[liberationtech] to encrypt or not to encrypt?

[Jordan McCarthy]

On 06/21/2013 09:57 AM, Joseph Lorenzo Hall wrote:
> What about the theory that by encrypting all the things we are feeding 
> some massively large NSA cryptanalysis project that uses different 
> flavors of ciphertext to find weaknesses? Very conspiracy theorist-y, 
> but I've heard a few people say that maybe we shouldn't "donate" 
> unnecessary ciphertext to such a project. :/
>
> best, Joe
I wholeheartedly endorse many of the arguments /for/ consistent use of
encryption that have been voiced so far -- but I'm still curious how
people would handle the above challenge. 

It seems to me that one reasonable response would be that the proposed
problem is largely a function of inconsistent use of cryptography: if
"all the things" were encrypted, all the time, cryptanalysis would be
considerably more costly than it is when people are only encrypting
certain kinds of information (since plain-text versions of encrypted
content would be less available, and predicting the nature/type of an
encrypted stream would hence become more difficult).  As someone else
has already said, if everything were encrypted, it would be impossible
to figure out what parts of that encrypted ocean would be worth
filtering with a crypto-breaking strainer. 

Also, if the NSA is really intent on fundamentally breaking various
crypto algorithms, I'm sure they have more than enough computing power
in-house to generate and attempt to reverse engineer huge quantities of
ciphertext; they probably don't really need our help to produce more of
such data.  :)

< Jordan
--
Sent from a computer running Free and Open Source Software
My GPG Public Key (0xDE1C1B53) <https://seasprites.net/0xDE1C1B53.asc>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130621/4319aac0/attachment.html>