What's the best encryption algorithm and why?

I stand by this one. Never let me down.

this is legit for linux distributions

This

this one
string haxx(string s, char x)
{
char[] a = s.ToCharArray();

for (var i = 0; i < s.Length; i++)
a[i] ^= x;

return new string(a);
}

xchacha20-poly1305 is pretty good

Just use AES

This question is too advanced for Jow Forums. You need to ask /sci/.

Pretty sure AES256 is the only one that isn't backdoored

But he's not an jaded atheist gay engineer asking for help with his first-year homework.

Symmetric:AES-256
Asymmetric: RSA

McEliece

guess again, djb's elliptic curve crypto is secure

if it was the fbi would have used it hundreds of times already
they would have to resort to shit like freezing RAM

Pedantic reddit response.
For real life use-cases, AES-128-GCM is more than enough.

Sure thing, officer.

SHA-16384

Unironically Serpent, Threefish, or Camellia. MARS is also good.

AES has been backdoored since it's inception, do not use or trust it.

Attached: 1502074863904.png (1065x1600, 1.57M)

This
I personally like Serpent as a symmetric key encryption method, but AES has to be the winner since it's been so heavily evaluated and still strong. GCM mode performance wise is probably best, but should only be used with a Synthetic IV (per RFC 5297). But modes like CFB are good if you want to stream the data more.
For asymmetric, I prefer ECDHE. RSA may improve if more people adopt SP 800-56B type key transports/key establishment but the main method is TLS-RSA which is weak enough to not be allowed in Common Criteria anymore
For perfect secrecy, ya but good like applying that in a real life setting.
Without SIV, gcm is very fragile. I don't trust how much comoanies manage IV's in their products. I have to evalutate them and they suck always except like one case. Key reinstallation attacks have been too common.
ECDHE offers forward secrecy, RSA doesn't unless you employ ephemeral keys.
Show the backdoor then faggot

Am I total brainlet or ECDHE is a key exchange algorithm?

It's key exchange you aren't a brainlet. Asymmetric is too inefficient for data encryption but you have to exchange symmetric keys in some way. I just felt like it should be mentioned rather than only give a symmetric key answer.

What if we exchange symmetric keys by encrypting them with RSA. Keys will be less in size compared to the data

If you use an SP 800-56B RSA key transport, you are better off. And make sure it offers forward secrecy. ECDHE is better performance wise. Since it is just keys, that isn't too big but still something to consider. For instance, to have 256 bits of security with ECDH, you just need to use a 521 (not a typo) curve. For RSA, you need a modulus of 15360. If you are using AES 256, you should be using a key establishment method that provides the same security at least.
Essentially, RSA works, but most people don't use a good implementation (see TLS_RSA) and it isn't efficient.

AES is a pretty good algorithm. However it is very likely that some three letter agencies are running special custom hardware for cracking it, due to its spread.
you are better of using threefish/serpent

goppa mceliece
never seen such elegant and clever beauty

AES has been evaluated and tested far more. I like Serpent's more conservative design, but AES is more provably secure currently. Especially in terms of operating security in a company. You couldn't be punished for deploying AES then a vulnerability finally being found, you were following best practices. However, if you use Serpent or Threefish and a vulnerability is found, you were being negligent.

true.
however the widespread use of aes makes it a good candidate for developing optimized cracking systems.

And we are no where near the computing capabilities to even crack AES 128. It's rare that the weak link in the chain is the algorithm if you are using the standard shit. People should be focusing on shit like their code quality, Initialization vector handling, and DRBG and NDRNG (OpenSSL has a laughably terrible PRNG for instance and many people use dev/urandom). AES will still be going strong even once quantum computing evolves. We will just have to use 256 bit keys for 128 bits of security strength.

again: aes is a great algorithm and it is best practice to use it. however when it comes down to simple mathematics you can design optimized hardware that is a lot faster to do certain operations and if i were an agency i would focus on what the enemy uses which nowadays is aes in a lot of cases.

And good fucking luck trying to break anything at the magnitude of 2^128, 2^192, or 2^256.

otp xor.
unbreakable if a truely random otp is used.

This system requires too much overhead (generating a unique key the same length as the message each time) to be practical past writing a handful of notes.

impracticle, yes.
but stunning simple with perfect security.

So not the best because incredibly impractical.

Does the OTP even have to be truly random?

Even if there is some kind of pattern, since you never re-use the same part of the key how will that knowledge help you in deciphering more than some fragments of the message if even that?

It needs to be truly random.

It still has practical applications though.

For example in banking.
In the early days of internet banking they would (snail) mail you an OTP with about 200 unique passwords, one for each payment you did.

Why?

but for what specifically are you encrypting?
isn't bcrypt and ed25519 based on it for ssh etc...

RSA-4096

bitchcrypt
a very fast xor-ofb algorithm used in cryptortrojans.

Let's say you work for the secret service so security is an absolute must.

Not so hard to hand your agent a hard drive with terabytes worth of OTP and keep an identical hard drive yourself.
Also easy to smuggle into a country inside a laptop, and with plausible deniability.

Then your agent can send you terabytes worth of documents with absolute security.

all sci does is shitpost about cs lol

>In the early days.
That's no longer practical
Anything less allows for mathematical analysis.
OR, just use a non-retarded method like using X.509 certs with ECDHE and encrypt with an AES mode like GCM-SIV so you don't need to store a TB of keys. That way, you can send much more than a TB of data and practical to wipe.

Attached: 20180614_122938~2.jpg (1964x1763, 313K)

xor otp can be used without any kind of electronics and is UNBREAKABLE

Unbreakable if carried out correctly. People tend to like to take short cuts, like reuse keys.