How long will existing encryption last?

[Voland.V]

To summarize all of the above:

1. A conditional hacker does not need to have a quantum computer to carry out attacks. The problem is that companies (and there are more than 5) that own a quantum computer give it to anyone over the network.

2. Cryptography on elliptic curves, with a key length of 256 bits (this is a blockchain bitcoin) to crack, even by brute force attack (this is a method for a monkey man, a person without thinking, which everyone fears most, why?), Is easier than symmetric a system with the same key length a huge number of times, I can’t even write this number down here.

3. Cryptography on elliptic curves is the most controversial system of all about which at least something has been written. It has long been banned in serious matters.

4. There is a large class of weak elliptic curves. Did you check those elliptic curves on which you made your digital signatures on the blockchain? I’m sure it never occurred to you.

And those who standardize and recommend them are themselves interested in having access to your secrets. Do you catch a thought?

5. The opinion of specialists in this field of knowledge.
An international team of researchers led by Divesh Aggarwal of the Singapore Center for Quantum Technology.

They argue that the algorithm for creating a digital signature based on elliptic curves may become vulnerable. The real threat, in their opinion, can be expected by 2027.

6. The opinion of other specialists.
In March 2019, the head of the IBM blockchain direction Jesse Lund also warned about the likelihood of a threat to both the cryptocurrencies themselves and the involved cryptography methods.

“Through reverse engineering, you can achieve private keys that provide access to wallets.” I think this is a real and substantial threat. Bitcoin is a public registry. Thus, you can see on which wallets the largest balances are stored, and then attack them, ”he said.

Lund also noted that over time, the threat posed by the quantum computer will become more urgent. In particular, he emphasized, in the future, quantum computing will be able to calculate private keys using public keys as a template. Thus, according to him, more than half of the existing blockchain systems will be susceptible to this threat.

7. The opinion of experts.
Associate Professor of the Financial University under the Government of the Russian Federation Vladimir Gisin believes that quantum computers really pose a certain threat to decentralized systems, blockchains and cryptocurrencies. According to him, the bitcoin blockchain risks being hacked when 100-qubit quantum computers appear.
He also suggested that there may already be successful mechanisms for hacking the Bitcoin blockchain, but nothing is known about them, because their authors do not want to disclose their knowledge.

“All Bitcoin security is based on some hypotheses that are not fully tested. For example, on the hypothesis that forgery of a signature on a bitcoin network is computationally unrealistic with modern computing power.

But this is a hypothesis.

8. David Chaum, the “godfather” of the cipher bank movement and creator of the first anonymous electronic currency eCash, did not ignore the danger of quantum computing. In particular, he emphasized the importance of urgent development of quantum-resistant protocols.

We have no way of knowing how far states have progressed in creating quantum computers.

Government organizations have repeatedly cracked codes and gained access to unprecedented cryptographic capabilities for many years, but no one suspected this.

Already, the crypto industry must change approaches and work closely on the creation of sustainable mechanisms and technologies, - Decrypt quotes Chauma.

[1713970871]

1713970871

[1713970871]

1713970871

[1713970871]

1713970871

[Voland.V]

Although there is a danger to the blockchain, it is still theoretical, expected in the future.
But there is a danger of today, proving in which unsafe world we live, proving the shortcomings of old key and password technologies.

Here is just one example from the press, read a couple of days ago:

"Specialists found on the Web a database with unencrypted email addresses and passwords for more than 1 billion users. Most of the data was a leak put up for sale by a cybercriminal under the pseudonym DoubleFlag in early 2017."

[Polar91]

Although there is a danger to the blockchain, it is still theoretical, expected in the future.
But there is a danger of today, proving in which unsafe world we live, proving the shortcomings of old key and password technologies.

Here is just one example from the press, read a couple of days ago:

"Specialists found on the Web a database with unencrypted email addresses and passwords for more than 1 billion users. Most of the data was a leak put up for sale by a cybercriminal under the pseudonym DoubleFlag in early 2017."

