0
warpedskydiver

Email encryption needed

By warpedskydiver, in The Bonfire

Recommended Posts

quade    4

quade
Quote

Hi I am wondering what email encryption programs are recommended, and what your personal opinions are.

Free is good, so is inexpensive.



How secure do you need it to be? Who are you trying to keep secrets from; the government or your girl friend?
quade -
The World's Most Boring Skydiver

Share this post

Link to post
Share on other sites

quade    4

quade
Quote

It is actually none of your business.



Hehe . . . pretty good answer.

Although a better one would have been to just to ignore it entirely. ;)

It is, however, a legitimate question as PGP is pretty well cracked by the NSA.
quade -
The World's Most Boring Skydiver

Share this post

Link to post
Share on other sites

kallend    2,146

kallend
Quote

If the NSA wants to read or get something...they will:|

Make no bones about it, they get the keys to all the goodies.

There are no secrets



Hard to crack a one time pad.
...

The only sure way to survive a canopy collision is not to have one.

Share this post

Link to post
Share on other sites

PhreeZone    20

PhreeZone
Looks like if you want something to work on Windows this is your best option. http://www.gpg4win.org/download.html

One time pads are still the strongest form of encryption but they have two weaknesses, the first is the out of band key distribuation method. This is just a royal pain and it sucks all around. The second is that the pads are peusdorandem at best, even the best computer programs to generate random numbers is not perfect and has some sort of pattern even if its really hard to find. Figure out that pattern and you can duplicate the pad. Second to impossible, but it is possible in theory at least.
Yesterday is history
And tomorrow is a mystery

Parachutemanuals.com

Share this post

Link to post
Share on other sites

Gawain    0

Gawain
Quote

Quote

It is actually none of your business.



Hehe . . . pretty good answer.

Although a better one would have been to just to ignore it entirely. ;)

It is, however, a legitimate question as PGP is pretty well cracked by the NSA.


Wasn't there a period of time though where they couldn't crack it though. I remember hearing stories about someone going to jail etc...any truth to that?
So I try and I scream and I beg and I sigh
Just to prove I'm alive, and it's alright
'Cause tonight there's a way I'll make light of my treacherous life
Make light!

Share this post

Link to post
Share on other sites

JackC    0

JackC
Rumour has it that the NSA made PGP put a back door into their algorithms so that it could be cracked easily. Early version (I forget which ones) didn't have the backdoor and are therefore considered "superior". Certainly, at one time (I don't know if it is still true) exporting encryption algorthms outside the US was a felony.

On topic though, I like Truecrypt for securing hardrives and the like. The encrypted files can be emailed just like any other attachment. It also supports double encryption with "plausible deniability" for super safe delivery if you need to go OTT.

One time pads are theoretically unbreakable but the key generation and distribution is difficult. For most practical purposes, a well chosen book cypher works quite well.

Share this post

Link to post
Share on other sites

bob.dino    1

bob.dino
Quote

Wasn't there a period of time though where they couldn't crack it though. I remember hearing stories about someone going to jail etc...any truth to that?



No. Zimmerman had all sorts of legal troubles with the Federal Government for a number of years, but he did not go to jail.

PGP uses standard encryption algorithms and was widely published prior to the US government starting its case against Zimmerman. So, I'm skeptical of claims that backdoors were inserted. Anyone got a credible source?

Go join the EFF.

Share this post

Link to post
Share on other sites

kallend    2,146

kallend
Quote

Looks like if you want something to work on Windows this is your best option. http://www.gpg4win.org/download.html

One time pads are still the strongest form of encryption but they have two weaknesses, the first is the out of band key distribuation method. This is just a royal pain and it sucks all around. The second is that the pads are peusdorandem at best, even the best computer programs to generate random numbers is not perfect and has some sort of pattern even if its really hard to find. Figure out that pattern and you can duplicate the pad. Second to impossible, but it is possible in theory at least.



There's no need to use a pseudorandom generator at all. That's just a convenience of the computer age. Any public library has volumes and volumes full of non-repeating characters that can be used as a key, and a simple scrambling algorithm will defeat the brute force searches using digitized books.
...

The only sure way to survive a canopy collision is not to have one.

Share this post

Link to post
Share on other sites

PhreeZone    20

PhreeZone

Finding true randomness is a whole lot harder then it seems. Drawing cards can have things like shuffling not truely random and can create patterns if you have a large enough sample set. Granted, in most instances where a 1 time pad would be needed you are not going to be encypting the works of Shakesphere so the odds of ever finding that pattern are zero.

I had to work on creating some 1 time pads and then using them for a undergrad applied security class assignment. I never want to wish them on anyone. Way too slow for practical use. Give me good old PGP at 128 bits and an encrypt time of a few milliseconds any day.
:)Zimmerman was never charged, just investigated and harrassed for years. It was a smart idea about just selling the source code as a book and shipping it overseas aas a workaround, too bad that one never made it to the courts. I would have loved to try to see how they would limit the export of a book as a munition. Network Associates eventually bought PGP and filed all the paperwork to make it legal to export it out of the US. Not long after dropping all that money into exporting it, they turned around and sold PGP back to Zimmerman. :S

Yesterday is history
And tomorrow is a mystery

Parachutemanuals.com

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing