Posts Tagged ‘encryption


How to make life difficult for the Nsa’s of this world forever

One of the most alarming parts of Edward Snowdens revelations was the NSA not only listen to the data traffic of many countries, but also having cracked internet encryption.

In oder to do this, they need to get the keys and this works via two mechanisms:

  1. By calculating the key using the intercepted message and
  2. by direct acces to the key, using an software exploit or a back door implemented into the software by the vendor.

Against way # 1 we ought to use open source software.

Against way # 2 help data compression and using several encryption channels in one message. And here’s how it works:

The data thief alway has to test a lot of keys and needs some criterion to find out, which is the right one. I. e. he or she needs some information already known to him to get the information he wants to know.

decryption mechanism

The trick consists in avoiding to put known-to-him (or easy to get) information together with the secret into one encryption channel. And this is what data compression is about: reduction to the essential

Take e.g. a piece of english text. It is possible to develop a compression algorithm, that is optimized for english text. With it, every arbitrary string of characters can be decompressed into a grammatical correct – and may be even meaningful – piece of english text.

In most cases, the data thief will know more than just the language of the document. So the names of company staff may appear, of the form of the document will be that of a business letter. Or the language stems of a subset of english specific for a kind of business. All those informations have to be transmitted separately, with their own keys. The important part, e.g. business numbers, the height of a proposition, the dimension of a drawing, have to be transmitted with their own keys. So the data thief can no more draw conclusions from the marginal to the central part of the message.

This approach will make encrypted messages secure against any future increase in computing power.

To support data security, as few information as possible around the communication should be made public, and it should always be clear, which information has already been made public.


July 2018
« Jun    

Blog Stats

  • 895 hits