It is just in a matter of regulation that each website should follow. I believe that in most countries they have their regulation and also for integrity purpose of each sites, they need to hash or encrypt all the information that is critical for the users. There is already been a wide span of choice for them to choose, there are many hashing algorithm that they could use, even a very easy one which is the MD5 is already good, but if they could use stronger algorithm such as SHA256 then sites will be reputable and information would be safe and secured.

[Voland.V]

Although there is a danger to the blockchain, it is still theoretical, expected in the future.
But there is a danger of today, proving in which unsafe world we live, proving the shortcomings of old key and password technologies.

Here is just one example from the press, read a couple of days ago:

"Specialists found on the Web a database with unencrypted email addresses and passwords for more than 1 billion users. Most of the data was a leak put up for sale by a cybercriminal under the pseudonym DoubleFlag in early 2017."

It is just in a matter of regulation that each website should follow. I believe that in most countries they have their regulation and also for integrity purpose of each sites, they need to hash or encrypt all the information that is critical for the users. There is already been a wide span of choice for them to choose, there are many hashing algorithm that they could use, even a very easy one which is the MD5 is already good, but if they could use stronger algorithm such as SHA256 then sites will be reputable and information would be safe and secured.

------------------------
Perfect is true. Password hashing - this should be the standard. But this is only a partial way out. After all, stealing the password hashes themselves makes the same sense for a hacker as visiting the passwords themselves.


Let's think about it.

1. If the site "knows" only the password hash, and not the password itself, then in general the hacker is completely satisfied with it, it uses a hash that knows the site as a "password" and will be satisfied;
2. If you need to extract the password itself from the hash, for example, for interest (after all, the site does not know the password, because the hash is not reversible, it is not encryption), then the hashing algorithm does not protect the password as we need.
It is selected easily, by software brute force, very quickly, because the hash functions you have chosen are very fast. It is easy to work with them to the cracker. This is an example of an attack when only a hash is known.

Moreover, a complete search is not necessary. One out of 1000 people has a password that looks like a random set of characters in an amount of more than 15 pieces. Everyone else has a password and is shorter than 15 characters and not a random character set.

And such passwords are easily cracked, if you ask how - I will give a link to a program that is absolutely legal, for those who have "forgotten" their password. So it is advertised.

The only protection against theft of passwords and keys is passwordless authentication and its derivative - keyless cryptography.


Who is interested here:
https://bitcointalk.org/index.php?topic=5204368.0

And the team that took up this is here:
https://toxic.chat/

[Dabs]

Has anyone cracked 4096 bit RSA public key encryption, the same one available to use in GPG?

Has anyone cracked 2048 bit RSA encryption for that matter?

As far as I am aware, the largest RSA that was factored is 795 bits, in November 2019. The CPU time spent on finding these factors amounted to approximately 900 core-years on a 2.1 Ghz Intel Xeon Gold 6130 CPU.

However, we are talking about eliptic curves here, so the situation is a bit different. I am merely responding to the OP's title.

128 to 256 bit symmetric encryption will not be broken in a very long time, so that's not an issue.

[Youghoor]

Encryption has always existed since the creation and existence of this universe we find ourselves and been modified as years go by. So to answer your question ' How long will existing encryption last', the duration of the existence of a particular encryption will depend on how frequent the people or group that developed the encryption modify their encryption as the technological world keeps advancing.  The duration of every encryption depends solely on how its been modify to suit the current state of its ecosystem.

[Voland.V]

Has anyone cracked 4096 bit RSA public key encryption, the same one available to use in GPG?

Has anyone cracked 2048 bit RSA encryption for that matter?

As far as I am aware, the largest RSA that was factored is 795 bits, in November 2019. The CPU time spent on finding these factors amounted to approximately 900 core-years on a 2.1 Ghz Intel Xeon Gold 6130 CPU.

