Forgot your password?
typodupeerror
Communications Encryption Government Privacy United States

Ask Slashdot: Can We Still Trust FIPS? 138

Posted by timothy
from the just-slide-it-under-my-door dept.
First time accepted submitter someSnarkyBastard writes "It has already been widely reported that the NSA has subverted several major encryption standards but I have not seen any mention of how this affects the FIPS 140-2 standard. Can we still trust these cyphers? They have been cleared for use by the US Government for Top-Secret clearance documents; surely the government wouldn't backdoor itself right?...Right?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Can We Still Trust FIPS?

Comments Filter:
  • by Skiron (735617) on Thursday September 12, 2013 @04:25PM (#44834171) Homepage
    Depends who runs the Government. Which is always the same people no matter who gets voted in, so the answer is YES.
    • by Anonymous Coward

      Depends who runs the Government. Which is always the same people no matter who gets voted in, so the answer is YES.

      Probably not. The NSA is not just concerned about wiretapping you and foreign governments. They are very concerned about foreign governments getting US government secrets. They would only consider back dooring the methods they use if they could be highly confident that it wouldn't help foreign governments crack their codes.

      • by cheater512 (783349) <nick@nickstallman.net> on Thursday September 12, 2013 @10:15PM (#44836825) Homepage

        Yeah but they wouldn't shoot themselves in the foot by giving out unbreakable encryption to the people they are trying to spy upon.

        If they got a very secure algorithm, weakened it in a hard to detect way which makes it easier for the NSA and nobody else then that would be perfectly fine to both use for government documents and to give out to other nations.

        • If they got a very secure algorithm, weakened it in a hard to detect way which makes it easier for the NSA and nobody else then that would be perfectly fine to both use for government documents and to give out to other nations.

          We've seen the level of "thought" that goes into these decisions. I doubt anyone with decision-making authority ever considered that weakening encryption so the NSA could get in more easily would also make it easier for criminals to get at the same information.

        • If they got a very secure algorithm, weakened it in a hard to detect way which makes it easier for the NSA and nobody else then that would be perfectly fine to both use for government documents and to give out to other nations.

          It's "nobody else" part which is very hard: the NSA are not the only one playing this game. In fact, the FSB (formely KGB, formely Tcheka) has been at this game (mass surveillance including on own's population) for much longer than the NSA.

          Even get real known example: NSA has discovered differential analysis as a method to help breaking ciphers. They kept it as a secret. What happened:
          - First they developed ciphers resistant to it (DES). They made a part, the controversial S-Box, to specially make the cyphe

      • by Anonymous Coward

        They weakened Lotus Notes by allowing the the NSA to know some of the bits of secrets: http://www.heise.de/tp/artikel/2/2898/1.html [heise.de]

        So yeah they could backdoor US stuff.

    • by Anonymous Coward

      Depends who runs the Government. Which is always the same people no matter who gets voted in, so the answer is YES.

      You're right but not the way you are thinking. The NSA is the boss. It knows enough of elected officials to keep them in check. The NSA allows the three branches of government "run" the country as long as they keep funding the NSA and never interfere with its doings.

      Well, ok, even the NSA has a boss. Just a few hours ago it was reported on Slashdot that the NSA offers everything it knows on a silver platter to Israel [slashdot.org].

    • Minus physical assault, it's getting to be the only way to transport anything securely.

    • This is the wrong place to ask, "ask slashdot" is also controlled by the NSA.
      They have been spending years building cover identities and collecting karma, so they can control ./
      And that's why this post is going to be modded down, see, I told you so!

      • wish I had karma to mod you up.

        Of course you're probably trolling to get mod points. ;-)

        Or ... you're NSA trying to get a handle on all those subversives who agree with you.
  • How can anyone trust (Score:5, Interesting)

    by i kan reed (749298) on Thursday September 12, 2013 @04:26PM (#44834175) Homepage Journal

    How could anyone trust an encryption algorithm provided by an organization whose purpose is decryption and interception? That will always be the craziest part.

    • by Entropius (188861) on Thursday September 12, 2013 @04:32PM (#44834245)

      That's not their only purpose. The NSA is supposed to:

      1) Make sure the bad guys don't snoop on Americans;
      2) Snoop on the bad guys.

      I use "bad guys" here with intentional irony, since nobody quite knows how to resolve the dichotomy that happens when the NSA's suspected of being bad guys.

      • by gl4ss (559668) on Thursday September 12, 2013 @04:42PM (#44834375) Homepage Journal

        you forgot 3) make sure that they can snoop on the "bad guys". ...where do you think export restrictions on cryptos came from?

        do you know what's super silly? some companies selling crypto products internationally proudly tout around their NSA certification.. certification from the same organisation that has a role in making sure that they don't export too good products.

        • by mtm_king (99722)
          I am stealing your sig. It is too good for just one person to have. And when I use it the world will only be 5 seconds old and I will have been the first to use it.
      • by Anonymous Coward

        Exactly and so the logical way to achieve both of these at the same time is to tell everyone to use an encryption standard which only you have the back door to...since "you" are obviously a good guy.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        Too much enciphering could be a threat to world peace. 0,1% of population must work against 99,9% to ensure 100% survive.

        That's why they did not have encrypted radio on the B52s raiding Vietnam. Nuclear weapons (and carriers) with the potential for a sneaky strike are dangerous, so they did not equip them with ciphers.

        I would not be surprised to find out the Russian and the American SIGINT service are actually working closely with each other to clamp down on any attempt of modern-day LeMays to destroy human

      • Or when the NSA considers everyone a potential bad guy.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      That's sort of like asking why anybody would ask the Army for tips on self-defense, given that their role is blowing stuff up and killing people.

      Well, the Army's role is also defense. The NSA has dual-roles, just like the Army.

      The problem is, they've been turned on us. It's effectively like the Army going house-to-house searching for terrorists. All of a sudden that don't want to teach you self-defense practices, because it makes breaking down your door harder.

      But you can imagine that, for a long time, peop

    • by bill_mcgonigle (4333) * on Thursday September 12, 2013 @04:47PM (#44834431) Homepage Journal

      If there are "good guys" at the NSA, they need to be moved to NIST instead. Nobody will ever trust the NSA to do good work again.

    • by Beryllium Sphere(tm) (193358) on Thursday September 12, 2013 @05:44PM (#44834995) Homepage Journal

      For example, they strengthened DES against differential cryptanalysis when they were the only ones who knew about the technique.

    • by jhol13 (1087781)

      They use AES themselves. Some of the smartest cryptoanalysts live in Israel, China, Russia, etc.

      It would be extremely stupid to do encryption they know is breakable.

      It is, has almost always been, and will be in foreseeable future so much easier to use covert channels. A VPN software to use almost, but not quite, random data in encryption keys. This way NSA needs huge workload (few hours of their massive processing power) to decrypt, without knowledge of the non-randomness it would be infeasible. Say AES-128

      • The math is sound. The implementation, or some other side-channel attack, may be the issue.

        Do you trust the binary? Do you trust the operating system on which you execute the binary? Do you trust the source code? Do you trust the compiler that created the binary from the source code? Do you trust the BIOS of your computer?Do you trust the hardware?

        A weakness in any of these will give an attacker leverage. The math may be sound, but it's extremely sensitive to errors.
    • by wvmarle (1070040)

      There is no need to have backdoors in the standard - that'd be counter-productive anyway considering the large number of cryptographers outside the US that try to find weaknesses in those standards. And indeed some have been broken to lesser and greater extent, others are still standing strong.

      It is those that stand strong (AES etc) that are now recommended by the NSA to use for top secret stuff and so, and also to the general public. Nothing fishy there, the standards themselves are fine.

      The problem lies i

    • by Tom (822)

      How could anyone trust an encryption algorithm provided by an organization whose purpose is decryption and interception? That will always be the craziest part.

      It's not crazy, you are just badly informed.

      The NSA also has the job to make sure nobody does to the US what the US does to everyone else. They've been developing crypto and security technology for decades, some of which (like SELinux) has passed even the most paranoid double-checking.

      You would want to trust them for the same reason an ex-burglar is the best guy to hire for checking out your home security system, or hackers make up some of the best security consultants: They know what they're talking about.

