Simon Black thinks NSA is blowing smoke about cracking most encryption on the net because open source encryption is secure. But that’s not the real issue.
I have to tell you, though, I’m deeply suspicious some of the NSA’s assertions.
They seem to be claiming that they have cracked nearly everything, and that they have backdoor access to privacy software. But this is practically impossible.
A lot of encryption software used today is actually ‘open source’. This means that the software code is freely available to anyone.
True, open source encryption software allows anyone to look at the code and most certainly does not have backdoors. And, absolutely, if you use a 4096 bit key, not even a supercomputer can crack it in any reasonable time. Why? Because it’s much harder to divide than multiply. Encryption software uses ginormous prime numbers, often 100 digits long, to calculate encryption keys, multiplying them to get a composite number. To crack the key you need to factor the composite back into the prime numbers. There is no known way to do this in anything less than decades, even with a supercomputer.
What Black misses is that commercial encryption or encryption offered by the highly compromised Microsoft, for example, may well have back doors in it. Plus the keys are on the servers and may only be 256 bit. That means NSA can read the data. Also, the vastly majority of people on the net do not use open source encryption.