Re: Torvalds Slams Theoretical Security

On 10/25/24 6:17 PM, Lawrence D'Oliveiro wrote:

On Fri, 25 Oct 2024 01:09:38 -0400, 186282@ud0s4.net wrote:
 

Um ... even weak crypto takes a lot of CPU time to decode.

 A graphic illustration of strong crypto used stupidly:
<https://github.com/corkami/pics/blob/master/binary/CryptoModes.png>.

   Yes, even 'strong' crypto can be used badly.
   However for MOST, even AES-128 ought to be good
   enough, AES-256 even more. According to some
   going away from AES is best ... Camilla or even
   GPG.
   Note, if you want to INDIVIDUALLY encrypt files
   then OpenSSL is THE best because of SPEED. GPG
   and friends, there's a long initialization period.
   This is something I've had a lot of experience with.
   Wrote a nice, kinda large and 'smart', 'C' app other
   langs could evoke to do the hard work.
   There ARE tiny diffs between the Linux and Win
   versions of OpenSSL ... so search and take note
   of the fine variation in the CL params. OR, well,
   use large/complex pre-packaged backup apps - but
   you lose a lot of fine control. Direct use of
   OpenSSL works great from custom 'C', Pascal or
   Python pgms (my faves).
   Towards the end I did write a backup apps that
   individually encrypted files. Easy to get 'em
   back, AS NEEDED, afterwards. OpenSSL was the
   best way. OUR files weren't especially WORTH
   cracking. This was good. Banks/govt and such
   may have a different perspective. Better perhaps
   to zip-up large archives and encrypt those
   using better-than-AES methods. DOES need kinda
   a lot of mem and diskspace ....