  • suite b (Score:5, Informative)

    by Anonymous Coward on Thursday September 12, 2013 @04:27PM (#44834189)

    http://www.nsa.gov/ia/programs/suiteb_cryptography/

      AES with 128-bit keys provides adequate protection for classified information up to the SECRET level. Similarly, ECDH and ECDSA using the 256-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and SHA-256 provide adequate protection for classified information up to the SECRET level. Until the conclusion of the transition period defined in CNSSP-15, DH, DSA and RSA can be used with a 2048-bit modulus to protect classified information up to the SECRET level.

    AES with 256-bit keys, Elliptic Curve Public Key Cryptography using the 384-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and SHA-384 are required to protect classified information at the TOP SECRET level. Since some products approved to protect classified information up to the TOP SECRET level will only contain algorithms with these parameters, algorithm interoperability between various products can only be guaranteed by having these parameters as options.

    NSA also defined another algorithm suite, Suite A, which contains both classified and unclassified algorithms. Suite A will be used in applications where Suite B may not be appropriate. Both Suite A and Suite B can be used to protect foreign releasable information, US-Only information, and Sensitive Compartmented Information (SCI).

  • Given the chance, of course the government would backdoor itself. If the government isn't the origin of the idea that the left hand doesn't know what the right hand is doing, it is at least the poster child. The only real question would be whether they've yet succeeded.

  • ...what are the alternatives? Rolling your own crypto won't work well. Unfortunately answers to this question can only be speculation. I wouldn't be extremely paranoid, but still it depends what you are trying to protect.
    • ...what are the alternatives? Rolling your own crypto won't work well.

      I suppose that depends on the type of information you're trying to protect - now you'll need to decide if it's worth even writing the information down!

    • twofish? MD6? WHIRPOL?
    • Re: (Score:3, Interesting)

      I think we've reached peak encryption. No matter what you come up with, the NSA has more than enough resources to crack your encryption method. And if you're using one-time pads, they or their retinue will just crack one of the holders of the one-time pads. Crack, like the holder's skull, knuckles or testicles.

      So we need to dump the idea that encryption can be used to transmit our secrets. And come up with entirely new ideas.

      A radical thought? Hell, yeah. Do I myself have any ideas how to do this?

    • >>Rolling your own crypto won't work well.

      What if Joan Daemen and Vincent Rijmen kept AES to themselves, wouldn't that work for them and still be considered "roll your own"?
      Still, I think that FOSS works best for encryption; many eyes make for shallow backdoors... erhm what was the saying again?
      It is one of the reasons I dont really trust bloated distros like ubuntu. Too much code to inspect. (but I might be wrong;-)
      • A) for the rest of us that arent math geniuses, that gives us no help....

        B) how many refinements were added during the peer review process?

    • Re: (Score:3, Interesting)

      by BitZtream (692029)

      As someone who writes cryptography software (I'm not a cryptologist, I just implement known algorithms, and verify they produce was I'm told they should produce), the solution for us is to provide software with multiple algorithms and let the user pick. Our core library supports DES, Blowfish, Twofish, and two separate implementations of AES, one of which is from outside the US. We also support a handful of lesser known algorithms, such as variants of the different Russian GOST standards.

      Unless everyone i

  • No. (Score:3, Interesting)

    by Narcocide (102829) on Thursday September 12, 2013 @04:40PM (#44834353) Homepage

    No, and you never actually should have trusted it. None of us did, we all stopped using it the moment the NSA advocated it, just like we stopped trusting every single crypto standard and favorite security tool they promoted, merely because they promoted it so suspiciously, long long before it was public knowledge the agency had gone rouge.

    It still makes me chuckle when I hear people worryingly speculate whether SELinux has backdoors. SELinux doesn't have backdoors, SELinux IS A BACK DOOR!!! *Actually read the instructions* for configuration of this tool and you'll see what I mean. Its security-through-obscurity at its worst. At best you can increase the illusion of security to untrained staff members. Anyone who has read the manual though knows there's one command anyone can use to gain root access more easily than if SELinux had not enabled or installed.

    • by Anonymous Coward

      Anyone who has read the manual though knows there's one command anyone can use to gain root access more easily than if SELinux had not enabled or installed.

      Dear Mr. Narcocide,

      Dropping this without elaborating is not something a gentleman would do.

      Sincerely,
      The Internet

    • No, and you never actually should have trusted it. None of us did, we all stopped using it the moment the NSA advocated it, just like we stopped trusting every single crypto standard and favorite security tool they promoted, merely because they promoted it so suspiciously, long long before it was public knowledge the agency had gone rouge.

