Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Encryption Do People In The Know Use?

Posted by Hemos on from the gnupg dept.

A reader writes "What do cypherpunks in the know recommend for the paranoid types. I'm wondering because of the rising amount of protests. I look and most of these people seem clueless when using the net. Paranoia runs rampant (try taping a protest), yet they use stuff like real, which has been known to violate privacy. So my question is, what would slashdot readers recommend for people who have privacy they actually wish to protect? Are there any good laymen level papers on this?"

7 of 59 comments (clear)

  1. Re:Scheier recommends PGP by FreeMath · · Score: 2, Informative

    For those who like to look a the source, there is GPG.

    --
    This sig intentionally left blank.
  2. Blowfish by PhilBrut · · Score: 2, Informative
    I don't know about other people, but I try to use Blowfish wherever possible.

    Why?
    1. Apprix 3x faster than 3des while
    2. being just as strong as an algorithm
  3. Well we could tell you... by davidu · · Score: 4, Informative


    ...but then we'd have to kill you.

    sorry,
    davidu

    --

    # Hack the planet, it's important.
  4. Scheier recommends PGP by offby1 · · Score: 4, Informative

    Last I checked, Bruce Schneier (in his book Applied Cryptography) recommended PGP.

  5. My Opinion: by Kalrand · · Score: 3, Informative

    Well I have been reading a few webpages and I follow BUGTRAQ and a pgp newsgroup, so I feel I qualify as a Slashdot Expert(tm).

    I'm going to go out on a limb here and assume that you are talking about Email security. If you use windows, you want to use one of the PGPckt builds found at http://www.ipgpp.com These are pretty much the standard in the Windows PGP world, as commercial PGP has gone closed-source and GPG isnt perfect on windows. *nix/*BSD users should use GPG.

    What you want to avoid with the recent PGP's and GPG is an interoperability problem. GPG doesnt ship with IDEA encryption, and that was the standard in PGP for years. It can be added easily, and I suggest you do that. If you do use GPG, please enable all of the PGP compatability options, or it will come back to bite you later. As for choice of algorithm, there is no reason not to use the RSA/IDEA combo that has been used with PGP for years, just boost up the length of your public key to 2048 or so. Oh, and dont bother going past 3000 or so, as that key would be harder to break that the 100(?) byte IDEA key that is actually used to encrypt the message.

    As for computer security, there isn't much you can do asside from patching regularly, reading BUGTRAQ, choosing secure passwords, and never allowing unsecured logins. It also helps if you get to know your system and check up on anything that starts acting different that what you are used to.

    Disk encryption under windows is best done by ScramDisk (found at http://www.scramdisk.clara.net), which is a disk encrypter that whose source code is available online. OpenBSD people should enable encrypted swap partitions, though that may be done by default, I dont know. Linux has several encrypted filesystems. Use One.

  6. Depends on what you're protecting by jd · · Score: 5, Informative
    Rijndael, Blowfish and Twofish are pretty good, all-round algorithms, if you want to secure something you're storing, or sending between one trusted machine and another, over an untrusted connection. They -do- require that you can transfer the key securely, though.

    RSA and Pegwit are excellent public key systems, where it is impossible to safely convey a secret key from one machine to another, or where a secret key could be stolen from a machine.

    For ultra-solid security for archive material, 3DES and Serpent are probably the best. They're slow, but they're very very solid. Nobody is going to be breaking them in a hurry.

    If you're ultra-paranoid, though, you can always take the Square algorithm out of Pegwit and replace it with Serpent, making other changes as needed. Elliptic Curve encryption is faster than classic Public Key encryption, but (so far) it's about as secure.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  7. Dangerous, ill-considered and wrong. by rjh · · Score: 5, Informative

    This is no different from running a cipher in OFB8 mode. Which also happens to generate a long stream of pseudorandom values. Which also happens to be susceptible to cryptanalysis.

    The reason why? Collisions. If the numbers were totally random, you'd expect any given group to repeat itself after a random interval. You don't see that with the output of pseudorandom number generators, or ciphers running in OFB8.

    That tells a cryptanalyst that you're not using random numbers, which means the data wasn't encrypted with a one-time pad.

    And that, my friend, means it's 100% breakable encryption.

    Using a good pseudorandom number generator like YARROW-160 will provide you with 160 bits of entropy. Using a bad pseudorandom number generator, like, say, a cipher in OFB8 mode, is tempting but wrong.

    The reason why is that people naievely believe that "well, if I seed my Blowfish key with 448 bits of entropy--its maximum--then my output will have 448 bits of entropy." Which is true, as far as it goes... but it goes periodic after only 2^32 bits. Or about 512 Mb.

    That means if you fill a CD-ROM with the random-seeming output of Blowfish in OFB8 mode, you'll wind up repeating your output for the last 140Mb or so. And at that point, it's trivial cryptanalysis to recover the original plaintext.

    Short version: if you want to use a one-time pad, you ABSOLUTELY MUST USE REAL RANDOM VALUES, NOT GENERATED PSEUDORANDUM VALUES. If you don't do this, then it's not a one-time pad and it doesn't enjoy the unbreakable nature of a one-time pad.