However, we are talking about eliptic curves here, so the situation is a bit different. I am merely responding to the OP's title.

128 to 256 bit symmetric encryption will not be broken in a very long time, so that's not an issue.

-------------------
Unfortunately, you confuse the path of the monkey - this is hacking the system with brute force attack and the path of an intelligent person, the path of cryptanalysis is the mathematical solution to the problem of factorization and hacking RSA.

Quantum computing - just as everyone sees it as a monkey path, as a brute force attack.
But you can go through analysis, even with a quantum computer.

4096-bit RSA keys are easier than 96-bit keys in AES.
Keys in AES less than 128 bits are not used anywhere.
Why so? Because it breaks.

In symmetric systems, the method of comparing plaintext with a ciphercode is a difficult task, you need to have a lot of text, you need to think a lot to calculate the key.

In asymmetric systems, a cryptanalyst always has any amount of plaintext, encrypted text, and the public key is known. The cryptanalyst himself will write any amount of material for analysis - after all, the public key is not hidden. See the difference?

Do not think that someday you will know the mathematical methods of hacking. Why would they tell us about this?
These are big secrets.
Cryptanalysis is a weapon, opening a cipher is a victory.

That was the whole story.

 This is a tool that can get a lot of valuable prizes if it remains a secret!
Cryptanalysts live secretly, lead a double life, and are guarded very well.
Why?
Why don't any serious organization use asymmetric cryptography? Because it is a household system, today it is forbidden to use it in important issues. And only symmetric systems are allowed.
No one will make themselves difficult in life just like that.
Do you agree?

It means that they know something, but they are silent.

Who knows - he is always silent. But we can observe and draw conclusions.

Post-quantum cryptography is actively sought after. But they can’t find it yet!

There were cases when the post-quantum system was actively offered, everyone clapped their hands, and then cryptanalysts worked - and the system was withdrawn from the competition.
This is far from an isolated case! This is the path of cryptanalysis.

By the way, the path of a monkey (brute force attack) in post-quantum cryptography is generally not possible even after hundreds of years, even by all super-quantum computers combined. The keys are different in different systems, but keys with a length of 38.64, 256 thousand bits (and not just a bit) are not uncommon there. There are even megabytes - and this is not the limit.

So no one sees the danger of brute-force attack as a danger. Neither today nor tomorrow.

Therefore your example: "As far as I am aware, the largest RSA that was factored is 795 bits, in November 2019." - nothing more than a distracting maneuver from the problem.
      
Why did they chase new asymmetric systems, if you can simply increase the key length in the same RSA?
A system in which there are principles of factorization or discrete logarithm in the fields of numbers of any magnitude are not considered at all !!! Generally.

Everything, RSA time is over. This is the rudiment that smart people fear.

Why? What was so bad about our asymmetric household systems today?
That’s why, for which there is only one answer - any modern asymmetric system is an ear on clay feet!

[seoincorporation]

i think the current encryption should work for the next 10 years, and no more because with the new quantic computers our lovely sha256 will be obsolete. Encryption should grow at the same rate the technology grows. That's the only way we could walk in a secure way.

[Dabs]

It is distracting, but it was a challenge as well that offered cash prizes. Today, people break it for the pride and honour or some other good feeling.

It's not the encryption itself but maybe the implementation, but in so far as I have heard, 2048 RSA keys are beyond reach from most governments or large private entities that have the capability to even attack it, so 4096 is something that we should be comfortable with for personal correspondence.

Any new factorization techniques discovered will get published and we will all know how to use it, or if it's even usable at all.

128 bit AES was used in a few applications, but I believe they all eventually upgraded to 256 bit AES or offered other algos to choose from.

I don't confuse between your so called monkey brute force and intelligent social engineering, as I've always used the second method if I needed to get into anything. It's always much easier to attack the user or the person than it is to attack the encryption system, which we all know is impervious to anything but brute force.

