From CryptoParty
Jump to: navigation, search

@Michael555x I would suggest note sharing between cities, perhaps we can learn from previous Crypto parties from around the world? We need to start that kind of conversation then it becomes a case of refining / optimising the material and the delivery. You have some interesting topics there, would you like to collaborate?

Michael: Yeah, certainly. South Wales is a little slow for building tech groups, but one's doable with some marketing or whatever. I originally intended to include a lot of technical stuff about how modern encryption works, starting off simple and building up from that. Looks like we should start off with very general stufk for the first several sessions. Kind of tailor it to the average person. I'm also hoping to develop much better encryption (VB's not good with numbers, and I don't trust the Microsoft crypto libraries too much), so input from the experts would be good.

Sharing public keys

What does this mean (taken from the main page): "a known public key could potentially narrow down the possible values used for generating the private key, if a cryptanalyst was very determined."?

Michael: It's a reference to a theoretical attack I read about last year in an excellent book on forensics and privacy (must post title here). Basically the keys are generated by randomly picking two very large prime numbers, then doing some mathematical stuff that produces other values. Normally it's extremely difficult to decrypt the information without the private key, or to determine what the private key itself is. An attacker would have to sift through a colossal range of values, check whether each value is a prime, then test that against the encryption. Knowledge of the public key would eliminate some of those values, and make the attack marginally quicker. It's only something to worry about if you're exceptionally paranoid.

einonm: So let's remove the reference to this? We want to encourage people to use cryptography, not discourage it. AFAIAA, there is no easy way to quickly crack, for example, an AES algo, without pure number crunching.

Personal tools