NSA Building US's Biggest Spy Center 279
New submitter AstroPhilosopher writes "The National Security Agency is building a complex to monitor and store 'all' communications in a million-square-foot facility. One of its secret roles? Code-breaking your private, personal information. Everybody's a target. Quoting Wired: 'Breaking into those complex mathematical shells like the AES is one of the key reasons for the construction going on in Bluffdale. That kind of cryptanalysis requires two major ingredients: super-fast computers to conduct brute-force attacks on encrypted messages and a massive number of those messages for the computers to analyze. The more messages from a given target, the more likely it is for the computers to detect telltale patterns, and Bluffdale will be able to hold a great many messages. "We questioned it one time," says another source, a senior intelligence manager who was also involved with the planning. "Why were we building this NSA facility? And, boy, they rolled out all the old guys—the crypto guys." According to the official, these experts told then-director of national intelligence Dennis Blair, "You’ve got to build this thing because we just don’t have the capability of doing the code-breaking." It was a candid admission.'"
Re:a thought (Score:1, Informative)
Yes, you could, but it would be useless. You would then have to transmit the new key to your recipient for every message. If they can intercept the message, they would get your keys also.
Anyway AES is public key encryption. I think you meant passphrase, not key. In any case, the same problem applies.
What you are getting at is called a one-time-use pad. It is pretty much the most secure form of protection, but also very unwieldy for Joe Everyman.
-d
Re:How many bits? (Score:5, Informative)
How many bits should we use for encryption now?
If you assume peak computing power is doubling ever n years, they you need one more bit every n years to keep ahead.
And of course, whatever you use now will be breakable in the future, if anyone cares to save your messages until computing catches up.
NSA history and modern crypto's impact upon it (Score:3, Informative)
The whole we-can't-break-codes-anymore story is told in
http://www.amazon.com/Coded-Messages-Hoodwink-Congress-People/dp/0875868142/ref=sr_1_1?ie=UTF8&qid=1331918025&sr=8-1
Coded Messages: How the CIA and the NSA Hoodwink Congress and the People
by Nelson McAvoy, former NSA person, who claims to have been at the early meetings from when the NSA was formed.
Re:a thought (Score:5, Informative)
Anyway AES is public key encryption.
AES is a symmetric-key algorithm.
Re:Brute force.... (Score:2, Informative)
All the hand-wringing is because certain politicians are upset that we're not stealing all of it from the haves.
FTFY
Re:Intelligence pays for itself (Score:5, Informative)
Re:How many bits? (Score:4, Informative)
There's no way they can crack AES-128 unless there's a hole in the algorithm or they have quantum computing.
Current best practices are:
1) AES-128 to AES-256 for symmetric keys (although AES-256 has its own problems which can sometimes collapse it to AES-128 - these are ameloriated by increasing the key rounds)
2) 2048-bit to 4092-bit for RSA keys (2048 may be breakable by 2030 with conventional computing, 4092-bit will take much longer).
If quantum computing becomes feasible then AES keys will effectively halve in complexity (i.e. AES-128 goes to 64-bit, AES-256 goes to AES-128) and RSA and DSA keys will be useless.
Re:One Time DVD or SD anyone? (Score:4, Informative)
See http://en.wikipedia.org/wiki/Number_stations [wikipedia.org]
Using an image has problems in that they are not random, so are subject to analysis. If you stripped the headers, and used an "image" of captured static, it might be good enough, but almost anything organic like a photo of a tree, will have patterns in it.