[Voland.V]

It is distracting, but it was a challenge as well that offered cash prizes. Today, people break it for the pride and honour or some other good feeling.

It's not the encryption itself but maybe the implementation, but in so far as I have heard, 2048 RSA keys are beyond reach from most governments or large private entities that have the capability to even attack it, so 4096 is something that we should be comfortable with for personal correspondence.

Any new factorization techniques discovered will get published and we will all know how to use it, or if it's even usable at all.

128 bit AES was used in a few applications, but I believe they all eventually upgraded to 256 bit AES or offered other algos to choose from.

I don't confuse between your so called monkey brute force and intelligent social engineering, as I've always used the second method if I needed to get into anything. It's always much easier to attack the user or the person than it is to attack the encryption system, which we all know is impervious to anything but brute force.

_------------
Everything you write has its basis. At the household level, it's a solid, well-founded position. For example: "I have never heard that..." ...
Perhaps not everything can be heard, not everything is said. But there are words that experts, mathematicians, cryptanalysts say. You can find them if you are creative in this matter. You can check the facts that RSA is never used in serious cases. And only a notebook, a notebook for clothes, a Vernam cipher, the only cipher with Shannon's proven absolute resistance to hacking. You don't have to hear or know any of this, you don't have to worry about it, you don't have to check my words. It is possible not to develop and not to think.
Here's how to answer the question: why are they looking for completely different encryption algorithms, rather than increasing the length of the key in the existing ones, in RSA? If RSA is reliable, does not give in to the mathematical analysis why the given kind of encryption, in all its variants - anybody except us inhabitants is not necessary?
How break postquantum systems if there length of a key 512000 bits? And there is no quantum computer. And they are broken how? Let's make a key in RSA as a milker not 4096 bits, but 521000 bits and we will quietly use it. Why do we need new postquantum encryption systems? Why from hundred candidates, have chosen 10 but none have chosen finally? Maybe they forgot about RSA-4096, which is resistant to hacking?

[Voland.V]

I have never heard that quantum computers can pose any danger to the hashing function in the version SHA-256.

As far as I understand the principle of unidirectional cryptographic algorithms, they are fundamentally different from the mathematical techniques used in asymmetric cryptography.

Therefore, the stability of SHA-256 is in the same segment (but not similar) as the stability of AES-256.  And the stability is not only and not so much to the attack of brute force, but above all to attacks using cryptoanalytic methods.

If RSA-4096 with a longer key length, or cryptography on elliptical curves, or any other asymmetric cryptography, which is based on unproven mathematical hypotheses, assumptions, would be dangerous for quantum calculations only in view of the danger of a brute force attack, no one would look for alternatives to the existing asymmetric systems. And simply increase the length of the key to any desired size. This is especially true for cryptography on elliptical curves.

But no. No new systems with these (or similar) mathematical assumptions are considered at all.

It happens because if the cryptanalysis has already found or will find a solution for these systems, the length of the key will not matter.

I didn't come up with that, I'm just telling you in my own words what I've heard from the world's leaders in cryptography science.

Now the question is.
Why is the length of the key, if an asymmetric system is hacked, irrelevant? It will be the same method of hacking with any key length!

Think about why this is so in RSA and not in AES.

By the way, our good old AES-256 (not even 512) is left by NIST as the main method of symmetric encryption in the post-quantum era.
Why?
Maybe we should keep up with the times and come up with something new?
Why, in post quantum encryption systems, keys with the size of 32 000 bits and much more - with time, it turns out, are cracked (!) and dropped out of the list of candidates?
Maybe they forgot about super-reliable RSA with the key length as much as 4096 bits?
Or they've forgotten about the ECC-512 (blockchain), so reliable that people have moved their capitals into this cryptography. And how many of these daredevils are there? Who knows...

Who knows the answers to these questions?

