Resist Brute Force Attacks


Encryption Keys:

A little trip down memory lane: In a meeting at the National Security Agency headquarters in November 2004, NIST representative Bill Burr told me that chances of finding an advocate of short (forty bit) keys in the Administration was about the same as finding Nazis in Germany in 1947. That's an oblique way of saying nobody will admit to it. But very short encryption keys were the order of the day for many years.


What's that all about? It's that longer encryption keys make it more difficult for hackers (or government agencies) to try every possible key in what is called a brute force attack. The current status: The Bureau of Industry and Security through its Export Administration Regulations still controls the export of symmetric keys that are longer than 64 bits. (Symmetric means that the person encrypting and the person decrypting both need to use the same key.)


What is the Bureau of Industry and Security telling us? That the easiest way to defeat brute force attacks is to use longer keys.


MarpX Good Privacy uses keys composed of seven capital letters. MarpX Better Privacy and Extreme Encryption™ each use seven character keys which include any combination of A-Z, a-z, and 0-9. In each case, that's seven bytes = 56 bits per key. Behind the scene, each character maps to a 48 byte sequence. The letter and the position among the seven letters is used to select each sequence. It's the bits and bytes among the seven sequences that control the actual process of making content private or of recovering the original content.


There are a lot of ways to combine seven capital letters -- 26 choices for the first, 26 choices for the second, ... and so on to 26 choices for the seventh. It doesn't sound like much until we multiply it out -- 8 billion! When there are 62 choices (26 capital letters, 26 lower case letters, and 10 digits) it works out to 3.5 trillion combinations.


The combined seven sequences (together called an algorithm) guide the process of encryption and decryption. For MarpX Good Privacy the combined letter combinations map to 8 billion different algorithms; for MarpX Better Privacy it's 3.5 trillion different algorithms.


Every MarpX Better Privacy program downloaded points to the same seven groups, each with 62 sequences. MarpX Good Privacy always uses a subset of the same sequences. Extreme Encryption™ is different; no two programs use the same algorithms! Every Private Information Exchange (PIE) setup is unique. You and your participants alone have that set. No-one else in the world has any hope of figuring out what algorithms you are using. Incidentally, there are are more possible unique algorithms than there are particles in the universe.


Extreme Encryption™ is not for export. Under U.S. law we are required not to sell this product to any group or persons within the United States whose name appears within an Export Administration Consolidated Screening List.


Resistance to Brute Force Attack:

How much is your information (files or messages) worth to a person who might be interested? If it is your day-to-day email or social media messages, you can be pretty sure that app developers aren't going to try up to eight billion keys in order to read your content. See Tech’s 'Dirty Secret': The App Developers Sifting Through Your Gmail by Douglas MacMillan in the Wall Street Journal, July 2, 2018. Protection from routine invasions of privacy is free with MarpX Good Privacy.


Are you exchanging commercially sensitive messages or faced with unethical competition? Do you want to keep confidential documents that you exchange with your accountant or lawyer or doctor? MarpX Better Privacy is a low cost but very effective solution.


You will find some interesting calculations about trying to break an Extreme Encryption™ file or message in our discussion of quantum computer hacking. It can be summarized simply: Brute force attack on Extreme Encryption™? Forget about it. It is "computationally infeasible".


We have presented products that are scaled to the likelihood of someone valuing your information highly enough to spend heavily to decrypt it. No matter who is after your confidential information, using one of our products will make it far too expensive for hackers to bother.


Site Map         Purchase


MarpX Privacy