On Mon, Sep 2, 2013 at 1:32 PM, Sylvia Ganush <sganush@me.com> wrote:

'Any encryption based on an algorithm can be decrypted with the resources available to a government.'

this is wrong. Michael Mooney is going to end up on angry squirrel's shitlist if he keeps this up. perhaps he meant "any electronic encryption can be bypassed with the resources available to a government." , in which case he is probably right.

These are words of Michael Mooney, the hapless system administrator of Stratfor, a private intelligence agency that got hacked, doxed, and wikileaked in 2011-2012:

there's a whole lot of bullshit, exaggeration, and unfounded assumption in here, not worth my time to respond in detail. moral of this story: don't get your information from STRATFOR. unless you like it suitably polluted...

What do cypherpunks think of Mr Mooney's statement? Does it really take a government only one month to crack a 2048-bit key?

no. i'll leave the detailed current power and scale calculation to Marsh Ray ;) note that this is a different question from how long 2048 bit RSA might be considered secure. if you're responsible for protecting TOP SECRET information against nation state attacks for multiple decades, QC may become a non-negligible risk. RSA of any length is not acceptable for such data, however this does not mean that RSA of decent key length is immediately at risk.