[Artemis3]

It will take a long ass time before Google hits the sweet spot for cracking the algorithm. Heck, our lifetimes may not be enough to see the light at the end of that said tunnel. Needless to say, bitcoin's current encryption is still good to go and is currently quantum resistant by any means. Also, there's no way large companies such as Google will ever use their quantum computers on doing such, and may just use the tech into something else, especially theoretical modeling and running simulations of other important things.

Basically they are bound to obey the regulations about their quantum computer development. It will not be allowed and will be restricted that they use their technology to specifically compromise the cryptocurrency. In the first place, even us who are using just generic classical computers are also bound to follow the regulation about hacking and compromising a system. There are different Data privacy laws per country and there are also anti cyber criminal laws. What more if the company is like google or ibm, who are a leading company in computer technologies.

----------------------------------
Yes, this is so ... Organizations building their quantum computers - always operate within the framework of the laws of their country. I also don’t think that the blockchain protocol can be attacked by these quantum calculations.

But there is a danger of cryptography if the possibility of quantum computing is provided to the public, but they are provided.

Our entire digital life, security, is first of all cryptography. If it disappears, all our secrets will disappear. This is more dangerous than the blockchain itself.

Break down, become dangerous - even the Internet transport protocols, which now allow us to conduct operations with bitcoin !!!

1. Quantum computers are only a single occurrence today; approximately 5 companies have announced this loudly. But tomorrow it will become a mass phenomenon. For the reason that the mechanism for improving quantum computers has been launched. I read the latest news and I did not like them. Progress is very rapid. It is possible that in 10-15 years, quantum computers will be in our homes.
We can even conclude a bet.

2. The same Google company paid fines to the European Union for violating the laws of the confidentiality of user data. Moreover, the Google company, and not only it, didn’t do anything by accident. Therefore, it is not necessary to think that only angels work there.

3. And who will forbid companies to create quantum computers in countries or in places where laws are completely not as liberal as in other countries? The world is moving towards a separation of interests rapidly. And breaking laws is becoming more profitable. And our governments are becoming more irresponsible.
 
The disappearance, compromise, of our cryptography is a disaster for all Internet users!

I think we have to look history to have a very educated guess as the way this will develop.

You see, classic computers started as large beasts only able to be built and own by the government (military) and later some large entities like banks.

Yes there are rules, yes the first few ones will be closely monitored, but as time passes, technology improves, more will be built. Next stage is academia, for you know, research and serious use... And there you get students.

The very first video games were written in such institutional computers. Certainly not for what they were primarily intended for... Also the first "hacks" and worms were coded in these types of shared use computers, back when it was impossible to personally own one (before the 70ies).

This is the same that is happening to Quantum computers. They are giant monsters and can only have tens of qbits. But that is today, not tomorrow. I don't know about "home", but i think in 10 to 15 years, some more quantum computers will exist, and they will get to education because its needed for them to be used in the first place.

Once they start getting into private hands and academia, you can guess that the first attempts at cracking classic crypto will be made, perhaps in secret. I frankly don't know if the very first users (the intelligence agencies) will try something against Bitcoin, just as proof of concept, or perhaps trying to do some operation against some target that happens to own bitcoin or so. It would be interesting to know what the NSA thinks of this, but its probably something that cannot be revealed in public.

If i were to guess, they will go after communications first, and then slowly privately break their way into everything else.

Remember that by the time quantum computers become personal, possible to own by individuals, the solution to this issue comes as well. I wouldn't be surprised if that would be the first reason to own one, to use quantum encryption.

The dangers lie in the period from this very first early primitive institutional machines, to the point were they "reach home". Maybe we won't be alive to witness it, but that is no reason to not consider the issue and plan ahead.

I also believe, that there will be a period of silence, when the real nasty stuff starts occurring. Also look at the international level. Why would Google go it AND tell you? If anything, they will want to have something to sell services to the NSA (like they currently do with data mining). That could be renting the computer, or having them commissioned to build one for them, etc. This is pretty much a given, contract might be given to IBM or someone else, i wouldn't be surprised if that's what they are actually racing for (and i bet they both will be contracted anyway). And these come with their respective gag order, don't expect them to announce it.

