quote:

ORIGINAL: Esinn
I think you are lying.

quote:

ORIGINAL: JeffBC

quote:

ORIGINAL: Esinn
I think you are lying.

More like making fun on DomKen.

There was a previous discussion where he was putting out one set of ideas. On the telephone I'm talking to someone I know for a certain fact is well positioned to know the truth... very well positioned... While, of course, nobody else could know the source I have and how reliable it is, I did. And therefor I, for one, know he likes to pontificate on this stuff with virtually zero knowledge.

But have at it :)

edited to add because you, at least, will understand the significance of this
We didn't actually have any of these discussion on a telephone. There's no way he'd do that. We use either face to face communication or well encrypted channels for this sort of thing.

quote:

ORIGINAL: DomKen



Actually I was a software engineer with a degree in mathematics. For several years I worked for a large financial institution that wanted its database to be both available over the net but totally secure. That means I spent a great deal of time verifying that symmetric key algorithms like AES were secure. As many of the people involved in the standards process that eventually chose AES I was not convinced there was not a way in faster than brute force and that short keys, anything under 1024 bits, was secure against brute force. 128 bits sounds secure until you consider the processing power of modern distributed computing systems. Throw hundreds or thousands of cheap Linux boxes into a distributed computing platform then 3 * 10^38 (number of combinations in a 128 bit key) becomes a solvable problem if the data inside is valuable enough and not time sensitive.

You guys who are so paranoid about the NSA siphoning up the everyone's internet traffic should be more worried that they are instead breaking AES by brute force and going after the big bit primes to break public key encryption as well.

I will note that even Assange doesn't believe 128 bit AES is secure since he used a 256 bit AES for this file.

Also, routers are where the internet traffic is routed. If you want to intercept all of it that is the obvious points to do it. If you're going to physically mess with every single optical fiber in every single bundle that might be carrying net traffic you are first off going to get the same packets many many times which is ridiculously wasteful. Second just how expensive do you think that would be just in paying people to install that stuff and replace failed components?

As a simple example just to send a request to google involves, for me, 8 jumps. That means 8 routers and at least 9 fiber segments. Now where would you tap?

quote:

ORIGINAL: JeffBC

quote:

ORIGINAL: Esinn
I think you are lying.

More like making fun on DomKen.

There was a previous discussion where he was putting out one set of ideas. On the telephone I'm talking to someone I know for a certain fact is well positioned to know the truth... very well positioned... While, of course, nobody else could know the source I have and how reliable it is, I did. And therefor I, for one, know he likes to pontificate on this stuff with virtually zero knowledge.

But have at it :)

edited to add because you, at least, will understand the significance of this
We didn't actually have any of these discussion on a telephone. There's no way he'd do that. We use either face to face communication or well encrypted channels for this sort of thing.

quote:

ORIGINAL: Esinn

quote:

ORIGINAL: DomKen



Actually I was a software engineer with a degree in mathematics. For several years I worked for a large financial institution that wanted its database to be both available over the net but totally secure. That means I spent a great deal of time verifying that symmetric key algorithms like AES were secure. As many of the people involved in the standards process that eventually chose AES I was not convinced there was not a way in faster than brute force and that short keys, anything under 1024 bits, was secure against brute force. 128 bits sounds secure until you consider the processing power of modern distributed computing systems. Throw hundreds or thousands of cheap Linux boxes into a distributed computing platform then 3 * 10^38 (number of combinations in a 128 bit key) becomes a solvable problem if the data inside is valuable enough and not time sensitive.

You guys who are so paranoid about the NSA siphoning up the everyone's internet traffic should be more worried that they are instead breaking AES by brute force and going after the big bit primes to break public key encryption as well.

I will note that even Assange doesn't believe 128 bit AES is secure since he used a 256 bit AES for this file.

Also, routers are where the internet traffic is routed. If you want to intercept all of it that is the obvious points to do it. If you're going to physically mess with every single optical fiber in every single bundle that might be carrying net traffic you are first off going to get the same packets many many times which is ridiculously wasteful. Second just how expensive do you think that would be just in paying people to install that stuff and replace failed components?

As a simple example just to send a request to google involves, for me, 8 jumps. That means 8 routers and at least 9 fiber segments. Now where would you tap?

I am not sure what that has to do with anything? 128 is safe. It might not be in 1-5 yes, I used the very same site you posted. It came from a more respected "cited" individual too. We know exactly how the NSA is monitoring the internet. Any discussion on that is not beneficial now or even interesting any longer. Since we have the budget breakdowns we have a fairly good idea where the money was coming from.

If you go to FAS and do a "Black Budget" search.... Even the most recent stolen data that WaPo is off by about 40billion. To remotely suggest the money is not there or lacking is intentionally obtuse, if that was your point?

And I agree what the NSA is doing relevant to encryption is scary. Ty, I thought this might be more interesting.