>American Encryption

Every piece of crypto that is based in the US has a backdoor in it.

Prove me wrong.

Other urls found in this thread:

crypto.stackexchange.com/a/18887
wiki.cacert.org/SubRoot
twitter.com/NSFWRedditImage

Prove that they are, there are no proves that they are backdoored.
Also do I need to spoonfeed you? Most encryption standards, if not all are audited you little russian shill.

say your company has 100 employees. odds that one of them will accept NSA/FBI's offer are pretty high. they might even entrap one of them and blackmail them into adding a backdoor.

don't be naive... everything's backdoored.

>Every piece of crypto that is based in the US has a backdoor in it.
But is doent mean that Durov is not an FSB bitch.

I say nothing, but that there are no proves and I simply cannot believe audits mean nothing, that everyone is buyable.

Telegram bribing by US is nonsense.

Its like the FSB trying to bribe NSA...

>Every piece of crypto that is based in the US has a backdoor in it.

OP doesn't even know the difference between crypto based upon mathematical theory which is extremely hard to 'backdoor' and proprietary implementations like Telegram which can indeed be assumed to be backdoored.

>Telegram bribing by US is nonsense.
how so?

AES is develop by the NSA that's is why I don't use it.

Source?

>The National Institute of Standards and Technology (NIST) is a measurement standards laboratory, and a non-regulatory agency of the United States Department of Commerce. Its mission is to promote innovation and industrial competitiveness.

Which US end-to-end encrypted services (with a users certificate) are open source?

So is SE Linux

I run a crypto storage company. All of the employees are very close to me.

We have only been approached by an agency once and it was for an unrelated matter to this.

Just say no, they can't force you to do shit.

AES was made by Belgian cryptographers who submitted it to a NIST competition to decide what "AES" would be.

The NSA reviewed it as NIST standards are used by literally ever US agency.

...

>Just say no, they can't force you to do shit.
They'll do it behind your back.

>Open source
>Backdooring
Sup Forums you really need to go home. :/

What do you mean by "do it behind your back?"

I assume you think US agencies will just break into our systems...but I doubt it, US agencies only care about you if MUH terrorism comes into the picture.

If they asked you, they have an interest.
If they have a legit interest in a current user they will for sure try to gain access.

If they think they may in the future they have nothing to lose by assigning your site as a target for a summer intern.

Good thing they can't legally prove who is who on our platform.

I do see what you mean though. But we do have inside knowledge I have a buddy who is ex-cia (he left because of the illegal shit that was going on) and hes helped us quite a bit.

I find OP's story very hard to believe because US agents are dumb as fuck, but they would never straight up bribe a company, way to much blow back.

Well, you can't bribe the owner of something already controlled by your enemies secret services.

No such thing as ex-CIA.
You're rotting from the inside out!

Jesus I am paranoid but you guys thing this shit is house of cards or some shit.

>he really believes this does not happen

>I am paranoid
Not paranoid enough boyo

Guess I gotta get a bigger tinfoil hat.

Scary thing is once my company gained some steam, I came back to apartment and the electrical panel was wide open and some stuff seemed to be moved around (i could tell because the dust showed it was moved). I had my place checked for bugs and have webcams installed every where now.

TLS/Https is a completely open protocol. Several implementations are open, too.

You need to go back.

>Telegram

lol.

>I have a buddy who is ex-cia
>I find OP's story very hard to believe

fuck i love the internet

You mean like that san bernardino iphone the fbi was too afraid to crack? That had to be sent to israel.

I have nothing to hide, so who cares?

Obviously you have nothing to say either, so the free speach should be shutdown too so retards like you had no way how to spread bullshit on internet.

>You mean like that san bernardino iphone the fbi was too afraid to crack? That had to be sent to israel.
huh? it was not sent. and that phone was cracked by trying thousands upon thousands of pincodes. That attack doesn't even work anymore. It stopped working with iPhone5s and secure enclave.

FBI director was fired because he talked how using back-doors discovered Trump-Russian connections.

>discovered Trump-Russian connections
LMAO... what connections? Even COmey said there were none.

Stay retarded, libshit scum.

This whole pointless discussion can be summed and closed with three words. Argumentum ad Ignorantiam.

Unironically muh freedoms you commie fuck.

True. AES was backdoored from day one.

Do you have anything to support that, user?

>crypto that is based in the US
Literally none. 99% of the crypto algorithms are made outside the US.

Only Chacha20, Poly1305 and Curve25519 are useful crypto algos that are made in the US.

Just feelings.

Lmao lad crypto.stackexchange.com/a/18887

TLS is a bad joke.

>CA
>X.509 certs
no thanks

What hash function should I use to encrypt my data with?

Thanks, that's very helpful.

>hash function
>encrypt

TLS doesn't necessarily shackle you to third party CAs, if that's what you mean. And what's wrong with X.509 certificates?

