Groups | Search | Server Info | Login | Register

Groups > comp.security.pgp.tech > #30

Re: Nosey Government

Show all headers | View raw

On 07/08/2013 11:09 AM, Maximus wrote:
> 
>>> Can the government crack PGP or GPG?
> 
> Hey man, I'm a dummy and you must talk to me in dummy terms or I won't
> unnerstand.  Does this mean that the government can crack an email
> encrypted with a 4096bit GnuPG key?

There is absolutely no evidence that the government can crack a 4096 bit
PGP key. None at all. The problem we in the crypo community face isn't
so much the danger of cracking keys but rather the government doing an
end-run around security.

For example: you have a strong 4096 bit key with a good passphrase. That
key is safe. It's not likely to be cracked using current technology;
even what's available to the NSA. However, if you use Windows, there
might be a built in hole that allows the NSA entry into your computer.
So they can come in through that hole, install a keylogger, and get a
copy of everything you're typing *before* you encrypt it.

Aside from influencing commercial companies to deliberately weaken their
crypto systems, this seems to be what the NSA is primarily doing. They
might not be able to break your key but they can 1) get in through a
deliberate backdoor in software or 2) find a side-channel attack on the
underlying algorithm.

Hope this helps.

Regards,
Cypherpunk

Back to comp.security.pgp.tech | Previous | Next — Previous in thread | Find similar

Thread

Re: Nosey Government Maximus <gladiator@thearena.com> - 2013-07-08 09:09 -0700
  Re: Nosey Government "Khelair" <khelair@bismaninfo.hopto.org.remove-z6u-this> - 2013-08-07 11:52 -0500
    Re: Nosey Government Cypherpunk <nobody@nowhere.com> - 2013-09-08 08:36 -0500
  Re: Nosey Government Cypherpunk <nobody@nowhere.com> - 2013-09-08 08:41 -0500

csiph-web