tcmay@netcom.com writes:
from: john.nieder@f33.n125.z1.fidonet.org
(commenting on the strategy of "taking the 5th" on the matter of decrypting one's files)
. Recently this question came up in another forum on encryption & an "authority" on communications law claimed the probable scenario would be that the arresting agency would have the encrypted material decrypted by a competent government or academic agency & the costs of said decryption would eventually be recovered from the defendant through civil suits, presuming the defendant had sufficient assets. It is my memory of the thread that he claimed this had been done in previous cases.
With strong crypto, e.g., with 300 decimal digit moduli, the "costs" of decryption by brute force could easily exceed the GNP/GDP of the U.S.
Since none of us have ever been inside the NSA, we cannot underestimate their power and resources. For all we know they may have 500 Intel Delta supercomputers linked together, each having 65,536 i860-XP/50mhz chips. We really don't know what kind of iron they possess. Thus we can't assume that they can't factor extremely large numbers easily. The only way to thwart the NSA is to use an encryption scheme which has been _proven_ uncrackable. The only one I know of is the One Time Pad. A person I know is working on a computerized version of the OTP that extracts a truly random stream of bits from TV/RF static and massages it using a DSP to be highly variable (e.g.: no runs of 0's or 1's longer than 5 bits). This stream is then XOR'd in one time pad fashion with an LZW compressed version of a plaintext message. The key stream is never re-used and after a byte from the key stream is used, it is erased (crossed off the digital pad). Since no bit in the key stream has any known relationship to any other bit (unlike in pseudo-random-number generators), the goal of extracting either the key or the plain text is intractable. If the NSA can crack the OTP, then they must have God himself on their salary. Read the sci.crypt FAQ on more info about the one time pad. The only problem with the whole OTP scheme is that it can only be used for provably secure communications over unsecure channels. It is much more difficult to use a OTP to encrypt one's hard disk without having to memorize 50 million bits of TV/RF static. Then again 50 million bits of TV/RF static can be stored on a totally-self-destructing memory device. For instance a memory card with battary backed RAM that fits in my pocket. If the law busts in, I merely have to pull out the lithium battary from the card and the key is destroyed beyond all possible recovery. If the NSA can extract bits from the proverbial bit bucket in the sky (also known as write once memory (WOM)), then they truly must have God working on their side. Thug