.

Still, I agree with you. For practical purposes, public key encryption is unbreakable.

But as you point out, there's no reason to expect that such a reverse solution exists. And that's exactly why these particular algorithms are chosen for implementing the trap door.

But I stand corrected. You are of course correct.

I grovel at your feet and beg forgiveness.

But as a former math teacher I understand people's resistance. I dumb things down a bit to make it easier while still getting the point across.

But sometimes pedantry is called for. It certainly isn't objectionable.

The!quick@brown#fox$jumps%over^the&lazy*dog(

Easiest sentence in the world to remember, as are the spacers. You just have to know what those spacers are and that sentence is.

" 1. The Phaistos Disk is considered the most important example of hieroglyphic inscription from Crete. Discovered in 1903, both sides of the clay disc are covered with hieroglyphs arranged in a spiral zone, impressed on the clay when it was damp. Forty five different types of signs have been distinguished, of which a few can be identified with the hieroglyphs in use in the Proto- palatial period.

2. Linear A is one of two linear scripts used in ancient Crete discovered and named by Arthur Evans. Linear B was deciphered in 1952 by Michael Ventris and was used to write Mycenaean Greek. Linear A is partially understood but parts of it produce works unrelated to any known language.

3. Kryptos is a sculpture by the American artist James Sanborn, located on the grounds of the Central Intelligence Agency in Langley, Virginia. Since its dedication in 1990, there has been much speculation about the meaning of the encrypted messages it bears.

4. Chinese Gold Bar Cipher. In 1933, seven gold bars allegedly issued to a General Wang in Shanghai, China. These gold bars, which contain pictures, Chinese writing, some form of script writing, and cryptograms in Latin letters, appear to represent metal certificates related to a bank deposit with a U.S. Bank and the Chinese writing has been translated, and discusses a transaction in excess of $300,000,000."

http://www.telegraph.co.uk/news/newstopics/howaboutthat/8293375/Top-10-uncracked-codes.html

Alan Turing allegedly built the first computer in order to break the German's code used in WWII recently made famous in the movie U-571.

If the Germans had not been so methodical, the code may never have been broken, but hooray for our side, there was this one lapse of anal retentiveness.

Some people think it's just complete gibberish written by a quack to impress his patients.

in history. But typically, when people go to extremes to ensure data, it usually has high-value.

At this point, anyone claiming that Snowden does not possess high-value data is an idiot, naive, or both.

A dictionary attack using all known words in common languages, including all possible spelling variations (including l33t), word combinations, capitalization variations, injected numbers, potential reversals, etc., etc., will break 95% of encrypted documents using a key count in the tens of billions. That still sounds like an incredibly large number, but the NSA has the equipment to crack that relatively quickly.

256-bit AES is only "uncrackable" if your password looks like this:
6D4;502e44412e33694@3a445d752G53225c2^7e3821274a4E5d5e7d70+

A typical password, created by a user trying to come up with something "complicated, will look like this:
"E$t@c0ntRa$eñA3smVyD|fí<il"
("this password is very hard", in a foreign language, using random casing and character replacement).

Most people want passwords that they can remember, which typically means words, names, or numbers that have meaning to them. This narrows the keyspace to a more manageable subset of possible keys. That first password could take a hundred million years to crack. I'd be shocked if it took the NSA two days to crack the second.

The weakness in AES isn't the technology, but the humans who use it.

make things easier, but there are ways of making it a hell of a lot harder. Just one salt can make a difference. Distributing the salt throughout the pw with a pattern only known to a few can make it worse - it becomes easy to know the password, but without the correct salt, hard to break. It seems naive that Snowden and company wouldn't know this.

IF the user bothers to actually use it and generate a useful salt. In my experience, most don't.

Most security problems can be directly attributed to user laziness. Encryption is no different.

And even when the user is paying attention, there's always the rubber hose method.

We are talking about people that probably gave a great deal of thought to it, considering who they work for. And then left for Russia so they can't be rubber hosed.

But let's assume he chose a 256 bit encryption key that's solely comprised of commonly used words and phrases. Well then, maybe all of the world's computers working in concert would be able to find the encryption key within a hundred or so years instead of millions.

in that you distribute, say, a number within a few characters of the password on an ultra-long. You not only have to know the password, you have a salt, too. That's about as easy to remember as tying your shoes if it is something like a birthday distributed, say, over every 3 characters of a bunch of easy words to remember to separate them.

Johnny1Likes2granny3smith4apples5to6go7with8his9pancakes

Hard to remember? Not really. Hard to brute-force? Incredibly.

with no indication of success or failure except whether or not the final decryption makes sense. So you're (conceivably) shrinking the keyspace at the cost of greatly increasing the time per trial.

Though this gets somewhat into the weeds of what particular system he's using.

but really what is the reality of what strong encryption is about. You can decrypt, and still have gibberish because there are layers of encryption. It's like the old Russian eggs with an egg holding a smaller egg, holding yet another smaller egg until you get to the real thing.

And it's not really in the weeds. It's causing more time to be used to decrypt. Reverse engineering to rebuild data blocks would be so ugly that it is more time consuming than pure decrypting, but then decrypting becomes worse than just finding the person, beating the hell out of them and getting the keys.

