Excuse my paranoia, but if the LE and intel communities cracked it, do you think they'd tell the general population? Thing is if they have cracked it, I doubt they'd use it to catch hobbyists.

Automatic computer scanning of our emails for what is essentially "profiling" purposes (in this case, for the "benign" purpose of figuring out what ads we might be more interested in) is damn scary.

I think it's creepy that when I go onto amazon.com, they give me a list of books they think I might want, based on their profile of me, which is based on which books I have bought in the past.

Stop profiling me!!



-- Modified on 4/10/2004 6:56:43 PM

it's that it is rather expensive to do so. At the very least, any encryption algorithm can be broken through brute force. That is, systematically trying every possible key combination. Now, with PGP you typically use 1024 bit keys (or at least you should). That's 2^1024, a rather large number that takes a good bit of time cover.

The last estimate I read, it takes a non-insignificant amount of money and time (in terms of both people and computer resources) to crack PGP's 1024 bit key through brute force.

Regarding the article, if U.S. agencies _can_ break the code in a timely fashion, I seriously doubt they'd share that info with foreign governments or PC World. They have a vested interest in letting everyone think the algorithm is secure. (FWIW many, many encryption experts have examined the algorithm and think it's _extremely_ secure.) They're best off not saying anything (we can neither confirm nor deny...) and letting the rest of us wonder.

Some of the fastest, most powerful (and expensive) computers in the world today were built and purchased for the express purpose of cracking keys through brute force.