No, but it can throw more money at a problem. The point I was making is deeper pockets win, and no one can compete with the defense budgets. They can enlist the help of brighter minds than any criminal orginization (access to better talent pool).
India and China, who don't care about personal privacy as much as the US, gloat about doing this all the time, often to US companies' data. The US gov't does have the right to wiretap and snoop under the Patriot Act, but it does not have to have the luxury to share with the American public because Americans value privacy highly.
Historically speaking, your statement is not well supported. Essentially all cryptosystems proposed before 1970 have been cracked. Most cryptosystems proposed since then have been, too. Any particular cryptosystem might turn out to have a hard and usefully high lower bound on the difficulty of cracking it, but we can't even prove P ≠ NP yet, so we aren't even close to proving such lower bounds on cryptosystems.
Large amounts of money can and do buy the time of legions of sharp mathematicians who devote their lives to devising and cracking new cryptosystems. There are good reasons to suspect that this no longer gives the US government the kind of advantage that it used to enjoy, but hard evidence of that is also hard to come by.
There's also the possibility of using large amounts of money to trick someone into using weak encryption, a policy which was very successful with Crypto AG.
If you only need to crack one key, a weakness is found in the system that helps eliminate a huge chunk of the possible key space, and it's for a very high-value target like Bin Laden, putting the entire computing power of the TLAs onto the problem seems like it could yield results.
No. Exhaustive key search is vanishingly unlikely to yield results.
The universe contains about 2²⁶⁵ elementary particles and has existed for about 2¹⁰⁸ femtoseconds. So it probably cannot have done more than about 2³⁷³ classical computations. You can easily use triple-AES-256 to get an effective 512-bit key, dwarfing the possible computations the universe can have carried out for the foreseeable future.
The world GDP is about US$58 trillion per year, which is about 2³⁶ dollars per year. A computer that can test keys currently costs at least 2⁻⁸ dollars, although probably more, and cannot test more than about 2³⁵ keys per second, although probably less. There are about 2²⁵ seconds in a year, so that's 2⁵⁰ keys per year per processor, or 2⁹⁴ keys per year per previous year's worth of production.
So, suppose the entire world economy were devoted to producing computrons to crack a single crypto key. In N years, you can have tried ½N² · 2⁹⁴ = N² · 2⁹³ keys.
To try 2¹²⁸ keys, you need N² ≈ 2³⁵, so N ≈ 2¹⁷, a bit over a hundred millennia. (If you are willing to accept some chance of failure, say a 99.9% chance of failure, then you can skimp a bit and only try 2¹¹⁸ keys, N² ≈ 2²⁵, N ≈ 2¹², only four millennia.)
If bin Laden used AES-256 instead, you need to try 2²⁵⁶ keys to be sure of succeeding, so you need N² = 2²⁵⁶ / 2⁹³ = 2¹⁶³, so N ≈ 2⁸⁰ ≈ 10²⁴ years, which is 10¹⁴ times the current age of the universe. By comparison, the galaxies of the Local Group are expected to merge into a single supergalaxy in only 10¹² years while other galaxies are too far away to be detectable, star formation is expected to end in only 10¹⁴ years, all planetary systems are expected to have decayed in only 10¹⁵ years, and the supergalaxy is expected to have fallen apart in only 10²⁰ years. We're talking about a timescale ten thousand times longer than that. (http://en.wikipedia.org/wiki/Future_of_an_expanding_universe)
So the mere computing power of the TLAs is unlikely to yield results by brute force. Their ingenuity, however, could find a better way than brute force.
Thanks for the very informative demonstration of the scale of these numbers. I suppose I should have emphasized this part of my post: "a weakness is found in the system that helps eliminate a huge chunk of the possible key space". I was supposing that the combined intellectual effort of the NSA and CIA could find a vulnerability in Bin Laden's crypto implementation that would reduce the size of the key space to something that could be meaningfully attacked by their combined computational capacity.
"People"? Like the typical net surfer in a semi-rural Pakistani internet cafe? Or people like you? There is a minor difference of "what you make in a day, they make in a year: with varying consequences like starkly differing internet usage habits, levels of education, general interests, privacy precautions etc. You're obviously having a hard time wrapping your head around the context here.
The person sitting next to you in these cafes can barely read, the PCs are what was mainstream here in 1999. They are connected with 56k modems. I am not sure why you're struggling with getting out of your shoes.
"city like Abbottabad" <-- again, you’re deviating from the facts. The courier would take it many miles away to another small semi-rural setting, not Abbottabad.
“Do you have any basis for this belief?" Want me do YOUR research for you? You claimed the solution is HTTPS (or encryption in general), I said no, and you want me to prove the objection?
Anyway, aside from the fact that I was born and raised in Pak and lived there till I finished high school at the age of 17, I know what they do online and know the culture intimately, and understand how vast the tastes and interests are when income and education levels are so varied. The ISPs there are regulated, sites often blocked, and govt openly and proudly snoops (like I have said many times before).
Now before you tell me to look this up for you, do your own research, please amigo! You might be a great "mechanic" but you’re trying to drive a Ferrari in a rally, and arguing "Why not, its the greatest car!" Context is everything. This is getting tiring, boring and old, you take yours, I take mine, and off we go. :-)
Also, get a passport and travel a bit, you'll notice how invisible some things are to you in your environment, and how much you take them for granted. How many facts of life are not facts but assumptions.
I'm sure you more knowledge of Pakistan than I do, but I find it hard to believe that encryption is so rarely used that the Pakistani government can afford to monitor and investigate anyone who sends an encrypted communication.
It's also a little grating to have you lecture me on my assumptions, whilst simultaneously making unfounded assumptions about me.
Sorry you feel lectured buddy, was not my intention. And you're right, I did make unfounded assumptions about you.
Anyway, they did not overlook the oldest security technique in computer history (encryption/cryptography) without reason - and you gotta give those fuckers credit, those mountain goats gave the most powerful military in the world a run for its money for a decade.
I'm sure they had a reason, but I suspect a lot of it is that they lacked sufficient technical expertise, rather than it being a deliberate decision of an informed individuals. That they didn't encrypt all the information at their hideout indicates a lack of technical knowledge.
That said, you're right that they're extremely good at hiding via more conventional means.
India and China, who don't care about personal privacy as much as the US, gloat about doing this all the time, often to US companies' data. The US gov't does have the right to wiretap and snoop under the Patriot Act, but it does not have to have the luxury to share with the American public because Americans value privacy highly.