[quote="Bruce"]So, if you want to have the equivalent of 128-bit security, then your passphrase needs to be on the order of 128/2.5, or 50 or so characters long. It also should not be anything people can easily associate with you, because that greatly reduces the search space for a passphrase-cracking attack. Hence, don't choose, say, your mother's full name prepended to your father's birthdate.
[/quote]

no mother, i was born of bhaal

But doesn't that effectively mean that the encryption is really only as strong as that key? Why would anyone ever try to crack it at 128-bit strength when, if you take it that it's human nature not to use 50 characters but something like, "fido7" you just try different keys and take it from there? I... I mean, the Forum Socialist doesn't see how the 128 bit part matters at all.

Also, how are keys sent around? What's a "public key"? You'd have to tell somebody what key you want them to use, right, like over the phone or a landline or something, right?

I... I mean, the Forum Socialist brings this up because he was reading the Cryptonomicom by whatshisface, the Snow Crash guy, Stephenson there, and the author didn't tackle that. So it means that either I'm missing something completely obvious, or ... well, it's got to be that.



... OK, I just read PTX's post. Public [b]and[/b] private key. Perfect. That explains it. Of course. Of course!! It makes sense, now.

Thank you, friends. I have learned something tonight, something much more than what I normally learn in a night, which is the nipple placement of some poor girl on [url=www.camwhores.com]camwhores[/url]. This information will be much more valuable in the long run!


And, again, I aplogize for deleting your post. Thank God Parrish isn't around to scream me down for doing this.

In the time it took me to write mine, Adam has generously written something in a bit more detail, and it's obvious he understands it better than I do. I dabble; other people actually study this stuff.

Also, I believe that apart from the not-all-bits-being-equal stuff (which is totally over my head), the reason why there are people willing to shoot for 2048-bit (or higher) encryption is that while it's difficult to crack a message that's been strongly encrypted, it's by no means impossible. I've been told the NSA was (is?) one of the largest customers on Cray's, and then SGI's, inventory lists. They have a few algorithms that cut the solution set by a couple orders of magnitude, but basically they decrypt things by using huge amounts of brute force in the form of lots and lots of computing power.

This leads to some interesting thoughts: since computing power grows exponentially all the time, something that's unthinkably secure now may be pretty weakly encrypted by the standards of the future. If you have a business document that will be irrelevant in 5 years, you may be fairly safe. On the other hand, if what you're encrypting could get you into court 20 years from now if anyone ever reads it, you probably need something with a little more punch.

Ooooooooooh-Kay...

Let me see... I'm weak in a lot of the mathematics necessary to explain [i]how[/i] this sort of thing works, but here's the Reader's Digest version.

The sort of encryption being referred to is, if I understand correctly, what's called [u]public key encryption[/u]. The important thing here is that the "key that unlocks it" is only one aspect of what's going on.

There's two keys, you see: the public one (which is made public in large directories, as its name might suggest) and the private key (which you and only you are supposed to have).

If I want to send a message to you, I use the encryption algorithm to encrypt it using the public key. You then use your private key to decrypt it. The algorithm is structured in such a way that only your private key will easily decrypt it -- this is generally done by finding two very, very big prime numbers, and then seeing what (even more sizable) number results when you multiply them together. [WARNING: I'm oversimplifying things a bit; you'll want to read up on this via other sources].

Prime factoring is part of a class of mathematic operations that (if my higher math training from the excellent movie "Sneakers" serves me correctly) are called "trap-door equations;" they're easy to get into but hard to get out of. Multiplying two big primes to get another very very large number is easy, and that's (roughly) how we get the message encrypted. Dividing the very very large number by the known bits of the prime number in your private key to decrypt it? Also easy.

But if the NSA or whoever wants to intercept the message? It's many orders of magnitude more difficult to factor out the very very large number and figure out from scratch what primes were used to encrypt it. And they don't automatically get your private key by doing so.

The primes are only one part of the algorithm, so for simplicity's sake just accept that they're there and forget about them. The jist of it all:

* You have a key, and the algorithm splits it into two parts. One is private for you and you alone, one is publicly distributable.

* When I send you an encrypted message, I encrypt it using the public key. [b]I cannot [u]de[/u]crypt it[/b]: all I can do is wrap it up for you to decrypt on your own.

*You and you alone can decrypt the mail, because you have the other half of the key, the private one.

As an interesting corollary, the inverse... er, converse? I forget all this stuff -- dammit, Jim, I'm a Media Arts major, not a Boolean logician!

*ahem* As an interesting corollary, we can [i]switch the keys around[/i] for a secure digital signature.

I want you to accept that I'm the real Zachary Bishop, not just some guy faking it. So I encrypt a brief message using my [i]private[/i] key, not the public one. This message can be decrypted by anyone using the [i]public[/i] key. Since anything run through the decryption algorithm using the public key would return gobbledygook if it wasn't encrypted by the proper and true private key, you can be sure I'm me, as long as we're both sure I didn't let anyone else see my private key.

Sorry for the length of this post, I didn't have time to write a short one.


PTX -- no, really. I swear it's me.

... Fuck. FUCK. I meant to hit the "quote" button and instead I hit the "edit" button. I then went and saved the post. DAMMIT. Sorry, Bruce. I totally messed up this BBS. -- ICJ

There's something I don't understand about encryption.

I get that something done with 128 bit encryption would be very difficult to crack. I think. But you're sending a mail to someone with such encryption, they'd need to supply a "key" that unlocks your mail, right? And "key" is pretty much the same as password, is it not? If I am wrong then maybe that's why I don't understand the next part.

If you then wanted to go crack something done with 128 or 64 or whatever bit encryption, why not just try to break the password instead? Isn't that a lot easier? If you can figure out that "pieandcows" is the person's password then you've effectively beaten the encryption, right? And if you don't know it or can't guess it, isn't it much easier to try a list of passwords than anything else?

Please help me. It's cold and I lack knowledge.