by /u/SnuffleCipher · 2024-03-30 19:40:00 in /d/OpSec
0 votes · 2 comments
- /u/SnuffleCipher 🍼 20th March, 2024 - 03:19 I'm a cryptographer and I'm wondering what you mean by there being "no consensus". We almost all agree that in general, storing ciphertext for future decryption is an actual problem and that anyone/service that can use post-quantum cryptography should. However I would agree with you that it is probably not a huge risk for darknet drug buyers in the long term. It is better safe than sorry in my conservative opinion, and it is actually pretty easy to make a simple post-quantum pgp-like program, something like Curve25519 - NTRU Prime if you know enough about them.
by /u/BlueGlueEater · 2024-03-19 14:11:00 in /d/OpSec
0 votes · 13 comments
- /u/SnuffleCipher 🍼 22nd March, 2024 - 17:27 There is absolutely no benefit to using "different encryption ciphers making it harder to decrypt altogether". VPN traffic isn't being decrypted by adversaries because someone didn't use two ciphers instead of one. The biggest threat is the VPN company itself cooperating with LE or agencies like the NSA hacking into VPN servers to circumvent encryption.
by /u/DoingFedTime · 2024-03-22 14:36:00 in /d/OpSec
0 votes · 50 comments
- /u/SnuffleCipher 🍼 28th March, 2024 - 03:49 Yes I do. I'll give you links to the current progress and discussions. Here is a link to the current IETF draft: https://datatracker.ietf.org/doc/draft-wussler-openpgp-pqc/ And here is the link to the working group mailing list: https://mailarchive.ietf.org/arch/browse/openpgp/?q=draft-wussler-openpgp-pqc
by /u/partytime · 2024-03-26 02:53:00 in /d/OpSec
0 votes · 21 comments
- /u/SnuffleCipher 🍼 26th March, 2024 - 20:35 2048-bit RSA is definitely not in danger of being factored currently (as in it's not broken yet). Yet, there is a real threat that state actors such as the NSA are recording as much public key based ciphertext as possible so that they can decrypt it later when efficient quantum computers use Shor's algorithm. There are post-quantum public key algorithms which could be resistant to quantum computers. Right now there is work on PGP to move towards one of them called ML-KEM.
by /u/partytime · 2024-03-26 02:53:00 in /d/OpSec
0 votes · 21 comments
- /u/SnuffleCipher 📢 🍼 31st March, 2024 - 04:16 LUKS does not provide the same kind of plausible deniability that Veracrypt does (as far as I'm aware). In my opinion, especially for high risk positions like vendors, having a hidden volume would be important. Even in the US, there are many circumstances in which you must provide computer/drive passwords to a court or face sanctions for not doing so. There have been some recent battles about when that is allowed and when it isn't, but it's best to be on the safe side.
by /u/SnuffleCipher · 2024-03-30 19:40:00 in /d/OpSec
0 votes · 2 comments