[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Encryption was Re: Disk Wiping

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Encryption was Re: Disk Wiping
From: Simon Waters <simon@xxxxxxxxxxxxxx>
Date: Fri, 05 Mar 2021 19:20:25 +0000
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1602234361; h=Sender:Content-Transfer-Encoding: Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe: List-Id:Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From: Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Owner:List-Archive; bh=AcE/KI747MnciBV/C4OagepNjIjYanaUcZA9oJq2V1I=; b=YrlH3IwsRc6x9UKlib7mzUE35f 2Xin1yDjS6Oakhal58s0DaLQn5MgILZMWBo0uSjzQd5Grw+rrdZZjH5BO+cgTBbq/ZgpHqFhD7jDv Ur0vX4Urz1muO4SmrrcPVd08J2fwxN6pgIMTFWP0usxdGJlcZMEbUTBZc5hIubUx+4ko=;

On Friday, 5 March 2021 18:58:15 GMT you wrote:
> On Friday, 5 March 2021 08:14:38 GMT Giles Coochey wrote:
> > Encryption on its own is probably not enough, all the encryption
> > algorithms in use 40 years ago are now trivial to decrypt without a key
> 
> 40 years ago, yes it was 56 bit DES, if you heeded warning from Whitfield D
> you shunned 56 bit. DES like ciphers from the 1980s could have been chosen
> which are still "not bad" meaning the NSA can crack it.

Oops hit send early. 

Also note that a lot of the cryptanalysis of 40 year old ciphers requires a 
lot of known plaintext, or similar, often the disks simply weren't that big 
back then. Heck most of the machines I used booted from floppy disk back then.

But the point is threat model, I want to stop someone stealing my machine, 
stealing the data and messing around with any credit card, photos, or other 
secrets that have leaked into storage, or just abusing the email for targeted 
phishing my friends and relatives, or using saved access tokens for websites 
or email. If the NSA copy it (the disk will fail in 40 years), archive it till 
they have the decryption capability, sure they'll get my data if they can 
figure out how to mount old Linux partitions from 40 years ago, they'll be able 
to continue my browsing sessions from where I left off if any haven't expired - 
lucky them. Who knows, maybe 256 AES is no problem for them already?!

Meanwhile if someone breaks in and steals my PC, the odds of the person 
stealing it getting enough personal data to be a problem is effectively zero.

Ditto the password as a long original passphrase it is probably towards the 
limits of brute forcing by intelligence agencies, but they aren't my main 
threat. Intelligence agencies can pick my door locks and stick a USB device in 
whilst I'm out, or fly a wireless camera  through a window, or hit me with a 
piece of rubber hose till I tell them whatever they want to know.

-- 
The Mailing List for the Devon & Cornwall LUG
https://mailman.dcglug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

References:
- [LUG] Disk Wiping
  - From: David Bell
- Re: [LUG] Encryption was Re: Disk Wiping
  - From: Giles Coochey
- Re: [LUG] Encryption was Re: Disk Wiping
  - From: Simon Waters

Prev by Date: Re: [LUG] Encryption was Re: Disk Wiping
Next by Date: [LUG] Thunderbird google calender stopped working
Previous by thread: Re: [LUG] Encryption was Re: Disk Wiping
Next by thread: Re: [LUG] Disk Wiping
Index(es):
- Date
- Thread