"Oh, we have 100 qbit, o we have 300 qbit, oh we have 1000 qbit... silence". Then China announces 100 qbit, Russia announces 50 qbit, etc...

Just look at how classical computers evolved, how much memory they had, what storage device (if any) and what capacities. The very first Hard drive was 5mb and the size of a refrigerator, iirc it didn't even use 8 bit but 7 or 6 (forgot). Go back in time, and think what the people then thought it would take for computers to have more storage, or ram.

You laugh now but the infamous Xerox from Palo Alto (where both Apple and Microsoft copied the GUI ideas from) had only 3k of ram. It was a novel concept ahead of its time, because it also was "personal" of sorts, you only needed a large desktop rather than a whole room or building to set up one, it was meant as the office desktop computer that the world would see a decade or two later. Try to watch the videos of some restored ones on youtube. They had no "computer desktop" only gui in programs you start from console as ram was too limited...

So in the 70ies the board from Xerox, despite having their own R&D literally inventing the future, paid no attention. This is similar to the current attitude some people have today about quantum computing. There are things being conceptualized today, that will require them.

Quantum communications also have the ability to break (or tell) if spied upon. The mere observing changes the state, so if a third party sniffs, its caught upon instantly, or more accurately, the data becomes corrupted. Try to think the implications of this...

And yes there are many kinds of things that would take years to solve that could be theoretically possible to do in minutes with them, and there will be new things to do as well, including quantum crypto.

[Voland.V]

I agree with all the above. But once again, I want to turn the conversation the other way.

The danger of quantum computers is conditional, even with the rapid development of this industry.

And the danger of cryptanalysis for cryptography on elliptical curves is already present, even yesterday. It was already at a time when no one had ever announced their intention to build this technological quantum masterpiece.

Let's think together, how to explain what happened.

The facts:

1. NSA is buying every single patent from the creators of elliptical cryptography.
(detailed in my topic by clicking here:
https://bitcointalk.org/index.php?topic=5204368.0.
December 4th post, second in line, check it out.)
 
2. Everyone is agitated for this new kind of asymmetric cryptography, because of the very strong reduction in key length relative to RSA with the same level of reliability.

3. Then, NSA orders a new ECC cryptography study from British mathematicians, for money.

4. Time passes, and in 2016 Toronto will bring together all the leaders of encryption and cryptanalysis and all the heads of the most important intelligence agencies in the Western world.
What for?
British mathematicians make a report on the ECC, which disappears from all available sources that publish not only materials on the subject, but even from the sources where the reports of these mathematicians were published personally.

5. The NSA makes a reversal and urgently recommends everyone to go back to RSA cryptography but with a key length of at least 3000 bits. Miracles.

The most unexpected thing is the secrecy mode. It's come to the point where even the creators of the ECC, from whom the patents were bought, have not been informed of the reasons for refusal.

6. NIST (USA) standardizes elliptical curves, which are later recognized as weak and unreliable by external researchers. Why would NIST do this? Who knows, is silent.

And we are left to conclude that there will be quantum computers of 100 cubic meters (this is enough, according to specialists from IBM, look above my posts) or not, the main danger for us will come from cryptoanalysts.

Therefore, we closely observe, distrust and draw conclusions.

For example, how many post quantum encryption systems have been rejected is a lot.
Were they cracked by a quantum computer? - NO!
And how were they broken?

In all post quantum encryption systems, the key length is not available (even in the distant future) to any quantum computer. The keys to these systems are huge, from 32,000 bits to 2,000,000 bits.
And by what methods were they discredited and removed from the list of candidates?

The truth is, they've been broken without any quantum computing. And these systems are more complicated than RSA!
That's what I suggest you think about.

Apart from the monkey road, there's another one.

