I learned about NSAKEY on Windows today. I read the thread about Telegram being broken. I read the thread about openssl being potentially broken. I remember the talk about TrueCrypt being backdoored.
Can you design a crypto method that works, that can only be bruteforced over many years using super computers?
Features (optional): Both computers must know the key beforehand. Handshake exchanges part of algorithm used to create the key. Pub Priv keys have no backdoors and takes years to bruteforce on a serverfarm. Computer fingerprint plays part in crypto key. Received messages only read on one MAC address.
Why is it so hard to design a simple one way communication between a providing server and a leeching client? No trojans, backdoors, botnets, in the middle attack possibilities, just plain 1024*10 crypto key with priv and pub.
Our mobile phone devices today should have enough cores and threads to handle cryptography, yet they can only provide us with man in the middle, broken cryptography being spied on by the NSA.
Crypto/OpenSSL/SHA5 general thread.
Christian Harris
...
Landon King
yep, just make the password your mom's weight, it would take forever to bruteforce with super computers
William Harris
Because you get v& for refusing to weaken your crypto.
Landon Powell
a ^= b
Logan Harris
But why do you need such weak crap?
AES-256 cannot be bruteforced unless some physic laws change, because the lower bound of required energy is orders of magnitude higher than the energy released by burning entire planet Earth.
(if a good key is used, of course — that means good password with no less than 256 bits of entropy)
Aiden Morgan
"Even if AES itself is unbreakable, there's no way to determine if it's properly implemented in the hardware or that the hardware doesn't leak the data needed to decrypt it. "
Austin Hall
...
Henry Nelson
Much security and cryptography software supports the AES instruction set, including the following core infrastructure: Cryptography API: Next Generation (CNG) (requires Windows)[28] Linux's Crypto API Java 7 HotSpot Network Security Services (NSS) version 3.13 and above[29] (used by Firefox and Google Chrome) Solaris Cryptographic Framework[30] on Solaris 10 onwards FreeBSD's OpenCrypto API (aesni(4) driver)[31] OpenSSL 1.0.1 and above[32] FLAM®/FLUC® 5.1.08 (released 2015-08-24) and above
Christopher Wright
one time pad ^____^
Robert Jackson
please go and stay go
Austin Rodriguez
Ever heard of quantum computers?
Caleb Mitchell
AES is symmetric, so the best you can do with quantum computing is use Grover's algorithm to search n keys in √n steps, equivalent to halving the key size. That does make it reduce it below Earth-burning requirements, but it's still extremely strong.
Elijah Campbell
Can you elaborate. Using Grover's meaning that for instance 256 bit AES - > 128 right?
John Cooper
AES-256 has 2^256 possible keys, so it takes at least that many steps to find the right one. Grover's algorithm means you can reduce the number of steps to its square root, sqrt(2^256) = 2^128, which is the number of steps you'd need with AES-128.
Carter Evans
OP confirmed for not knowing shit about crypto.
Unless you're talking to someone like Bruce Schneier, then I can almost guarantee that the answer is no.
Crypto is really fucking hard to get right. Unless you know all the different ways to attack algorithms, you'll never be able to design an algorithm that is secure. Even assuming you do develop a safe algo, you're not out of the woods, because you still need to design a protocol that uses it. Did you know that just because a protocol uses cryptographically secure parts doesn't guarantee that the protocol itself is cryptographically secure? Crypto is so hard because there are so many tiny ways for you to fuck it up.
Christopher Price
No. No we can't, not unless we have several mathematicians, cryptographers and CS experts around here, and I'd imagine they'd be too busy with their jobs to be browsing Mexican flickerbook forums.
Owen Anderson
It can't be done, because you van never be 100% sure that your program does not contain bugs.
Also most assymetric crypto relies on things like how hard it is to factorise a nummer etc. Things that should be hard but can't be proven to be hard. Unless P≠NP we can't be sure nobody will ever find a way to break it, which is something we don't know.
Maybe you could have some unbreakable assymetric crypto, something AES-512 should be strong. But without assymetric crypto you can't securely share keys.
James Edwards
Not without sneakernet.
Colton Lewis
Mirror's Edge is slowly becoming more and more realistic.
Jason Gray
It would collide with something.
Nicholas Brooks
Can you stack the algorithm?
Matthew Russell
hiding data is better than encryption alone. Someone is only going to try and break your encryption if they know its encrypted in the first place.
Michael Cox
No.
Colton Howard
you can, look up merkles puzzle. Though I dont think thats as secure as for example RSA with sufficiently long modulus. You can even make signatures using hash algorithms. But there are also quantum-computer resistant public-key algorithmes like NTRU.
Ian Thompson
Even if you managed to do that, you would go to jail for exporting restricted munitions.
Luke Wright
I understand how the Enigma machine works. I understand how Turing's machine beat it. WW2's strongest encryption beaten because of HH at the end of every message.
