What Encryption Is The Strongest And Most Secure To Use
Posted 11 November 2010 - 06:50 PM
As the title states "What encryption is the strongest and the most secure to use" ?
I would like to know from the community what type of encryption would you use, if you were to send a confidential document over the internet to a friend.
There are certainly several types of encryption algorithm one can use, like AES, RSA, Blowfish and so on. But which one of the them would you rust to use.
Thank you very much
Posted 12 November 2010 - 09:55 AM
If you want the most secure encryption in existence only one candidate counts: quantum cryptography. In theory it can not be broken. Though as with any form of encryption it all depends on implementation. I remember a few weeks/month back some commercially available systems were broken, has been resolved by now.
I imagine you were not planning on buying one of those systems to install at home, so let's move on to something more practical..
There is a reason rijndael was chosen for the AES standard and it has little to do with how strong the encryption is. Most final candidates for the AES standard (serpent, twofish, etc) were pretty evenly strong in terms of encryption. It all came down to how complete it was documented and how easy it was to implement.
How strong any encryption is is mostly measured by how long it would take for Moore's law to catch up: Computers get faster and any encryption, short of quantum cryptography, will be broken at some point in time. Look at cryptography's history > there was a time 3DES was pretty secure. It's still not that easy to break (can you build a FPGA), but it will be in the near future and you want your data to be secure for a little while longer.
Back to your second question > what would I use to send something to a friend in a secure manner?
I would use AES or steganography for most real life examples, but if it was really so important that nobody else could know I would probably go over to him and whisper it in his ear
Remember encryption is just one step in a long journey of security: it would be very sad if you went to all that trouble securing the data that travels to your friend, only to find out his pc is compromised and the data is captured after it has been decrypted
Read the rules before you post
Posted 13 November 2010 - 12:00 AM
But it only support 256 bit of encryptions, as opposed to RSA that supports up to 2048 bit of encryption.
Would you consider using RSA at all, I know that RSA uses public keys for decryption, but what if it wasn't made available to the public. Would it be more effective and secure than AES.
I am trying to understand more about the two.
Posted 13 November 2010 - 05:40 AM
Posted 13 November 2010 - 09:12 PM
Posted 16 November 2010 - 10:35 PM
Thank you all, I have found my answer, you can now consider this topic closed.
It might be worth pointing out that the implementation of the encryption is just as important, if not more important, than the encryption algorithm.
For example, the hashing algorithm used to generate the initial keys is very important, as is the randomness of the random generator used.
But frankly, with any high encryption scheme, the weakest point in the security is the passphrase, and/or the system on which the passphrase is typed.
The best public and well documented encryption program I know of is TrueCrypt. It has options to do 3 layer encryption, AES-Twofish-Serpent and you can do them in just about any combination. In addition, you can use RIPEMD or SHA as a hashing algorithm.
If one of those later is determined to have a weakness, you can always regenerate the data in a different scheme.
Ultimately, if I want to attack the encryption, I'm going to put a keylogger on your computer to capture the passphrase, and/or I'm going to try a dictionary attack against the passphrase.
Either way, it's not the encryption that falls, but the systems that support it.
Posted 18 November 2010 - 07:00 PM
During the implementation phase; I could use a stand alone computer that has a fully encrypted HDD and that is not connected to a network or to the internet.
When choosing a pass-phrase, I would choose one that would virtually take years to brute force it.
I should also mention that for security and paranoia purposes, I could lock it away in a safe
Now I have the perfect, safest andsecretive key
Thank you again
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users