For anyone interested in how encryption actually works, check out this video, which explains how AES flips a string of bits in a particular way to make it “indecipherable” without the key.
It’s probably one of the easiest explanations to understand, particularly if, like most of us, you haven’t written a thesis in cryptography.
If you’ve never had to know how computers store things (spoiler, it’s all in 1’s and 0’s), remember that computers are a collection of switches that are either ON or OFF (forget quantum for now, that’ll just confuse you). Letters and numbers are also stored in strings of 1’s and 0’s. Remember this.
Enjoy:
In short (and this is very paraphrased), AES is how THIS:
H e l l o
(1001000 1100101 1101100 1101100 1101111)
…turns into THIS:
3 0 9 4 5 f 4 y H J ! k 4 3 d h y i u # ; ’ l , i
(110011 110000 111001 110100 110101 1100110 110100 1111001 1001000 1001010 100001 1101011 110100 110011 1100100 1101000 1111001 1101001 1110101 100011 111011 100111 1101100 101100 1101001)
…before it leaves your device and goes out across the internet (and when you store something on your LUKS partition) ![:slight_smile: :slight_smile:](https://forum.qubes-os.org/images/emoji/twitter/slight_smile.png?v=12)
That should give you an idea of what can be seen if you try and look at an encrypted partition.
Can you read it?
Of course you can.
Will it be coherent and “useful” information?
Probably not…at least, not without the correct key.
Can you “prevent brute force attempts on unlocking a hard drive”?
Not in any meaningful way…at least not in a way that prevents who you’re asking about.
But I could write some software that denies more than 3 attempts, right?
Any software preventing this would need to be running at the time of requesting the drive read…and they’d be a bit silly to access the drive through untrusted software…
Well, what about hardware/firmware in the drive?
Yes, that might slow them down. But ultimately there is a bunch of 1’s and 0’s SOMEWHERE on the drive (the hard drive discs or the NAND flash) that they will be able to read one way or another, either by software, or physical examination (with a microscope, etc).
So, I can’t stop them from brute-forcing my drive, or an image of my drive, with all their computing power?
…unfortunately not…
Is there any good news at all…?
Well…it would take every single semiconductor currently in existence on the planet (1.15 trillion) running non-stop in unison, up to 150,000 years (for the nerds, this number has been adjusted for parallel calculations) to correctly guess an AES-512 key, so you’ve got time to think about your next move (and maybe get a decent lawyer)… ![:stuck_out_tongue: :stuck_out_tongue:](https://forum.qubes-os.org/images/emoji/twitter/stuck_out_tongue.png?v=12)
And just for completeness, while quantum computers do “try all possible keys simultaneously, and then the universe collapses all wrong solutions into the right key”, the universe thankfully still hasn’t worked out which key is the “right” key in every circumstance, so quantum brute-forcing isn’t actually as effective as we thought…yet ![:wink: :wink:](https://forum.qubes-os.org/images/emoji/twitter/wink.png?v=12)
So I guess I should be much more worried about people getting hold of my key than my drive, right?
Now you’re talking sense!
Dog or cat?
![image](https://forum.qubes-os.org/uploads/db3820/original/2X/7/72a239f8598c8e26053d8994b5a7f3226d0a7bcf.png)