I've recently started implementing openSSL in my own project and it's not easy to get up and running the first time.
Our government uses a bank tied ID through an app or a file on the computer to identify the citizen to different government services, that works like the authenticator. One day, it feels like even that will be broken, because someone manages to break it.
What if there was one type of standard that had no backdoors, no predictive element like the Enigma machine, no salted hash with a backdoor or something similar. To the point where FBI felt comfortable using it because not even NSA could snoop their computers.
Aaron Watson
The enigma machine is fucking peanuts compared to modern crypto. The defenses that a modern algo must have are a lot more subtle than appending HH to messages and designing new enigma reflectors.
When DES was being developed in the 70's a version of the spec was given to the NSA to look over. A bit later, the NSA came back and said "Change these constants to something else. We recommend these ones". Some years later, a new mode of cryptanalysis was discovered that rendered some algos broken. They tried this new analysis on DES, and found it didn't work because of the numbers the NSA had given them. They then went back and tried to analyze DES using the old constants from before the NSA. It turned out that those old numbers were vulnerable to the cryptanalysis. The NSA had secretly discovered the cryptanalysis years before, and they helped design DES to be immune to it (back when they were actually helpful to the cryptography field).
My point with this story is it's almost never a good idea to reinvent the crypto wheel unless you and your team know exactly what you're doing. Your adversaries have years worth of head starts over you. It's better to use a widely accepted algorithm that mathematicians generally agree is secure.
Dylan Sanchez
Why create new crypto? Just encrypt everything several times, using all the crypting programs you can find, and call it a day.
Benjamin Jenkins
Unless you're a super mathematician, with a PhD, don't even try.
Asher Rivera
They did audit and they said it was safe. There was a fork and from now on it is developed as the veracrypt software. It has been around so many years and I think it is good
Brody White
I'll get started on the logo. :^)
Juan Sullivan
Absolutely not
Probably not
Thomas Sanchez
...
Adrian Johnson
Dead tree format, no wireless and it requires physical access before you can even start to decode it.
Jacob Wood
Read a textbook on cryptography, OP. A real mathematics textbook, not "Cryptography for Dummies".
Repeatedly broken is what it is.
He may be a faggot, but he's right. The one-time pad is the only provably safe symmetric encryption scheme known so far.
Cameron Bailey
uint128_t ftw.
Jacob Long
Yes, but you have to be MORE than a genius.
Likely devote your life to it, too.
Ayden Ward
What about Chacha20? I remember somebody saying that it's provably secure.
Ethan Gray
Tomb.
Carson Gray
It's more a hardware thing. They can install Gentoo and avoid blolbs, etc, but as long as they use (((Intel))) CPUs, they're gonna be fucked.
Sebastian Green
Not the user you're talking to, but one-time pad is mathematically infeasable to break. Chacha20 is a great algorithm, but nearly every cipher is susceptible to being broken at some point. I guess my point is that one-time pad isn't really comparable to something like that
Xavier Carter
There already is a perfect encryption. Here it is: You know the method when you shift each letter in the alphabet by a number? Now the simplest perfect encryption is when you do the shifting not by a static number, but by a number which depends on the previous text.
The password would show how much you shifted the first characters of the text. You decrypt that part. For the rest, the decryption is based on the previous text.
This is very simple, everybody can understand it easily, and it is incredibly hard to brute-force. What is the problem? It works only in theory. The first issue you will encounter when trying out in practice, that it is not error-proof. You can not do any error correction efficiently on computers.
Designing crypto is not hard, designing crypto which is useful, reliable and can be done on an ASIC is.
Blake Lee
what about GnuPG?
Camden Evans
This is why you don't roll your own crypto. Ever. Good GNU/bait though
Jason Scott
What did he mean by this?
Matthew Ramirez
The clever part is it's not a cipher, it's just a CSPRNG. The encryption part is literally
Samuel Bell
That somebody was full of shit unless he provided a security proof. It's important to keep in mind that "I can't break it" doesn't mean "nobody can break it". Feel free to replace I with "NSA's top cryptographers" or whatever other fluff. The OTP security proof is a one-liner.
10/10 if troll post kill yourself if serious
Noah Morris
telegram was broken from the getgo. i have no idea why people mention it unironically on this board
Landon Thomas
I'm not sure if this is news to you, but Holla Forums and /g/ are almost entirely made up of clueless fanboys who parrot whatever nonsense you tell them often enough. Telegram was shilled to hell and back on /g/ before the exodus, so that's what became consensus here. Seriously, if you mentioned how super suspicious the crypto contest was back then, people would just post "hurr durr why dont you break it then????" over and over again. It was fucking ridiculous.
Nicholas Brown
That depends on your definition of broken, and you clearly don't understand cryptography enough to know what "broken" means.
