From: thug@phantom.com (Murdering Thug) tcmay@netcom.com writes:

...

from: john.nieder@f33.n125.z1.fidonet.org

(commenting on the strategy of "taking the 5th" on the matter of decrypting one's files)

...

. Recently this question came up in another forum on encryption & an "authority" on communications law claimed the probable scenario would be that the arresting agency would have the encrypted material decrypted by a competent government or academic agency & the costs of said decryption would eventually be recovered from the defendant through civil suits, presuming the defendant had sufficient assets. It is my memory of the thread that he claimed this had been done in previous cases.

With strong crypto, e.g., with 300 decimal digit moduli, the "costs" of decryption by brute force could easily exceed the GNP/GDP of the U.S.

Since none of us have ever been inside the NSA, we cannot underestimate their power and resources. For all we know they may have 500 Intel Delta supercomputers linked together, each having 65,536 i860-XP/50mhz chips. We really don't know what kind of iron they possess. Thus we can't assume that they can't factor extremely large numbers easily. The only way to thwart the NSA is to use an encryption scheme which has been _proven_ uncrackable. The only one I know of is the One Time Pad. True, but impractical. I can't conceive of any rational one-time-pad key distribution over the net. Key distribution has to be over a guaranteed secure channel. For RSA, the channel only has to be authenticated. And if NSA can crack RSA, it would be worth having one cypherpunk lose one court case to find that out (yup, even if it's me...). Joe