From: "Aaron P Ingebrigtsen" <[EMAIL PROTECTED]>
> When I tried to encrypt a 500+ megabyte archive it spent a half hour just
> trying to hash out the two crypto-random numbers, then it spent 10 hours
> trying to encrypt the huge file and it never finished, because I canceled
> the process. If it takes that long to ENCRYPT a file of that size, it
> would be nearly impossible for a hacker to decrypt it without the right
> password. How long it would actualy take is beyond my ability to guess,
> but I'm sure that even the fastest computers would take a long time to
> process the encrypted file. I have nothing against MD5 and Triple-DES,
> it's just that it doesn't use the keypair functions that PGP uses so that
> people can do decryption/encryption without shareing their passwords via
> insecure methods.
Are we talking about PGP or UC2 here? If pgp, you either have a very slow
computer or I'm shocked at norton for having such an unoptomized algorithm.
> But is Triple-DES better at encrypting useing SHA1 hash than the current
> CAST algorithm?
No. Assuming Triple-DES is at 112 bits and CAST is at 128, CAST is better.
Especially if you assume that the NSA is still years ahead of the non-gov't
crypto world - they probably have made breaking triple-DES trivial (DES is
already trivial).
> I ask because Triple-DES does this neat thing where it Encrypts with
> Rand1, Decrypts with Rand2 and Encrypts again with Rand1, makeing it
> totaly freaking impossible to break the encryption. I think it is a VERY
> strong encryption method.
it's fairly strong for documents you don't mind being readable quite soon. a
triple-des encrypted file is still only as secure as the key that encrypts
it - in this case the key is Rand1 . Rand2. Assuming that they are both 56
bit keys (as are all DES keys if memory serves) then Triple-DES gives you
112 bits of security (becuase you reuse a key it doesn't make the security
any stronger on key attacks).
> And the bigger the file, the bigger the hash, and the longer it takes to
> encrypt or decrypt the file. It takes like 5 times as long to encrypt or
> decrypt an archive as it does to create and store files in it.
Hash is, by defination, the same for any file. Encrypting and decrypting
both occur in linear time, correct.
-Mathew
_______________________________________________
Chat mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/chat
