[Terpfen]

Question: how does the DoD keep its information secure if it has to keep its code open-source? Maybe I just don't understand how Linux is supposed to be distributed and modified. Could someone clear this up for me?

[ThinkPlease]

Open source source code only has to be released if the binary code made available to be sold to another party. Since any modifications to open source code would theoretically be kept secret and not be available to others, the code should remain secret.

[AFreeBird]

Question: how does the DoD keep its information secure if it has to keep its code open-source?

Knowing the algorythms does not necesarily make a system insecure. The algorythms determine how keys are made and used, but does not reveal the keys themselves. In fact, allowing them to be reviewed by the IT/Security population at large, it is possible that a potential security flaw in the code is discovered and corrected more quickly.

As keys have increased in size: 56, 128, 256, 512 bits, they become exponentially harder to crack because the number of permitations makes it difficult if not possible to run through them all in a realistic timeframe, even with the use of a "super-computer".

The problem with larger keys in the past has been the speed at which files could be encrypted or decrypted (with the keys). The larger the cypher, the longer it took. With todays higher processing speeds this is becoming less an issue.