Sign in with
Sign up | Sign in
Your question

How secure is VPN Encryption

Tags:
  • Internet Access
  • Encryption
  • Internet Service Providers
  • VPN
  • Networking
Last response: in Networking
Share
June 9, 2014 12:47:50 PM

Hello everyone,
Iam currently using the VPN Private Internet Access and have been for nearly a year with no complaints.

I use the following encryption:
Data Encryption: AES-128
(also available: AES-256 and Blowfish)
Data Authentication: SHA1
(also available: SHA256)
Handshake: RSA-2048
(also available: RSA-3072, RSA-4096, ECC-256k1, ECC-256r1, ECC-521)

Now up until now i have assumed that my ISP would basically have no way of decrypting my traffic and finding out what my traffic is or where it is going (except of course that it goes to the VPN server)
I assume a decryption would be near impossible, taking maybe weeks or months to decrypt what i transfer in an hour or so, maybe impossible.

But today i was talking with my cousin who generally knows quiet a bit about computers, now i like to think iam quiet knowledgeable but mostly in theory, i dont really know specifics.
And he thinks and strongly believes if they want to know what iam doing they can, and probably do know. He believes that its not that hard to decrypt, especially if the BND (german equivalent of CIA) for example would want to spy on me.

So does anyone know (no guessing please) how this plays out in reality?
Which encryption do you recommend?
Iam quiet keen on privacy, since all big companies and agencies have started spying on everyone (Google, Apple, CIA, NSA, ect.).

Thanks

More about : secure vpn encryption

June 9, 2014 12:53:46 PM

a)any and all encryption can be broken, it just depend on how long it will take.
m
0
l
June 9, 2014 1:20:45 PM

Your ISP wouldn't care about you personally unless you were costing them money in some manner (using more data traffic then all your neighbors combined), YOUR GOVERNMENT OR LAW ENFORCEMENT IS A DIFFERENT ISSUE.

Here in the US it is required to have a court order to proceed against YOU specifically (John Doe, Born on 1 Jan 1980 with SSN number xxxxxxxxx and Driver's ID # 89787987987y9 ). BUT that doesn't deter them from (like standing outside and just with their eyes and ears) LISTEN for something suspicious, then filter for that 'sound' out of the noise to confirm it is something, then to get even more granular is it something SPECIFIC to listen for (i.e. Kill Chancellor At Peace Talks). This has been done for many years now under ECHELON, which is a large database, program, listening, software and computer to automatically look and listen for every fax, email, cell phone call, Internet message, website, Social media program, pager, etc. in that specific set of criteria till it can 'flag' for 'general review' by a Human to determine if the computer is correct on what it 'observed'.

If it is a US asset, then they have to seek a Judge (FISER) order to allow then to actually look, listen, read, etc. the contents of THAT narrow set of captured data (in your case decrypt it), using the narrow 'chain of custody' approach to determine the validity of the 'accusation' and determine if a actual criminal activity or threat to national security is occurring. Now if it is a foreign asset (you in Germany) they can proceed as they wish and then if they decide it is in the US best interest let your BND know all they 'got out of you' so the BND can proceed with what they are allowed to do in Germany/EU Laws.

You are right it takes TIME, but once your data is captured, just like any video, photo, audio recording, etc. it is evidence even if they take years to crack and come back to arrest you, your data is still valid (unless there is a time restriction for specific types of criminal filings). So being 'secure' doesn't mean much if your still a criminal, your doing something illegal, you will be busted, and you will be arrested. No it isn't "Minority Report" where they are instantly on your trail immediately upon seeing your data touch the Internet, but yes you will have your data (if it is of interest to BND, NATO, CIA, FIS, whatever acronym you want to toss out there) compromised.

Honestly ask yourself this question, Are you a Military Grade user and holder of Military Grade encrypted hardware and networking capabilities? If not, then yes you are much 'easier' to crack then Military Grade encryption techniques.
m
1
l
Related resources
June 9, 2014 4:21:00 PM

Okay, thanks Tom Tancredi.
That answers a lot.
But my main question is still, if for example i download a new game from steam 5 or 10 GiB large, and they decide just for the heck of it to decrypt it to know what it is.
Would it be at all be economically possible to decrypt it? I mean wouldn`t it probably take months or even years?
I do know it depends on the hardware they have.

rgd1101 wow great answer, i did say that it would just take a long time, and i do know that any encryption can be decrypted. Iam talking about doable within reasonable time and cost.
m
0
l
a b 2 Internet access
June 9, 2014 4:36:15 PM

Rather than repeat all the math this site is a overly simplistic answer to that question.
http://www.eetimes.com/document.asp?doc_id=1279619

Now this is all assumes that the NSA did not engineer in a intentional flaw in the random number generators so they don't have to brute force the keys.

m
0
l
June 9, 2014 7:07:44 PM

@bill001g Hahaha, thats one of the sites i read, i forgot to point out.
I know that a brute force attack is completely hopeless, but it mentions inherent flaws.
Not actually saying anything about them. And aren't there other ways to be able to decrypt the data?
Somehow acquiring the key?
Assuming i dont have some sort of virus on my computer.
m
0
l
June 9, 2014 7:21:46 PM

kitube said:
Okay, thanks Tom Tancredi.
That answers a lot.
But my main question is still, if for example i download a new game from steam 5 or 10 GiB large, and they decide just for the heck of it to decrypt it to know what it is.
Would it be at all be economically possible to decrypt it? I mean wouldn`t it probably take months or even years?
I do know it depends on the hardware they have.

rgd1101 wow great answer, i did say that it would just take a long time, and i do know that any encryption can be decrypted. Iam talking about doable within reasonable time and cost.


When you create the VPN tunnel you still need to identify the 'end point' your calling first, given this, STEAM and others would be off the list immediately, but say Al-Jeezer.Com or such might interest them more.

"Economically Possible" Honestly your talking about your government which has a GDP amount of cash every year to mess with. Consider the TRILLIONS of dollars we are talking, so what it cost $25M to decrypt your passing Nuclear Centrifuge Schematics to Nigeria, there is no cost to law enforcement nor national security. Again though we are talking you have to be of interest, they can't spend $25M on 1,000,000 Berliners to see which one MIGHT have the plans that MAYBE someone MIGHT be sending.. they couldn't do it physically (not enough people) and cost way too much.

No it doesn't take months or years, that is the theoretical collegiate answer. 256 Encryption can be broken down, last I heard, in 11 hours using the collegiate 'cloud' concept (you maybe more familiar with the SETI screensaver or Cancer sequencing screensaver that does this on individual computers En Masse'). That isn't even considering the use of mega mainframe facilities or Top Secret research projects (DARPA which invented the Internet after all). Honestly no one gives a <Mod Edit> about you, me, the other jane joe, and any 'fear' of invasion of privacy is really overblown UNLESS your not paying attention to WHO is asking the questions of your actions. If for example you were a Croatian visiting websites, and your ISP was Serbian owned, and some of the websites/etc. were about how to get arms, make pipebombs, etc. and we all know what the political climate was, YES you would be targetted in that case. Far as I know, unless your a Nazi, Communist, Jihadist, Anarchist type, EU resources are quite busy with all those other groups (I think quite alot of Russian interest is taking place now with the Ukraine incident).

So you, unless it is illegal, are safe and your very over worried.


m
0
l
!