Title: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Jon on March 17, 2012, 01:56:11 PM http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/
From this article, it's clear the main goal of the newest datacenter in NSA's line is to crack high-level encryption. The hardware that will be in this is unclear. What is clear is that the budget for this monstrosity is over $2 billion; more than enough monetary power to bring Bitcoin to hell and back. Stay aware. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Liberate on March 17, 2012, 02:40:53 PM mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt
Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Phinnaeus Gage on March 17, 2012, 02:41:12 PM http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/ From this article, it's clear the main goal of the newest datacenter in NSA's line is to crack high-level encryption. The hardware that will be in this is unclear. What is clear is that the budget for this monstrosity is over $2 billion; more than enough monetary power to bring Bitcoin to hell and back. Stay aware. $2 Billion Dollars!!! That's pretty smart of them to share with our enemies exactly where the nerve center is located if this Cyber Cold War we're currently in ever escalates. From the same source: Google Asks NSA to Help Secure Its Network (http://www.wired.com/threatlevel/2010/02/google-seeks-nsa-help/) ~Bruno~ Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: hazek on March 17, 2012, 02:53:48 PM mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt How vulnerable is pgp and truecrypt to brute force attack by so much hashing power? Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Phinnaeus Gage on March 17, 2012, 03:02:29 PM mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt How vulnerable is pgp and truecrypt to brute force attack by so much hashing power? We're in luck! The NSA will never be able to crack passwords provided by blondes. Quote During a recent password audit, it was found that a blonde was using the following password: "MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento" When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital. http://api.ning.com/files/ekFGRd9Hb*RZu6BIRdsUtgyWBrpam8mbXHbsIAmJMS14xZej9buNR1pV5Q73ktm*iWEBS8dJvc55xh4HC-5sKhGIiRWdm0ec/securedownload.gif (http://www.thisis50.com/forum/topics/the-longest-password-funny?xg_source=activity) Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Killdozer on March 17, 2012, 03:17:40 PM Quote mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt Since they will just have a lot of parrallel processing power, and have not discovered any real vulnerability in those protocols, it seems it will be enough for truecrypt and gpg users to double they maximum key size and be done with it. As I understand it, the difficulty to crack them increases exponentially with longer keys.Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: cypherdoc on March 17, 2012, 03:38:44 PM mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt How vulnerable is pgp and truecrypt to brute force attack by so much hashing power? We're in luck! The NSA will never be able to crack passwords provided by blondes. Quote During a recent password audit, it was found that a blonde was using the following password: "MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento" When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital. http://api.ning.com/files/ekFGRd9Hb*RZu6BIRdsUtgyWBrpam8mbXHbsIAmJMS14xZej9buNR1pV5Q73ktm*iWEBS8dJvc55xh4HC-5sKhGIiRWdm0ec/securedownload.gif (http://www.thisis50.com/forum/topics/the-longest-password-funny?xg_source=activity) ROFLMAO! Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: cypherdoc on March 17, 2012, 03:45:18 PM i'm not an expert by any means in this area but i thought it was interesting the way the article was written.
basically the author says the NSA has the capability to do whatever it wants, whenever it wants, wherever it wants, and to whomever it wants with the additional implication that money is no object. color me skeptical and would appreciate the comments of those whose technical knowledge or connections is up to par to comment on this. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Liberate on March 17, 2012, 03:57:21 PM With traditional bruteforcing cracking would still be unfeasible,
but maybe they have some crazy quantum or side channel stuff we dont know about. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: cypherdoc on March 17, 2012, 03:59:29 PM etotheipi seems pretty well versed in quantum computing and he works in a physics lab in Maryland. you'd think he'd be pretty up to date on this stuff and he isn't worried about that kinda stuff for 10-20 yrs.
Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Phinnaeus Gage on March 17, 2012, 04:18:15 PM etotheipi seems pretty well versed in quantum computing and he works in a physics lab in Maryland. you'd think he'd be pretty up to date on this stuff and he isn't worried about that kinda stuff for 10-20 yrs. Don't tell me that the government and NSA are smart enough to take advantage of that fact by building the infrastructure now to be prepared for quantum code breaking down the road. ~Bruno~ Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: genjix on March 17, 2012, 04:57:29 PM I use 4096 bits for everything, so I'm fine.
Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Phinnaeus Gage on March 17, 2012, 05:01:42 PM I use 4096 bits for everything, so I'm fine. But now I'm going with 8192 bits just to be sure. ~Bruno~ Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Vladimir on March 17, 2012, 06:43:44 PM 2 billion$ for cracking a typical password for anything remotely important
W39aJtv<w50>jcvOBJ20f<J36MDU{skK Should not take more than a few milleanias. Good luck with this. Rubber hoses and predators and bent senators are so much more cost effective than those datacentres. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: MysteryMiner on March 17, 2012, 11:28:12 PM mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt How vulnerable is pgp and truecrypt to brute force attack by so much hashing power? I guess the new NSA datacenter is not for raw bruteforcing but for mining semantic data from all your intercepted e-mails and other unencrypted junk travelling trough internet backbones. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: evoorhees on March 17, 2012, 11:41:01 PM I guess the new NSA datacenter is not for raw bruteforcing but for mining semantic data from all your intercepted e-mails and other unencrypted junk travelling trough internet backbones. +1! Probably far easier and more cost effective to simply find the IP's of most bitcoiners, and destroy all their stuff, set them up on rigged cocaine charges, and put them in prison. That'd be a better attack vector. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: rjk on March 17, 2012, 11:47:45 PM I guess the new NSA datacenter is not for raw bruteforcing but for mining semantic data from all your intercepted e-mails and other unencrypted junk travelling trough internet backbones. +1! Probably far easier and more cost effective to simply find the IP's of most bitcoiners, and destroy all their stuff, set them up on rigged cocaine charges, and put them in prison. That'd be a better attack vector. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: mb300sd on March 17, 2012, 11:52:13 PM I always use the maximum key size possible, usually 8192 or 16384... Takes a while to generate, but I never notice a difference when I'm actually using them.
Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: deepceleron on March 17, 2012, 11:55:43 PM They are creating a neural net to model your brain. Once it achieves consciousness, they can just ask it what password you would have used.
Hrm... "According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. " Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: MrTeal on March 18, 2012, 12:15:59 AM You would think that if the endgame was to bring down BTC, they could do it much cheaper than $2B.
Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: maaku on March 18, 2012, 12:33:43 AM A far more likely use would be a fishnet over GSM-encrypted phone calls in realtime.
Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: rjk on March 18, 2012, 12:35:39 AM So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun?
DISCLAIMER: I'm drunk, so don't take me seriously. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: ctoon6 on March 18, 2012, 01:35:22 AM Ill say what i always say again, its a good idea to keep your data both secret (keep it away from prying eyes) AND encrypted. sometimes both are not possible, but you should try when you can.
