 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On 08/06/2013 10:48 AM, Edward Ned Harvey (blu) wrote: > I didn't overstate anything. Your statement agrees with mine. Sorry. My point is that the crypto doesn't have to be as good as 256-bits to cause them very real headaches. And if it *is* as good as 256-bits it is no longer a question of whether their budget is big enough, it is whether the universe is big enough. It doesn't matter whether they have a lot of 256-bit traffic or a single message, it is thought to be impossible to be brute forced. The numbers are just too big. Lessor crypto, however, might be very breakable--when they care about specific and limited targets--but impossible for them to handle in snoop-everything bulk. They operating on a horrific scale here, snooping everything they can. This requires efficiencies. And, this then makes them vulnerable to speed bumps, anything that doesn't scale cheaply. Good crypto stops them*. (That's good.) Bad crypto can** still stop them, at least from their read-everything strategy. -kb * Stops them from reading the message. Traffic analysis and attacking endpoints is still a very rich avenue for the spies. ** Assuming vulnerabilities require active measures while the traffic is happening, not passive, automatible, cheap, off-line analysis.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
