Any plans to change 7-zip's encryption?

2014-03-22
2014-03-29
  • Brittney Smith

    Brittney Smith - 2014-03-22

    In light of revelations over the last 9 mo. or so, about NSA ability to crack many of more widely used encryption algorithms, is any consideration being given to changing 7-zip from AES 256?

    The problem that many experts point out, isn't just about securing data against the NSA & similar agencies. The problem is, once gov'ts have a given technology, especially when it only involves a concept or programming, eventually, the bad guys will have the technology.

    Often sooner than later. That's how it's worked for a long time. We can't say, "It'll never happen," cause it's happened repeatedly.

    These ideas were once shot down as "conspiracy theory" in spite of years of reports by "insiders" that it was going on, long before Eric Snowden. It's no longer a "theory." Some of the NSA's techniques to break encryption, do NOT require quantum computers. They sometimes involve back doors & built in weaknesses in programs & encryption algorithms themselves.

    Or maybe most devs, banks, corporations, etc., will wait until they're actually hacked by criminal organizations that "acquired" the necessary technology? Not only from the NSA, but other gov'ts as well.

    So, if devs / software companies / corporations stance is, "We just don't think recent, documented developments about encryption are an issue right now, for legitimate businesses & US citizens," that may be true (or NOT).
    But please don't call this issue a "conspiracy theory" any longer. It's not.

     
  • Rosen Penev

    Rosen Penev - 2014-03-27

    Why would encryption in 7-Zip need to change? AES256 is totally fine.

    There are probably more secure algorithms but AES has been heavily analyzed in comparison.

    The biggest problem with AES is cache-timing attacks where someone observes the time that it takes to encrypt something(AES is not constant-time in software). The fix is to use AES-NI which i believe 7-Zip uses.

    Most of your post had absolutely nothing to do with 7-Zip.

     
  • dos386

    dos386 - 2014-03-29

    about NSA ability to crack many of more widely used encryption
    algorithms, is any consideration being given to changing
    7-zip from AES 256?

    Please supply evidence that Rijndael-256 is no longer secure.

    The problem that many experts point out, isn't just about
    securing data against the NSA & similar agencies. The problem is,
    once gov'ts have a given technology, especially when it only
    involves a concept or programming, eventually,
    the bad guys will have the technology.

    NSA = the bad guys

    Those "experts" can really f**k off with their "bad guys" issues.

    The biggest risk to your super-secret data is still Windows, not the Rijndael-256 algo.

     

Log in to post a comment.