NIST announced that Rijndael has been selected as the proposed AES. What is the AES? From the NIST website -
Quote:
More info - http://csrc.nist.gov/encryption/aes/ Detailed specs on the different proposed algorithms - http://csrc.nist.gov/encryption/aes/round2/r2algs.htm |
Interesting
Just saw this on slashdot and thought it was interesting. Someone asked how feasible it is to brute force attack a 256 bit key. The answer (which is paraphrased from Schneier, Applied Cryptography, Second Edition):
Quote:
|
Like Jeremy, I would hav also chosen TWOFISH as the new NIST standard, and many of my friends would have to...or we ALL might be wrong...
|
The thing to remember is that with an encryption as strong as what we are talking about here the weak link should always be implementation. Is your info guarded 24/7 (even if it is do you pay your guards enough?), do you check for keyboard logging devices, who else know they passphrase (do they have kids?), etc. The point is if you info is THAT important there are probably easier ways to get it than cracking the encryption.
|
an excellent point
jeremy,
Good call..... What you were basically describing in part, as I'm sure you know, is social engineering. Humans are by nature fallable and are driven by things other then pure logic. For instance, if you found yourself in want of someones password, you could try and sniff their network or throw a dictionary at a password file, or you could just call up someone who has their password on file, (ISP, bank, friend etc..) and assuming you have some mastery of the language and are a good liar many times you will have their password handed to you. Heck, a sob story about how this person has just died and you are the one remaining relative who needs access to their email so you can have something to remember them by... who could resist giving you their secret information? As long as humans still have access to someone's private information, it's never secure. |
All times are GMT -5. The time now is 09:24 AM. |