It's truly no surprise why Snowden fled and why they want to get their hands on him personally.

With a good block cypher and a long enough key we're talking "more combinations than there are atoms in the universe" kind of stuff.

Indeed, the chances of getting anywhere near the theoretical maximum before cracking the cipher are remote.

The theory says it'll take forever. But redo life is different.

At 1,000,000 attempts per second, each having 2^-256 p of success, my cocktail napkin calculation tells me E(t) for hitting the correct key is several trillion years.

and rainbow tables. Even with those you are looking at 100 years.

Your chances are a good deal better of winning Powerball a good 30 or so times in a row, but it could happen.

It's hard for most folks (myself included), to comprehend numbers this large. One of the reasons lotteries make so much money, but I digress.

Your examples are spot on. Thanks.

I have a very hard time comprehending numbers of that size as well. I just know that numbers like that are several orders of magnitude beyond the point where my head begins to spin. There are really no practical applications for numbers of that size unless you are speaking of encryption keys or in terms of the total number of particles in the universe.

if they know what they are looking for? They could use common terms from the documents. Maybe some of them even have letterhead.

to use passwords found in the documents. No one with any sense would. They would just do a long string sentence broken up with symbols and numbers so that it is easy to remember, but hard to crack.

There's no partial decryption of a modern block cipher; every part of the document is mixed in with every other part.

it's a pretty impossible task.

Yet people STILL believe him.

he is dealing with encryption at amateur levels, I suggest that you are probably not as aware of how encryption works as many are. It's nice to try to play him as an idiot, though. It helps everyone sort out them very easily. .

Ever see the size of a D-Wave and the amount of space it needs to keep cool?

Yes, certainly is amateur hour.

... really amateur hour. Railsback, you are playing in the wrong schoolyard if you think that is going to convince and sway.

Truly, hon. Try harder, though.

It is entertaining.

Why not just say so instead of looking ridiculous?

I have done so many times over. But I think you have failed, and are grasping on every single shred of illusion to keep from drowning in ridicule.

Nothing will save you from yourself, after all, since you realize you don't really know what you are claiming you know. That's where it starts and where it ends.

Once you get over that, you put on the big boy/girl pants and start being a real IT professional.

Tom Brady is a professional quarterback. So is Tim Tebow. One is brilliant, one sucks bad… but both are professional quarterbacks. I deal with corporate 'pro' graphic designers who don't even know how to use channels in PS. They, too, toot their own horns. Believe me, its a common problem.

oh wait. He sucks so bad as a quarterback, they would use a high school student. Why doesn't he just play tight end, a position he would be good at? Oh wait. Egotistical to the point of detriment of his team by not playing in a position that he would be good at.

or rather, they can't do it in any kind of reasonable time.

(Those are what I use, personally)

That might take a while.

http://www.infineon.com/cms/en/product/chip-card-and-security-ics/embedded-security/trusted-computing/trusted-platform-module-tpm12-pc/channel.html?channel=ff80808112ab681d0112ab6921ae011f

Able to break the code. It has probably furnished the key information from what the data was to what it is now, it would be easy to break the code. Again GG tried to play with the big boys and again he has been played. Someone needs,to put up the money for him and his gang to go to basic spy school, maybe then he will not be caught making dumb statements like this one. Mark another untruth up to GG, integrity down even more.

It's good stuff, that.

for encryption done before the acquisition of the documents. After the fact, it's not in the hands of the NSA anymore.

Know the files he stole, they will break the code using both the encrypted and the files and then they will have the code they need for future reference.

Then I realized that they have no clue, because getting in front of this story didn't work. Now they are doing a disinformation campaign (hiring Cass Sunstein) and having the UK try to pass information off to the Independent in hope that they report erroneous things to shield the GCHQ. They can shout - Bad data! must be wrong!

Truth is, the trust has been shattered, and trying to generate more false information is going to end with all agencies involved look like liars and untrustworthy mouthpieces to the government than they already do. It's going to harm the newspapers. How long before they get tired of not making a profit because they are no longer credible due to being force fed erroneous information?

Oh, I'm sorry, my friend, but this genie is very much out of the lamp, and shoving toothpaste back in the tube has never worked very well.

It does not surprise me we are not seeing frequent news articles written. They are in the security business and nit the news reporting business. I don't know why it is important to put the toothpaste back in the tube which came out in 2005. The NSA should just sit back and let GG and his cronies do whatever they choose and continue to do the work needed by the NSA. All the reporting has not convinced me there is a problem except for some to make a mountain out of an ant hill.

The three news conferences by the President, and all the other ones attempting to placate the American public that they aren't being spied upon.

Each time, their talking points have been decimated as blatant untruths. That's why I know they really don't know.

Funny you should mention a mountain and an ant hill, when it is usually a mountain and a mole hill.

This really is a Mountain of an fire-ant hill, and a lot of people have tried sitting on it to make it stop.

Than a mole hill, just to put a more proper perspective on this situation.

smaller, but one hell of a lot worse. You must not be from the US.

Smaller?

Not the US.

Fire ant hills are large and go very deep.