Bitcoin Forum
November 13, 2024, 10:40:00 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: The Biggest Threat to Bitcoin: The New American NSA Datacenter  (Read 3826 times)
maaku
Legendary
*
Offline Offline

Activity: 905
Merit: 1012


View Profile
March 18, 2012, 12:33:43 AM
 #21

A far more likely use would be a fishnet over GSM-encrypted phone calls in realtime.

I'm an independent developer working on bitcoin-core, making my living off community donations.
If you like my work, please consider donating yourself: 13snZ4ZyCzaL7358SmgvHGC9AxskqumNxP
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
March 18, 2012, 12:35:39 AM
 #22

So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun?

DISCLAIMER: I'm drunk, so don't take me seriously.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
ctoon6
Sr. Member
****
Offline Offline

Activity: 350
Merit: 251



View Profile
March 18, 2012, 01:35:22 AM
 #23

Ill say what i always say again, its a good idea to keep your data both secret (keep it away from prying eyes) AND encrypted. sometimes both are not possible, but you should try when you can.

For example, bitcoin, this is almost never possible because by design, you give out your public key.

However, secret documents and messages can be both secret and encrypted. You only give the encrypted data to whoever needs it.

Jon (OP)
Donator
Member
*
Offline Offline

Activity: 98
Merit: 12


No Gods; No Masters; Only You


View Profile
March 18, 2012, 01:54:54 AM
 #24

So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun?

DISCLAIMER: I'm drunk, so don't take me seriously.

Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist.

See you in indefinite detention.

The Communists say, equal labour entitles man to equal enjoyment. No, equal labour does not entitle you to it, but equal enjoyment alone entitles you to equal enjoyment. Enjoy, then you are entitled to enjoyment. But, if you have laboured and let the enjoyment be taken from you, then – ‘it serves you right.’ If you take the enjoyment, it is your right.
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
March 18, 2012, 02:05:33 AM
 #25

So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun?

DISCLAIMER: I'm drunk, so don't take me seriously.

Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist.

See you in indefinite detention.
Pretty sure every single one of us has been on the list since 2009 when bitcoin was invented. Cheers.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
deepceleron
Legendary
*
Offline Offline

Activity: 1512
Merit: 1036



View Profile WWW
March 18, 2012, 04:03:32 AM
 #26

So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun?

DISCLAIMER: I'm drunk, so don't take me seriously.

Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist.

See you in indefinite detention.
Pretty sure every single one of us has been on the list since 2009 when bitcoin was invented. Cheers.

Now you are:

dirty bomb plutonium palestine abduct anthrax yemen al queda jihad plane truck train liberate occupy
legolouman
Hero Member
*****
Offline Offline

Activity: 504
Merit: 504


Decent Programmer to boot!


View Profile
March 18, 2012, 04:14:09 AM
 #27

So they finish this sometime in 2013... Should be plenty of time to scramble together a few nuclear bombs to wipe the place off the fucking map just as they put the finishing touches on it. Anyone in for some fun?

DISCLAIMER: I'm drunk, so don't take me seriously.

Fabulous work, rjk. You just got every person in this thread on a domestic terrorist watchlist.

See you in indefinite detention.

Made possible by the nearly unnoticed NDAA!


If you love me, you'd give me a Satoshi!
BTC - 1MSzGKh5znbrcEF2qTrtrWBm4ydH5eT49f
LTC - LYeJrmYQQvt6gRQxrDz66XTwtkdodx9udz
runeks
Legendary
*
Offline Offline

Activity: 980
Merit: 1008



View Profile WWW
March 18, 2012, 09:16:29 AM
 #28

Quote
mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt
Since they will just have a lot of parrallel processing power, and have not discovered any real vulnerability in those protocols, it seems it will be enough for truecrypt and gpg users to double they maximum key size and be done with it. As I understand it, the difficulty to crack them increases exponentially with longer keys.
I use 4096 bits for everything, so I'm fine.
Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!).
ctoon6
Sr. Member
****
Offline Offline

Activity: 350
Merit: 251



View Profile
March 18, 2012, 07:38:40 PM
 #29

Quote
mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt
Since they will just have a lot of parrallel processing power, and have not discovered any real vulnerability in those protocols, it seems it will be enough for truecrypt and gpg users to double they maximum key size and be done with it. As I understand it, the difficulty to crack them increases exponentially with longer keys.
I use 4096 bits for everything, so I'm fine.
Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!).

