The NSA encrypting Android phones

[thewayne]

They're applying strong crypto and logging to the voice stack, not much detail as to whether the data on the phone is encrypted which I think would be fairly trivial. They're also discussion about Germany encrypting other smart phone OS's. It'd be cool if the software were released to the public, but that'd totally screw law enforcement and CALEA.

http://www.h-online.com/security/news/item/NSA-German-government-using-Android-for-secure-phones-1466294.html

Comments

[thewayne.livejournal.com]

Increasing the key length would probably put breaking it out of the hands of local law enforcement, but if you cross the Feds, then the NSA could probably smack you down.

[silveradept]

Probably. Don't know what you could do to make it hard for someone who is basically bringing hordes of supercomputing power to the table in their quest to break your encryption and find your key.

[thewayne.livejournal.com]

There is a concept in crypto of having it as strong as it needs to be, which doesn't necessarily mean that the code is unbreakable. If in war you're transmitting battle plans for an attack that's going to happen in one week, and it takes the opponent two weeks to break the code, then the encryption was good enough.

Of course, if the enemy learns enough in that two-week attack that it reduces their time to crack your code down to three days, then your next transmission might be in trouble.