On Wed, 11 Sep 2013, Jay Kline wrote:

> Are they strong? As long as you avoid known bad ciphers (3DES is fairly 
> weak by todays standards) and sufficient key sizes (RSA should be 
> 2048bit and AES 256bit) they are "strong" .  Strong enough to stop the 
> NSA? I wont venture a guess on that- plenty of speculation in the news 
> lately about it.
>
> The NSA maintains two "suites" of algorithms, Suite A and Suite B. Suite 
> A is classified, so we dont really know what is there.  Suite B is 
> publicly released, and is the reference for US Gov't agencies and 
> partners for encrypting various kinds of data.  Sticking with Suite B 
> algorithms is a pretty safe bet that even if the NSA *can* break them, 
> it takes considerable effort to do so, and generally there are no other 
> groups capable of breaking them.


We know that no one, no matter how much computer power they have, can 
break a 256-bit key by brute force.  I don't know if there is a proof that 
there is no mathematical trick to make it easier.  NSA has huge computing 
power for cracking, but some jobs are beyond anything we are likely to see 
in my lifetime.

I am very concerned that our government, or some group working within our 
government, has taken a really bad turn, or maybe we're just finding out 
about it.  It's just that I think that the top Islamic terrorists (isn't 
al Qaeda supposed to be our biggest fear) have really smart computer 
people working for them and they would always have used strong encryption. 
So the NSA efforts seem to me to be more about snooping on everything and 
not about predicting al Qaeda attacks.  Domestic terrorists are probably 
pretty stupid about this stuff, so I suppose they can track them better 
because of their decryption efforts.

Mike