this post was submitted on 13 Oct 2024
21 points (81.8% liked)

Cybersecurity

5678 readers
114 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 1 month ago* (last edited 1 month ago)

There's also no such thing as "Military Grade" Encryption. The government as a whole, as directed by NSA, uses the same encryption technology. If anything, one of the defining techniques is how said technology is implemented as a process. That means less about the algorithm and more about the hardware and handling. For example, when dealing with classified networking, one of the key differences is using dedicated hardware. These aren't PC's that can be hacked, they are devices whose specific role is to handle encryption, key loading, or key acquisition. They are hardened to prevent emissions from leaking and will dump keys, firmware, memory if tampered with. End devices can only accept keys with no way to retrieve them for reuse.

Advertisers that claim they are offering you "Military Grade" encryption just do regular NSA encryption methods in software, with no hardware component, and no handling process. Which would never be used in the military to secure classified data.

Also, most encryption used in these devices don't use one key, they use key generators. Each device talking to another generates a unique, temporary session key. These session keys do not last long, so if any one key is compromised it limits any potential unauthorized disclosures. Capturing encrypted data for later cracking would prove to be a time and resource exhausted process that would provide too little information, too late. At this point it would be easier to actually try to steal the keys and hardware, rather than crack them.