By the way, did you know that Darwin never said or wrote anywhere that man was descended from an ape!

He never thought so. He wrote openly what he thought.
And we, as monkeys, are told that Darwin claimed that man was descended from a monkey!

So until we see what's really going on with cryptography, or rather has already happened, we will remain monkeys who will be afraid and argue about the quantum computer. 

Let's take a broader look at this problem.
The brute force method is not so dangerous.

Darwin, I've always said that man is descended from a human monkey, not a monkey - it turns out they are completely different animals.

Our ancestor is still being dug up, but they can't find him yet. And everyone needs him as proof of that theory...
Or as proof that we're not monkeys?

[Voland.V]

We ask ourselves the question, who cares about our safety?

Who cares about making sure our cryptography is reliable?

Is there anyone who will tell us that this cryptography can no longer be used?

These are questions from the same logical series, the continuation of which is the question of "How long will existing cryptography last"?

We tend to trust authorities, big world companies. Our psychology is organized in such a way that we believe big and strong, we think that they are very concerned about their authority and, therefore, about their users.

But how to treat us, the ordinary consumers of cryptography and other means of protection, the actions of world industry leaders, given this example:

"Two months after security researchers unveiled a new way to listen to Amazon Alexa and Google Home users talk, the same researchers found that Amazon and Google never fixed the problem.

Back in October 2019, Security Research Labs (SRLabs) demonstrated how smart assistants can be used by criminals to eavesdrop on conversations, phishing and password theft.

But as of December, nothing has changed!

This was reported by SRLabs Managing Director Karsten Nohl.
https://srlabs.de/bites/smart-spies/.

What conclusions can we draw from this?

[Dabs]

There are other things to consider, encryption is just a tool. I was (still am) in the military, so top secret communications are dealt with differently, but as an officer, I wouldn't mind using 4096 RSA. However, since I do have physical contact with most of the operators in the field, then it would be fine to also just use AES256 and use shared keys that they keep. (as opposed to one time pads, which was the traditional way of communicating with field agents.)

Of course, that would mean said agents need a computer and can no longer decode by hand, but they should be resourceful enough to have them available from regular consumer hardware, or bring it with them in the form of some small device like a smart phone or small laptop.

They also frequently use unencrypted radio anyway, so they have codes as well for that.

[Voland.V]

There are other things to consider, encryption is just a tool. I was (still am) in the military, so top secret communications are dealt with differently, but as an officer, I wouldn't mind using 4096 RSA. However, since I do have physical contact with most of the operators in the field, then it would be fine to also just use AES256 and use shared keys that they keep. (as opposed to one time pads, which was the traditional way of communicating with field agents.)

Of course, that would mean said agents need a computer and can no longer decode by hand, but they should be resourceful enough to have them available from regular consumer hardware, or bring it with them in the form of some small device like a smart phone or small laptop.

They also frequently use unencrypted radio anyway, so they have codes as well for that.

_-------------
My clarifying question to you, if you are allowed to answer:
- why can't you use RSA-4096 to create and generate shared keys that are used for symmetric encryption?
No computer?

Because it is convenient and considered secure. The keys are created via RSA, and the secret information is encrypted via AES.

In this case, the keys for AES can be constantly changed by the double ratchet of Mackley Marlinspike, as in E2E.

[Voland.V]

There are other things to consider, encryption is just a tool. I was (still am) in the military, so top secret communications are dealt with differently, but as an officer, I wouldn't mind using 4096 RSA. However, since I do have physical contact with most of the operators in the field, then it would be fine to also just use AES256 and use shared keys that they keep. (as opposed to one time pads, which was the traditional way of communicating with field agents.)

Of course, that would mean said agents need a computer and can no longer decode by hand, but they should be resourceful enough to have them available from regular consumer hardware, or bring it with them in the form of some small device like a smart phone or small laptop.

They also frequently use unencrypted radio anyway, so they have codes as well for that.

