[wilhelmtux-discussion] Catering other NGO's (corrected version)

[Dietrich Feist]

Robert Ribnitz wrote:

> - Signing/Encrypting using GnuPG can provide a "secure" channel to 
> voice opinions (I am sure the NSA, and other bodies have ways to 
> decrypt such messages, but the avg. ISP does not). And given the 
> amount of mail circulating, and that even for the NSA "considerable" 
> time (I think, in the order of 10-20 minutes should be assumed), it is 
> unlikely they pick "your" mail.

Certainly not! Even the NSA should not be able to read GnuPG encyrpted
messages unless they have access to your secret key or use a
man-in-the-middle attack. The factorization of large numbers is a
numerically unsolvable problem because the numerical cost rises
exponentially with key length. The rules of mathematics also apply to
secret agencies. :-)

At the current key lenghts of 1024 to 2048 bits for public-key ciphers,
it would take at least decades to centuries to break a single key by
brute force - even if you used all the available computers in the world.

You can safely assume that the NSA cannot read any messages that are
encrypted with state-of-the art encryption algorithms like RSA, DSA or
the underlying single-key ciphers like AES. The US government would
certainly not use algorithms themselves if they knew that a
well-equipped opponent could break them in 10-20 minutes.

Kind regards,

Dietrich