[wilhelmtux-discussion] Catering other NGO's (corrected version)
Dietrich Feist
dietrich.feist at mw.iap.unibe.ch
Mit Mar 26 10:05:36 CET 2003
Robert Ribnitz wrote:
> - Signing/Encrypting using GnuPG can provide a "secure" channel to
> voice opinions (I am sure the NSA, and other bodies have ways to
> decrypt such messages, but the avg. ISP does not). And given the
> amount of mail circulating, and that even for the NSA "considerable"
> time (I think, in the order of 10-20 minutes should be assumed), it is
> unlikely they pick "your" mail.
Certainly not! Even the NSA should not be able to read GnuPG encyrpted
messages unless they have access to your secret key or use a
man-in-the-middle attack. The factorization of large numbers is a
numerically unsolvable problem because the numerical cost rises
exponentially with key length. The rules of mathematics also apply to
secret agencies. :-)
At the current key lenghts of 1024 to 2048 bits for public-key ciphers,
it would take at least decades to centuries to break a single key by
brute force - even if you used all the available computers in the world.
You can safely assume that the NSA cannot read any messages that are
encrypted with state-of-the art encryption algorithms like RSA, DSA or
the underlying single-key ciphers like AES. The US government would
certainly not use algorithms themselves if they knew that a
well-equipped opponent could break them in 10-20 minutes.
Kind regards,
Dietrich