Yes user, I am looking for a nice hash function to use to encrypt my data, what would you suggest? :3

He means to say that you don't encrypt your files with a hash function, user.

>TLS doesn't necessarily shackle you to third party CAs
True, you can use DANE/DNSSEC but that's even worse.

>And what's wrong with X.509 certificates?
They allow for a single signature (this is a giant problem as you can't sign your certs with a commonly accepted CA like LE and your own, forcing you to blindly trust LE for a site)
They are bloated with useless features (like EV).
They use ASN.1, leading to trillions of vulnerabilities due to its complexity concerning parsing.
OpenPGP certificates are superior (GNUTLS supported them but since nobody else did everyone dropped support)

MD5 with no salt.

But this does not make any sense user, how can't I?

In a HMAC construction? I would prefer a hash function with at least 256 bits of output to be honest ;_;

We all got to thank Bernstein et al for that. But even these algorithms won't be safe in the long run. We desperately need post-quantum cryptographic algorithms as elliptic curve cryptography is more vulnerable than traditional RSA to quantum computations.

I don't need to support $h!t.

ENJOY THE BOTNET SCRUB!

Chacha20, Keccak, BLAKE, etc are all Post-quantum safe already. Poly1305 and other universal hashes are not only safe in a post-quantum environment but also safe in the case where P=NP, same with OTP.

As for Post-quantum asymmetric crypto we have SPHINCS (signing only) which is provably safe as long as the underlying hash function is safe, while for encryption we have McEliece or some form of RLWE (which is probably safe).
There is also SIDH but I have no idea how it works.

>what is letsencrypt?

Just concatenate those two outputs together. It's more secure that way.

Yet another CA. I even mentioned it in my post.

Hashing is one-way. There is no way to reverse a hash function. Why are you pretending to be retarded, and posting retarded anime pictures?

"those two"?
I think I will use SHA3 to encrypt my documents!

>FreeOTP
>HOTP and TOTP
>Truncated SHA1-HMAC
>after the first truncation we do a mod 10^d where d is the desired number of digits
Is that a joke?

My bad. The best solution is to just hash your data twice with MD5. That makes the encryption double as strong.

>>TLS doesn't necessarily shackle you to third party CAs
>True, you can use DANE/DNSSEC but that's even worse.
And how exactly is that worse?
>>And what's wrong with X.509 certificates?
>They allow for a single signature (this is a giant problem as you can't sign your certs with a commonly accepted CA like LE and your own, forcing you to blindly trust LE for a site)
Yes you can, you can cross-sign your certificate. Even Let's Encrypt's CA certificates are cross-signed.
>They are bloated with useless features (like EV).
Extended Validation adds extra security by validating the identity. How is that a bad thing?
>They use ASN.1, leading to trillions of vulnerabilities due to its complexity concerning parsing.
Trillions of vulnerabilities is vastly over exaggerated, but please tell us more what bothers you about it.
>OpenPGP certificates are superior (GNUTLS supported them but since nobody else did everyone dropped support)
How does OpenPGP address your specified issues?

Even better
>between 6 and 8 digits
At 8 digits it provides ~26 bits of security. Who thought that this would be a good idea?

You act like NSA/CIA only operate against domestic companies. You'd be naive to believe they don't have agents hired to work at foreign companies in secret.

>make communication software
>shill it on Sup Forums
>get paid by the NSA
Sounds like a business plan

>And how exactly is that worse?
Because you give control to the even more shady registrars.

>Yes you can, you can cross-sign your certificate. Even Let's Encrypt's CA certificates are cross-signed.
You would need to somehow make LE accept you as a CA.
Good luck with that though. wiki.cacert.org/SubRoot

>Extended Validation adds extra security by validating the identity.
LMAO
It is actually a trick from commercial CAs to make even more money while abusing the fact that they can issue a certificate for anything without much thought.

>Trillions of vulnerabilities is vastly over exaggerated, but please tell us more what bothers you about it.
I would say only slightly exaggerated. The most common vulnerability type in TLS implementations is due to incorrect parsing of X.509 certs.

>How does OpenPGP address your specified issues?
Nicely, the OpenPGP certificate format is much simpler (-> less implementation failures) and much less bloated while at the same time it supports actually useful features (multiple parties signing your cert, leading to a web of trust).

As I said before, I want at least 256 bits of security ;_;
Why shouldn't I use SHA3 to encrypt?

SHA3 is the new kid on the block. Untested and unproven. MD5 has seen some shit. It's the proven algorithm.

It was made 10 years ago though!

It wasn't an adopted standard until 2015. Most respected institutions wouldn't touch an algorithm that wasn't certified by NIST.

It is now standardised by NIST however! Moreover MD5 is dis-encouraged by NIST.

NIST is deep state user. Don't trust them.