On Wed, 11 Sep 2013, Jay Kline wrote: > Are they strong? As long as you avoid known bad ciphers (3DES is fairly > weak by todays standards) and sufficient key sizes (RSA should be > 2048bit and AES 256bit) they are "strong" . Strong enough to stop the > NSA? I wont venture a guess on that- plenty of speculation in the news > lately about it. > > The NSA maintains two "suites" of algorithms, Suite A and Suite B. Suite > A is classified, so we dont really know what is there. Suite B is > publicly released, and is the reference for US Gov't agencies and > partners for encrypting various kinds of data. Sticking with Suite B > algorithms is a pretty safe bet that even if the NSA *can* break them, > it takes considerable effort to do so, and generally there are no other > groups capable of breaking them. We know that no one, no matter how much computer power they have, can break a 256-bit key by brute force. I don't know if there is a proof that there is no mathematical trick to make it easier. NSA has huge computing power for cracking, but some jobs are beyond anything we are likely to see in my lifetime. I am very concerned that our government, or some group working within our government, has taken a really bad turn, or maybe we're just finding out about it. It's just that I think that the top Islamic terrorists (isn't al Qaeda supposed to be our biggest fear) have really smart computer people working for them and they would always have used strong encryption. So the NSA efforts seem to me to be more about snooping on everything and not about predicting al Qaeda attacks. Domestic terrorists are probably pretty stupid about this stuff, so I suppose they can track them better because of their decryption efforts. Mike