The TrueCrypt website has been changed it now has a big red warning stating "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues". They recommend using BitLocker for Windows 7/8, FileVault for OS X, or (whatever) for Linux. So, what happened? The TrueCrypt site says:
This page exists only to help migrate existing data encrypted by TrueCrypt. The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform.
Did the TrueCrypt devs (or SourceForge?) get a NSL? They are offering a "new" version (7.2), but apparently the signing key has changed and a source code diff seems to indicate a lot of the functionality has been stripped out. What's up?
(Score: 2) by maxwell demon on Thursday May 29 2014, @09:24AM
I don't buy your energy limits (reversible computing can theoretically run on arbitrary low energy), but I agree on your conclusion that brute-forcing is impossible, just on different grounds:
Imagine you had a million computers where each single one is as powerful as the currently most powerful supercomputer. [top500.org] Let's further assume you can run it at peak performance. Imagine in addition that you have a super efficient algorithm which can test a single key as fast as multiplying two floats (so that the FLOPS are directly translated into Keys/s). So your million supercomputers are able to test about 5.5*10^19 keys per second.
The average number of tests you need to brute force a key (assuming you have no quantum computer, of course) is half the number of available keys. So for 128 bit keys, it's 2^127 ≈ 1.7*10^38 tests. That is, to brute force a 128 bit key, you'd need 3.1*10^18 seconds, or about 10^11 years. That's in the order of magnitude of the age of the universe.
To brute force a 256 bit key with the same setup, you'll need 2^128 times as much time, that is, more than 10^38 times the age of the universe.
OK, so there's Moore's law. Well, let's assume that it will hold indefinitely (which it certainly won't), and let's ignore that it's actually about transistor density. So if the available speed doubles every 1.5 years, this means that in 90 years, you'll be able to crack a 128 bit key in a year (but then, whatever I encrypt, I won't care about whether it is cracked in 90 years; and anyway, nobody will consider it important enough to spend a year on decrypting it), and in 192 years you will be able to crack it in a second (still assuming you have a million of the world's most capable supercomputers of the time). Of course, at that time the 256 bit key will still need a time comparable to the age of the universe. So unless you care about whether someone will read your stuff 400 years in the future, even unrealistically optimistic assumptions about computing power will keep your 256 bit encryption safe from brute-forcing.
OK, so what if we actually get a quantum computer? Well, since we are talking about brute-forcing, the algorithm of choice would be the Grover algorithm. The Grover algorithm gives a square root improvement, so it effectively halves the key length. Now the operations per second of a quantum computer may be different from a classical computer, but I think it can be assumed that it is never faster than a classical computer in that metric (after all, you can do classical computing on a quantum computer). So at worst the quantum computer would brute force the key as fast as a classical computer would for half the key length. In other words, even with quantum computers, your 256 bit key should be safe against brute-forcing for the next 200 years.
Note that all that only refers to brute-forcing; other methods to break the encryption may of course make your key unsafe much earlier (like e.g. public key encryption based on prime factorization is vulnerable to quantum computers using the Shor algorithm).
The Tao of math: The numbers you can count are not the real numbers.