[nycbug-talk] Hot Story: German Gov. intelligence agencies decrypt PGP, SSH

George Rosamond george at ceetonetechnology.com
Sun Jun 16 22:33:14 EDT 2013


Isaac (.ike) Levy:
> On Jun 16, 2013, at 8:09 PM, George Rosamond
> <george at ceetonetechnology.com> wrote:
> 
>> I don't know if there's more to this, but this may be the important
>> part:
>> 
>> <quote> The response of the federal government is: "Yes, the
>> technology used is generally in a position, depending on the type
>> and quality of the encryption." </quote>
>> 
>> What?  Key length?  Encryption type?  Password strength?
>> 
>> My feeling has always been that an adversary with sufficient
>> resources and high enough stakes can break anything.
> 
> I believe you forgot 1 element, enough time, (time offset by greater
> resources, of course).
> 
> I mean, theoretically, how fast do folks think Google could
> brute-force a 4096 bit RSA ssh key?  or a 1024 bit DSA key?  (or an 8
> bit ECDSA key haha?)

Yes.. valid.  Maybe the FBSD ssh-keygen man page needs updating... what
is "sufficient"?


<quote>
Specifies the number of bits in the key to create.  For RSA keys, the
minimum size is 768 bits and the default is 2048 bits.	 Generally, 2048
bits is considered sufficient.
</quote>

> 
> Even if it's faster, with ma$$ive resources thrown at "high value
> targets", it's still got to take a quantifiable amount of time- which
> could mean something in the context of the reason to throw the
> resources at it...

Well, yes, that's a consideration, but I'm partially basing this on a
long-standing rumor that enormous amounts of time is not the issue as
much as inter-agency time sharing systems, to put it most obtusely.

> 
>> 
>> If you're Jane Q Nobody crossing a border, and they image your
>> drive and there's cipher text that's hard to crack, I doubt they
>> devote the resources.  But if you're a priority target, I'm sure
>> they would and ultimately could.
>> 
>> Passwd strength is usually the weak link though, not the encryption
>> itself.
> 
> Agreed, and frustrating. (It's always a last-mile problem- perhaps
> the true nature of understanding scale are found in the last mile
> problems.)

Or, as it should be called, the "Schneier's pole issue."  The best
encryption is only part of a security equation.  Often it's like having
a pole 200' in the air in front of a host/home/whatever that takes a lot
of effort to get over.  However, it's usually much simpler to walk
*around* that pole.

I hope I didn't bastardize his argument too much, but then again, he's
probably not on talk@ and isn't the type who has google alerts up for
his name...

g



More information about the talk mailing list