Once you get to that point, you can just hash the part you remember and use the hash as the password. The part you hash would still need to be strong, and it would force the cracker to either, use hashed values, the actual values, or both. We could also go the route of using patterns instead of characters.

The red dots are places where red dots on other shapes "lock". The basic idea is that you would be making a vector object, then use that code as the password. Again these are vector objects, so size does not matter. all that matters is that the correct shapes are connected correctly in the right orders, etc..


runeks
Legendary
*
Offline Offline

Activity: 980
Merit: 1008



View Profile WWW
March 19, 2012, 01:13:41 AM
 #30

Quote
mmmmmmm imagine the Ghash's, but there more likely to use it for cracking pgp and truecrypt
Since they will just have a lot of parrallel processing power, and have not discovered any real vulnerability in those protocols, it seems it will be enough for truecrypt and gpg users to double they maximum key size and be done with it. As I understand it, the difficulty to crack them increases exponentially with longer keys.
I use 4096 bits for everything, so I'm fine.
Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!).

Once you get to that point, you can just hash the part you remember and use the hash as the password. The part you hash would still need to be strong, and it would force the cracker to either, use hashed values, the actual values, or both. We could also go the route of using patterns instead of characters.
Well that's true. You could, for example as Armory does, use a really slow key derivation function, and apply it so many times that it takes, for example, one second to get the key from the password. That would limit the cracker's attempts to one key per second as far as I can tell (unless the key derivation function is compromised).

Interesting idea about using shapes to gain entropy. Though I have a hard time figuring out how much entropy this actually provides.
MysteryMiner
Legendary
*
Offline Offline

Activity: 1512
Merit: 1049


Death to enemies!


View Profile
March 19, 2012, 01:14:36 AM
 #31

Quote
256-bit should be fine for a while yet, but in 10 more years it may also be breakable, if you have a 2 billion dollar budget.
256-bit is not two times stronger than 128-bit. The strength of encryption grows exponentially, not linearly. 256-bit with current computing technologies and more's law might be safe for more than 10 or probably 200 years. It might be safe till the end of time.
Quote
NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. "
So the TripleDES is finally broken? Or Blowfish, or SHA-1 hash function? What is complex encryption scheme? Some Rube-Goldberg encryption using data destruction and outdated ciphers or TrueCrypt? TrueCrypt is actually not so complex at all, in terms of usability and ease-of-use. This statement by incomptetent spokesperson makes no sense at all to me.
Quote
A far more likely use would be a fishnet over GSM-encrypted phone calls in realtime
GSM is no encryption at all, it is merely a obfuscation. NSA and any government agency can listen at will, they already have copies of GSM encryption keys and direct access to operator's infrastructure. Maybe using voice recognition and data mining all conversations nationwide is one of the purposes?
Quote
I'm drunk, so don't take me seriously.
In some countries being drunk while committing crime (such as telling it will be good if someone nuke arseholes in NSA) is going to ad additional years to sentence.
Quote
You just got every person in this thread on a domestic terrorist watchlist.
I'm located in Eastern Europe and I have veiled Arab man in my avatar, now I'm a foreign terrorist! Cheesy Nuke with dirty Iranian nuclear bomb the capitalist terrorists and abduct CIA president while sniffing train of anthrax letter cocaine and buy Rolex replica watches cheap! Sh*t, that smoke was a strong one!
Quote
NDAA
Is it something similar to MDMA? I will visit Silk Road to find out more Cheesy
Quote
Using larger key sizes won't really do any difference unless your password also has double the entropy. We're slowly reaching a point where humans are having trouble remembering pass phrases with sufficient entropy (we're not there yet though!)
The password in GPG is used to protect the private key in case if the file containing key is fallen in hands of enemy. It is not related to quality of the keypair. If enemy only have your public key, the quality of the password protecting your private key does not matter. Only the source of randomness is important, and computers are known to be poor at generating truly random data without hardware random number generator.

Where passwords are the weakest link, they must be strong and random. In 1 month average human can remember password containing 30+ ASCII characters.

bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!