--------------
Yes, another question, if I may, you mention:
"...they also often use unencrypted radio, so they have codes for that."

Does that mean they use disposable paper books with codes? Once they accept the code, they use one page of the notebook.  The second time I took the code, the second page of the notebook. Is that it?

If that's true, it's a disposable notebook system, basically Vernam's class encryption. It's the most secure kind of encryption available today.

Not only that, it's the only type of encryption that is absolutely reliable of all the encryption systems that ever existed!
It is the only system for which the Shannon theorem of absolute reliability was proven back in 1945.

To change this system to RSA with any length of key is a loss of reliability. In addition, everything that is encrypted by the RSA system is carefully written down because there is a public key, which means that sooner or later everything will be decrypted.  And why allow that?

So your way of working is the best and most reliable. I think it is.

[tartibaya]

Blokchain encryption is too strong. This is an important issue for security. Today's technology is slow for these passwords. So passwords provide security. But Quantum Computers will increase post processing speeds. The Bitcoin algorithm will handle this. However, the problem is that 256 bit passwords can be broken.

[Voland.V]

Blokchain encryption is too strong. This is an important issue for security. Today's technology is slow for these passwords. So passwords provide security. But Quantum Computers will increase post processing speeds. The Bitcoin algorithm will handle this. However, the problem is that 256 bit passwords can be broken.

-------------
You write passwords, but you probably mean keys?
If you mention a 256 bit password, then maybe you mean a 256 bit encryption key on elliptical curves to create a digital signature?

If that's the case, I have to disappoint you.
Such tasks of cracking such a cryptography are solved by cryptoanalytic methods, which are not disseminated.

And wait for the quantum computer to solve this problem too, only those little swindlers who do not know cryptanalysis can.

When the creators of the blockbuster, whoever they were, chose which cryptographic system to make the digital signature, there was no information about the problems in ECC (cryptography on elliptical curves).

On the contrary, the NSA was actively buying up and buying up all the patents for this cryptography.

And then the sad events happened, and the NSA gave up on this cryptography.

If you're interested in verifiable details, check out the December 4 post, the second one for that date here:
https://bitcointalk.org/index.php?topic=5204368.40.

Interestingly, after this story, the NSA recommended switching from ECC-256 to RSA with a key length of 3000 bits and more.
What's so unusual about that?
The fact that the ECC-256 key corresponds in reliability to the key from 8000 bits in RSA.

But cryptography on elliptical curves turned out to be so suspiciously unreliable, that in their opinion RSA even with such a small key, 3000 bits, is much more reliable than the ECC-256.

So it's worth thinking about what we use, not just in block technology, but in general, what we use...

[Voland.V]

That's why it's dangerous to use, even the most secure devices to encrypt secrets, fresh news:

Way to crack passwords from email in iOS 13.3 has been found

Elcomsoft has released iOS Forensic Toolkit, which extracts data from the locked iPhone on all versions of the system starting from iOS 7.

It will require a Checkra1n jailbreak. It uses the checkm8 vulnerability, which is present in many Apple processors. There is no way to fix it.

The list of supported devices is impressive:
▪ iPhone 5s▪ iPhone 6▪ iPhone 6s▪ iPhone 7▪ iPhone 8▪ iPhone X▪ iPad mini 2▪ iPad mini 3▪ iPad mini 4▪ iPad Air▪ iPad Air 2▪ iPad 2017▪ iPad 2018▪ iPad 2019▪ iPad Pro 10,5▪ iPad Pro 12,9

The company claims that its software works even when the device is in BFU mode. It activates after the gadget is rebooted, when the user has not yet entered the password.

With iOS Forensic Toolkit, you can copy your iPhone and iPad file system, access your call history, access accounts for a variety of services including messengers and social media, and access Signal and WhatsApp encryption keys.

The iOS Forensic Toolkit costs $1495. It can be purchased by anyone.