      Let me know when it goes chartreuse :D

      Anyway; SELinux, if taken as a collection of recommendations, has some good stuff in it. I've used a lot of that for securing my BSD boxes. However, just implementing it as a "security package" without understanding what you're doing... well, completely apart from that one command, there are a bunch of other areas where incorrect implementation (which is what people would do by default) is enough to make the entire stack very insecure. But then, people do that just b

    • by Gibgezr (2025238)

      The NSA went rouge? As in red? Are they commies now? I'm confused.

  • No. (Score:2, Informative)

    by Anonymous Coward

    Trust was assumed on the basis that the NSA would not unreasonably jeopardise its protection mission by furthering its interception mission. This trust was apparently misplaced: it has.

    As you will actually see if you look at the documents, the NSA used the NIST analysis process under FIPS 140-2 certification to find ways to secretly attack and subvert the implementation of submitted cryptographic modules, including standalone modules, cards, hardware tokens, and software cryptographic modules, including bot

  • by Anonymous Coward

    There isn't really anything better out there. The "standard" cryptographic algorithms like AES, SHA-2 and RSA have received the most public scrutiny by far.
    If you think the NSA can break those, you have to ask why they can't break whatever other, less tested primitive you are proposing we use instead.

    You probably want to use longer key lengths than the minimum recommendation anyway, especially for public key cryptography - it's cheap.
    Specifications with magic numbers are more suspect, but this has been know

  • by slashmydots (2189826) on Thursday September 12, 2013 @04:59PM (#44834535)
    For the other 99% of us that aren't encryption specialists, a list of what software, services, and websites use which encryption method and whether or not it's known to be broken/back doored might be more helpful. I'm even a software programmer and I don't know what uses FIPS and what uses AES and what specifically uses the Dual_EC_DRBG algorithm.
    • Search for FIPS 140-2. It's a paid for government certification for an implementation of an encryption routine. You can implement AES in your software but it's not officially FIPS 140-2 certified until you submit and pay for the certification. So in other words, you will not find any open source encryption certified by the government as FIPS 140-2 since that would require a submission and payment. If you search you will find the official list of software that is certified as FIPS 140-2.
      • Or someone like RedHat could decide that they need certification (required for some FedGov projects), and pay to get something like OpenSSH certified. Red Hat Enterprise Linux 6.2 OpenSSH Server Cryptographic Module, when run in FIPS mode is certificate number 1792.

      • by chill (34294) on Thursday September 12, 2013 @06:00PM (#44835113) Journal

        Bzzzt! Wrong! OpenSSL jumped thru the hoops and has a FIPS 140-2 version.

        • That is correct. But it's, what, 8 years old now? FIPS certification is a PITA because any changes to the product require re-certification and it is a really long process.

          • Uh, no. Cert 1747 was issued originally in June 2012 and renewed as recently as August 23, 2013. It is the latest and greatest.

            • Ok, so that's new. I was referring to the Jan 2006 certification which took 5 years. Looks like they certified a couple of versions in 2008 and then it took 4 more years for the 2012 cert. You'll note it is also a very specific part of OpenSSL, not the entire suite.

              • by chill (34294)

                That was by design, and how EVERYONE does it. Only the core cryptographic module is certified. Everything else is a wrapper around it. Since FIPS only requires the crypto functions to be evaluated, this makes it possible to make changes to every other component without invalidating the certificate.

                RSA, for example, licenses their certified BSAFE library to several vendors. The other vendors can fiddle with GUIs, interfaces or whatever without having to get their individual products certifed.

                If they certifie

      • by Tom (822)

        If you search you will find the official list of software that is certified as FIPS 140-2.

        Correct. That list is here:
        http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1051 [nist.gov]

        you will not find any open source encryption certified by the government as FIPS 140-2

        Incorrect. OpenSSL has been on that list since 2008, here's the certificate:
        http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140crt/140crt1051.pdf [nist.gov]

    • by AmiMoJo (196126) *

      Pretty much all of it I'm afraid.

      I think we have to even consider AES to be dead now. Twofish is probably the best bet to replace it. I'm not sure what we can use to replace Dual_EC_DRBG.

      • by LainTouko (926420)

        What do you have against AES? The US government doesn't pick bad algorithms for itself to use as a matter of principle or anything, suspicion is only really warranted on algorithms which contain data which claims or appears to be random, but could have been specially chosen to have some property. (If you want people to trust your magic numbers, you generate them by doing something like taking the hash of the square root of 2.) The difference between AES and Twofish is that AES got more positive comments fro

    • Here's the list of software that is FIPS certified. Be aware that most are libraries that are used in other products, which can sometimes make it hard to tell which particular certified bit is being used by end-user software.

      http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2012.htm [nist.gov]

    • Here is the list of software, you CAN trust:

  • Yes, but... (Score:5, Informative)

    by sinij (911942) on Thursday September 12, 2013 @04:59PM (#44834549) Journal

    FIPS is a financial and government-facing certification. FIPS guarantees correct implementation of cryptographic protocols according to a set of standards. It does not guarantee that there are no undiscovered (or backdoored) weaknesses in your implementation. This is still useful function to entities that require this certification. Corporate liability and loss due to getting hacked because of incorrect cryptographic implementation is orders of magnitude greater than liability and loss due to getting exposed NSA backdoors. It is all about risk management, and it says FIPS is still good idea.
     
      Now, if you want personal security this equation changes a bit - possibility of personal harm due to hypothetical NSA backdoors goes slightly up and your likelihood of getting targeted to get pwned goes drastically down. FIPS is still likely net benefit, but diminished.
     
      Keep in mind that there is no such thing as perfect security. You have to ask, how likely that this specific implementation was backdoored by NSA and what the worst possible outcome of such occurrence?

    • by Whorhay (1319089)

      I would wager that the actual encryption protocols, recommended in FIPS, are probably still good enough and not likely sabotaged by the NSA. FIPS is the standard that the military is using and it is highly unlikely that the NSA would tell the military to use something they knew was vulnerable. There are two good reasons for that; first the NSA knows that they are bound to have spies within their agency and so anything like a backdoor to the encyption standard which your entire military is using would certai

  • TS is not SCI (Score:5, Interesting)

    by Anonymous Coward on Thursday September 12, 2013 @05:01PM (#44834571)

    "Up to Top Secret" does not include Sensitive Compartmented Information (SCI). The ciphers under discussion, backdoored or not, are not suitable for use on SCI.

    • I have no points to mod this up, but would if I did. This is dead on target, at least as far as how the military views this sort of thing. But do remember that TS and SCI are somewhat orthogonal; you can have SECRET/SCI and TS/collateral in addition to the more common SECRET/collateral and TS/SCI.

      Also note that typically NSA is comfortable with encryption as long as they know how much effort is required to break it. The only way NSA will believe a difficulty estimate is if they actually break it. They don't

      • by wvmarle (1070040)

        Obviously the NSA believes they're the smartest when it comes to breaking cryptography.

        Shouldn't that also mean, that if they can not break it, no-one else can?

        To me it's a bit odd that they'd approve for government use encryption they know they can break already. Knowing that technology advances quickly (more computing power) and also cryptanalyses and related mathematics moves forward constantly.

    • by Anonymous Coward

      http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml

      Suite B still applies to TS/SCI

    • by trifish (826353)

      If you have anything above Top Secret to hide, good luck to you, you'll need it (either this, or maybe you're a little delusional).

  • by Anonymous Coward on Thursday September 12, 2013 @05:16PM (#44834721)

    The FIPS 140-2 standard is for "protecting sensitive but unclassified information". It is not for top secret. Also the body of the FIPS 140-2 standard is algorithm agnostic. The part that mandates specific algorithms is Annex A and can be updated to add and remove algorithms without changing the standard.

    In terms of how bad the situation actually is.... I refer to Bruce:
    The math is good, but math has no agency. Code has agency, and the code has been subverted.

    • Also, you don't backdoor yourself, for fear of someone finding out about your backdoor without you realizing it.
  • They backdoor themselves with increasing frequency (Manning, Snowden).
    That's the good news.

    The thing makes them awesome is their budgets and power. And weak
    dicks that populate politics these days. They are hard to kick out. That's
    the bad news.

    Now get involved.
    Have a nice day.

