Government Security
Network Security Resources

Jump to content

Photo

What Encryption Is The Strongest And Most Secure To Use


  • Please log in to reply
6 replies to this topic

#1 infiltrator

infiltrator

    Staff Sergeant

  • Sergeant Major
  • 421 posts

Posted 11 November 2010 - 06:50 PM

Hi All,

As the title states "What encryption is the strongest and the most secure to use" ?
I would like to know from the community what type of encryption would you use, if you were to send a confidential document over the internet to a friend.

There are certainly several types of encryption algorithm one can use, like AES, RSA, Blowfish and so on. But which one of the them would you rust to use.

Thank you very much

Regards,
Infiltrator

#2 bonarez

bonarez

    Retired GSO Second Lieutenant

  • Sergeant Major
  • 1,252 posts

Posted 12 November 2010 - 09:55 AM

Like with any question there is never one right answer:

If you want the most secure encryption in existence only one candidate counts: quantum cryptography. In theory it can not be broken. Though as with any form of encryption it all depends on implementation. I remember a few weeks/month back some commercially available systems were broken, has been resolved by now.

http://www.networkwo...blinded-by.html

I imagine you were not planning on buying one of those systems to install at home, so let's move on to something more practical..

There is a reason rijndael was chosen for the AES standard and it has little to do with how strong the encryption is. Most final candidates for the AES standard (serpent, twofish, etc) were pretty evenly strong in terms of encryption. It all came down to how complete it was documented and how easy it was to implement.

How strong any encryption is is mostly measured by how long it would take for Moore's law to catch up: Computers get faster and any encryption, short of quantum cryptography, will be broken at some point in time. Look at cryptography's history > there was a time 3DES was pretty secure. It's still not that easy to break (can you build a FPGA), but it will be in the near future and you want your data to be secure for a little while longer.

Back to your second question > what would I use to send something to a friend in a secure manner?

I would use AES or steganography for most real life examples, but if it was really so important that nobody else could know I would probably go over to him and whisper it in his ear :D

Remember encryption is just one step in a long journey of security: it would be very sad if you went to all that trouble securing the data that travels to your friend, only to find out his pc is compromised and the data is captured after it has been decrypted
"Ask the right question and you will receive the right answer. I'm just very sensitive about the right syntax"

Read the rules before you post

#3 infiltrator

infiltrator

    Staff Sergeant

  • Sergeant Major
  • 421 posts

Posted 13 November 2010 - 12:00 AM

As a matter of fact, AES seems to be pretty standard across the board for encrypting information, even the USA Military uses it for keeping their top classified information, as secret as possible.
But it only support 256 bit of encryptions, as opposed to RSA that supports up to 2048 bit of encryption.

Would you consider using RSA at all, I know that RSA uses public keys for decryption, but what if it wasn't made available to the public. Would it be more effective and secure than AES.

I am trying to understand more about the two.

Thank you.

#4 Guest_DiabloHorn_*

Guest_DiabloHorn_*
  • Guests

Posted 13 November 2010 - 05:40 AM

infiltrator read up on symmetric and asymmetric encryption methods. You cannot compare key lengths directly.

#5 infiltrator

infiltrator

    Staff Sergeant

  • Sergeant Major
  • 421 posts

Posted 13 November 2010 - 09:12 PM

Thank you all, I have found my answer, you can now consider this topic closed.

#6 E411

E411

    Private

  • Members
  • 17 posts

Posted 16 November 2010 - 10:35 PM

Thank you all, I have found my answer, you can now consider this topic closed.


It might be worth pointing out that the implementation of the encryption is just as important, if not more important, than the encryption algorithm.

For example, the hashing algorithm used to generate the initial keys is very important, as is the randomness of the random generator used.

But frankly, with any high encryption scheme, the weakest point in the security is the passphrase, and/or the system on which the passphrase is typed.

The best public and well documented encryption program I know of is TrueCrypt. It has options to do 3 layer encryption, AES-Twofish-Serpent and you can do them in just about any combination. In addition, you can use RIPEMD or SHA as a hashing algorithm.

If one of those later is determined to have a weakness, you can always regenerate the data in a different scheme.

Ultimately, if I want to attack the encryption, I'm going to put a keylogger on your computer to capture the passphrase, and/or I'm going to try a dictionary attack against the passphrase.

Either way, it's not the encryption that falls, but the systems that support it.

#7 infiltrator

infiltrator

    Staff Sergeant

  • Sergeant Major
  • 421 posts

Posted 18 November 2010 - 07:00 PM

Thanks E411, you did bring up some interesting and important facts to consider.

During the implementation phase; I could use a stand alone computer that has a fully encrypted HDD and that is not connected to a network or to the internet.
When choosing a pass-phrase, I would choose one that would virtually take years to brute force it.
I should also mention that for security and paranoia purposes, I could lock it away in a safe
Now I have the perfect, safest andsecretive key

Thank you again

Regards,
Infiltrator




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users