For example, bitcoin, this is almost never possible because by design, you give out your public key. However, secret documents and messages can be both secret and encrypted. You only give the encrypted data to whoever needs it. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: Jon on March 18, 2012, 01:54:54 AM So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun? DISCLAIMER: I'm drunk, so don't take me seriously. Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist. See you in indefinite detention. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: rjk on March 18, 2012, 02:05:33 AM So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun? DISCLAIMER: I'm drunk, so don't take me seriously. Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist. See you in indefinite detention. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: deepceleron on March 18, 2012, 04:03:32 AM So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun? DISCLAIMER: I'm drunk, so don't take me seriously. Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist. See you in indefinite detention. Now you are: dirty bomb plutonium palestine abduct anthrax yemen al queda jihad plane truck train liberate occupy Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: legolouman on March 18, 2012, 04:14:09 AM So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun? DISCLAIMER: I'm drunk, so don't take me seriously. Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist. See you in indefinite detention. Made possible by the nearly unnoticed NDAA! Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: runeks on March 18, 2012, 09:16:29 AM Quote mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt Since they will just have a lot of parrallel processing power, and have not discovered any real vulnerability in those protocols, it seems it will be enough for truecrypt and gpg users to double they maximum key size and be done with it. As I understand it, the difficulty to crack them increases exponentially with longer keys.I use 4096 bits for everything, so I'm fine. Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!).Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: ctoon6 on March 18, 2012, 07:38:40 PM Quote mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt Since they will just have a lot of parrallel processing power, and have not discovered any real vulnerability in those protocols, it seems it will be enough for truecrypt and gpg users to double they maximum key size and be done with it. As I understand it, the difficulty to crack them increases exponentially with longer keys.I use 4096 bits for everything, so I'm fine. Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!).Once you get to that point, you can just hash the part you remember and use the hash as the password. The part you hash would still need to be strong, and it would force the cracker to either, use hashed values, the actual values, or both. We could also go the route of using patterns instead of characters. The red dots are places where red dots on other shapes "lock". The basic idea is that you would be making a vector object, then use that code as the password. Again these are vector objects, so size does not matter. all that matters is that the correct shapes are connected correctly in the right orders, etc.. http://img560.imageshack.us/img560/6154/vectorpassword.png Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: runeks on March 19, 2012, 01:13:41 AM Quote mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt Since they will just have a lot of parrallel processing power, and have not discovered any real vulnerability in those protocols, it seems it will be enough for truecrypt and gpg users to double they maximum key size and be done with it. As I understand it, the difficulty to crack them increases exponentially with longer keys.I use 4096 bits for everything, so I'm fine. Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!).Once you get to that point, you can just hash the part you remember and use the hash as the password. The part you hash would still need to be strong, and it would force the cracker to either, use hashed values, the actual values, or both. We could also go the route of using patterns instead of characters. Interesting idea about using shapes to gain entropy. Though I have a hard time figuring out how much entropy this actually provides. Title: Re: The Biggest Threat to Bitcoin: The New American NSA Datacenter Post by: MysteryMiner on March 19, 2012, 01:14:36 AM Quote 256-bit should be fine for a while yet, but in 10 more years it may also be breakable, if you have a 2 billion dollar budget. 256-bit is not two times stronger than 128-bit. The strength of encryption grows exponentially, not linearly. 256-bit with current computing technologies and more's law might be safe for more than 10 or probably 200 years. It might be safe till the end of time.Quote NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. " So the TripleDES is finally broken? Or Blowfish, or SHA-1 hash function? What is complex encryption scheme? Some Rube-Goldberg encryption using data destruction and outdated ciphers or TrueCrypt? TrueCrypt is actually not so complex at all, in terms of usability and ease-of-use. This statement by incomptetent spokesperson makes no sense at all to me.Quote A far more likely use would be a fishnet over GSM-encrypted phone calls in realtime GSM is no encryption at all, it is merely a obfuscation. NSA and any government agency can listen at will, they already have copies of GSM encryption keys and direct access to operator's infrastructure. Maybe using voice recognition and data mining all conversations nationwide is one of the purposes?Quote I'm drunk, so don't take me seriously. In some countries being drunk while committing crime (such as telling it will be good if someone nuke arseholes in NSA) is going to ad additional years to sentence.Quote You just got every person in this thread on a domestic terrorist watchlist. I'm located in Eastern Europe and I have veiled Arab man in my avatar, now I'm a foreign terrorist! :D Nuke with dirty Iranian nuclear bomb the capitalist terrorists and abduct CIA president while sniffing train of anthrax letter cocaine and buy Rolex replica watches cheap! Sh*t, that smoke was a strong one!Quote NDAA Is it something similar to MDMA? I will visit Silk Road to find out more :DQuote Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!) The password in GPG is used to protect the private key in case if the file containing key is fallen in hands of enemy. It is not related to quality of the keypair. If enemy only have your public key, the quality of the password protecting your private key does not matter. Only the source of randomness is important, and computers are known to be poor at generating truly random data without hardware random number generator.Where passwords are the weakest link, they must be strong and random. In 1 month average human can remember password containing 30+ ASCII characters. |