  • Based on what I understand of the FIPS process (which is little, admittedly), the whole exercise to put your crypto under the microscope results in eliminating a number of coding mistakes and implementation problems. So even if the algorithms themeselves are potentially weakened (we don't know ), a FIPS approved product that's had 3rd party scrutiny is probably still better off than one that wasn't, due to cleaning up implementation issues with the keys, random numbers and algorithms.

    • FIPS certification is only available for systems that implement modest key lengths. Many of the approved algorithms are designed to support much greater key length, but longer keys are not allowed by the specs. FIPS won't certify 'em. It's a pretty safe guess that the allowed key lengths are such that the NSA can break them if needed using custom hardware or whatever else quasi-unlimited money can buy. Remember 20+ years ago when the gov't regulated all crypto as a munition? They still allowed low-bit encry

  • They have been cleared for use by the US Government for Top-Secret clearance documents; surely the government wouldn't backdoor itself right?...Right?

    So the NSA most likely knows what kinds of backdoors they could insert that can't be exploited by other nation-states. So yes, they most certainly could backdoor it.

  • It seems like the encryption of Tor - any version including the latest- cannot be trusted. Anyone know?
  • As long as they were confident the backdoor remained unusable by anyone else, sure.

  • Can you trust anything from the NSA and any number of other three letter agencies?
  • by Anonymous Coward on Thursday September 12, 2013 @06:27PM (#44835305)

    ASCII stands for "American Standard Code for Information Interchange". Since this is an American standard, then the whole encoding scheme probably contains a backdoor that allows the NSA to read all information encoded in it. We can't trust EBDIC either as IBM is a contractor for the NSA, they would insert a backdoor as well. I think for maximum online privacy we should be using Unicode which shouldn't contain an NSA backdoor because it is an international standard. The American government has no interest in following or creating international standards.

    Unfortunately Slashdot does not support Unicode, so one should now safely assume that Slashdot is an NSA honeypot .

  • I have no doubt that FIPS 140-2 is fully available to the NSA. The official story is probably so they can monitor or prevent espionage. Also the NSA has political interests in terms of knowing what it's opponents within the government are doing. If the NSA had adequte supervision this wouldn't be allowed but they don't have adequte supervision. So there you are.
  • One might build software that divides text into two files with every other bit going to the other file. Two sending units send the material to two addresses from two addresses. On the receiving end the tennis shoe method is used to deliver both halves to the third party who has the software to decode each half and recombine the bits into a coherent message. It might be next to impossible to break but if it is not next to impossible then divide the original into three files and send the bits and rece

  • The question here doesn't make sense does it? FIPS is a certification not an algorithm. It's like asking if my soundsystem that was THX certified would still be any good if the we found out their CEO was a crook. AES-256, Serpent, Twofish, etc... are all algorithms but only a few got FIPS certification.

    On top of that, from all the articles I read, the NSA isn't actually cracking these protocals, they're using passwords and certificates gleamed from other sources as seed for cracking.

    Finally, if you wante

    • by mikew03 (186778)

      There are two issues with this.

      1) Some of these algorithms depend on receiving quality random number systems from the underlying operating system. It's possible some of those random number generators have been manipulated and its going to be pretty hard to check on Windows or OSX random number generators.

      2) The backdoor's do not look like (if strncmp(pass,"NSA",3) == 0) { return plaintext }. The backdoors are sophisticated mathematical weaknesses in the algorithms. A code inspection is not sufficient to det

  • by Tom (822)

    As close as you can come to trusting something like the NSA, but yes.

    Most people see the NSA as a pure spy agency, but that's not true. It has two jobs. One, to spy on everything else and two, to make sure nobody spies on the US.

    They employ enough smart people to understand that if they can break it, so can someone else.

    If you are really concerned, you should check the implementation. Past experiences show us clearly that it is a lot easier to put backdoors there. And it has the advantage that if the enemy

  • the algorithms have a lot of peer review independent of the NSA and the NSA had little input in their design (though may have
    significant input in the slection of those algorithms that got standardized).
    Though the NSA probably has better methods for attacking common cryptographic algorithms either using undisclosed weaknesses or more likely
    custom hardware, it seems likely the NSA can not easily crack these algorithms.

    The simplest thing to do is to pick a larger key length which will give you more of a securi

...when fits of creativity run strong, more than one programmer or writer has been known to abandon the desktop for the more spacious floor. - Fred Brooks, Jr.

Working...