[Discuss] Encrypt Everything?
Edward Ned Harvey (blu)
blu at nedharvey.com
Thu Sep 12 16:08:35 EDT 2013
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Jerry Feldman
>
> The main issue is that assuming you encrypt all your outgoing emails,
> and most of your respondents encrypt email to you if someone with enough
> compute power wanted to decrypt your emails they can do it. And,
> essentially it comes down to the cost vs reward. So, the federal
> government has the resources but very few criminal enterprises would
> invest that much for us.
"enough compute power" is basically a millenium of the entire energy output of our sun. If you're using strong encryption, which is a given. There isn't any implementation of weak encryption supported in email encryption anymore - only weak key management. Not even the government has the compute power to decrypt (in general) something you encrypted with a modern digital ID and S/MIME. (The lowest key strength startcom will accept is 2048 bit RSA, and they recommend 4096 bit).
More information about the Discuss
mailing list