Topic: The Biggest Threat to Bitcoin: The New American NSA Datacenter (Read 3791 times)

256-bit is not two times stronger than 128-bit. The strength of encryption grows exponentially, not linearly. 256-bit with current computing technologies and more's law might be safe for more than 10 or probably 200 years. It might be safe till the end of time.So the TripleDES is finally broken? Or Blowfish, or SHA-1 hash function? What is complex encryption scheme? Some Rube-Goldberg encryption using data destruction and outdated ciphers or TrueCrypt? TrueCrypt is actually not so complex at all, in terms of usability and ease-of-use. This statement by incomptetent spokesperson makes no sense at all to me.GSM is no encryption at all, it is merely a obfuscation. NSA and any government agency can listen at will, they already have copies of GSM encryption keys and direct access to operator's infrastructure. Maybe using voice recognition and data mining all conversations nationwide is one of the purposes?In some countries being drunk while committing crime (such as telling it will be good if someone nuke arseholes in NSA) is going to ad additional years to sentence.I'm located in Eastern Europe and I have veiled Arab man in my avatar, now I'm a foreign terrorist! Nuke with dirty Iranian nuclear bomb the capitalist terrorists and abduct CIA president while sniffing train of anthrax letter cocaine and buy Rolex replica watches cheap! Sh*t, that smoke was a strong one!Is it something similar to MDMA? I will visit Silk Road to find out more The password in GPG is used to protect the private key in case if the file containing key is fallen in hands of enemy. It is not related to quality of the keypair. If enemy only have your public key, the quality of the password protecting your private key does not matter. Only the source of randomness is important, and computers are known to be poor at generating truly random data without hardware random number generator.

Where passwords are the weakest link, they must be strong and random. In 1 month average human can remember password containing 30+ ASCII characters.

Well that's true. You could, for example as Armory does, use a really slow key derivation function, and apply it so many times that it takes, for example, one second to get the key from the password. That would limit the cracker's attempts to one key per second as far as I can tell (unless the key derivation function is compromised).

Interesting idea about using shapes to gain entropy. Though I have a hard time figuring out how much entropy this actually provides.

Once you get to that point, you can just hash the part you remember and use the hash as the password. The part you hash would still need to be strong, and it would force the cracker to either, use hashed values, the actual values, or both. We could also go the route of using patterns instead of characters.

The red dots are places where red dots on other shapes "lock". The basic idea is that you would be making a vector object, then use that code as the password. Again these are vector objects, so size does not matter. all that matters is that the correct shapes are connected correctly in the right orders, etc..

Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!).

Made possible by the nearly unnoticed NDAA!

Now you are:

dirty bomb plutonium palestine abduct anthrax yemen al queda jihad plane truck train liberate occupy

Pretty sure every single one of us has been on the list since 2009 when bitcoin was invented. Cheers.

Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist.

See you in indefinite detention.

Ill say what i always say again, its a good idea to keep your data both secret (keep it away from prying eyes) AND encrypted. sometimes both are not possible, but you should try when you can.

For example, bitcoin, this is almost never possible because by design, you give out your public key.

However, secret documents and messages can be both secret and encrypted. You only give the encrypted data to whoever needs it.

So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun?

DISCLAIMER: I'm drunk, so don't take me seriously.

A far more likely use would be a fishnet over GSM-encrypted phone calls in realtime.

You would think that if the endgame was to bring down BTC, they could do it much cheaper than $2B.

They are creating a neural net to model your brain. Once it achieves consciousness, they can just ask it what password you would have used.

Hrm...
"According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. "

I always use the maximum key size possible, usually 8192 or 16384... Takes a while to generate, but I never notice a difference when I'm actually using them.

According to the article, they are specifically targeting AES encryption, and are hoping to break 128-bit and lesser stuff from 10 years ago to do analysis of the old data to see if there are patterns. They have collected information for a long time, and are only now having a go at actually breaking the encryption. 256-bit should be fine for a while yet, but in 10 more years it may also be breakable, if you have a 2 billion dollar budget.

+1!  Probably far easier and more cost effective to simply find the IP's of most bitcoiners, and destroy all their stuff, set them up on rigged cocaine charges, and put them in prison. That'd be a better attack vector.

Imagine a safe made from steel. The walls is thicker than diameter of Milky Way galaxy. That's how strong is properly deployed TrueCrypt. The 2billion diamond saw will not cut trough the steel wall hundreds of light-years thick in reasonable time. With reasonable I mean before Earth takes plunge into Sun.

I guess the new NSA datacenter is not for raw bruteforcing but for mining semantic data from all your intercepted e-mails and other unencrypted junk travelling trough internet backbones.

2 billion$ for cracking a typical password for anything remotely important

W39aJtvjcvOBJ20f
Should not take more than a few milleanias. Good luck with this.

Rubber hoses and predators and bent senators are so much more cost effective than those datacentres.

But now I'm going with 8192 bits just to be sure.

~Bruno~

I use 4096 bits for everything, so I'm fine.