Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] KeePassX

On 08/13/2013 01:29 PM, Richard Pieri wrote:
> If I did my math right, a facility like that can brute-force any 
> 80-bit key in about 32 hours. 

I'll accept your math, and it makes my point. You describe a facility 
that can only brute-force a couple hundred 80-bit keys a year.  Which 
means brute-forcing 80-bit keys is not something routine and cheap for 
the NSA, not when they think they need a plaintext copy of *everything*.

Sure, 32-hours is cheap when the spies are cracking into the Soviets or 
Red Chinese, but NSA sees more than two targets now, they think everyone 
on the planet is their target, at which point 32-hours is crushingly 

> Keys smaller than about 68 bits (28 seconds) would probably take 
> longer to spin up the jobs than run the actual searches.

Even 28-seconds is crushing when your intention is to read everything.  
There are only 1.1 million of those 28-second windows in a year.

And don't forget the "trillion guesses a second" Snowden is quoted as 
advising, you might be giving the NSA too much credit.  Snowden has been 
described as paranoid and careful. Getting a public key for the reporter 
wasn't good enough for him, it was only good enough to describe 
something more secure that was maybe good enough for him. He might know 
what he is talking about.

Don't get me wrong: if you want to keep the NSA from decrypting your 
data, and if there is any reason to believe they might be seriously 
interested in you, be *extremely* careful, and use good encryption and 
use long passphrases with lots of real entropy in them, and protect 
them.  And worry about your endpoint security.  And don't make any 
mistakes.  And be lucky, too, for good measure.  I think we agree on 
that stuff.

But if enough millions of people start using a nice sloppy mishmash of 
halfway decent weak encryption on a daily basis, the NSA will have to 
choose what it cares about, and no, "everything" won't be an option any 

> Protip: every cipher has weaknesses.
> Protip 2: assume the NSA knows these weaknesses.

Protip 3: Weaknesses can be exploited, at a cost.

Something that NSA can afford one of, or a thousand of, is not something 
the NSA can afford in infinite quantities.  Bending their cost-curve 


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /