Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Kent Borg wrote: > Okay, maybe ROT-13 isn't worth much. But ROT-12, being a bit more > obscure, starts to be useful. And something that requires a > man-in-the-middle attack, is very valuable. Substitution ciphers fall in near real time to automated frequency analysis. The obscurity of the algorithm is irrelevant when there is a 1:1 correspondence between clear text and cipher text. Weak encryption can be broken quickly. c.f. any of the DES/3DES cracking engines. Flawed encryption can be broken very quickly. c.f. WEP cracking. It may not matter how expensive an attack is. The NSA has an effectively unlimited budget. Let's compound the issue: what are the most commonly used ciphers used for encrypted communications today? Which of these were approved by the NSA for purposes other than those requiring secret or higher security classifications? Flawed cryptography is useless. Good cryptography may be useless when one of your foes is responsible for approving and endorsing the encryption systems you use. -- Rich P.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |