So when NSA got hacked, all legal US algorithms [required to register them] might have been copied by the hackers then.
One thing, if we are ever reduced to going ‘old school’, here is a ‘poor man’s encryption’:
In the old fashioned text document [the very most basic one], I sometimes ‘auto-replace’ several misspelled words at once.
You can use that for the opposite purpose — to encrypt.
You could replace ‘a’ with xyz
You could replace ‘e’ with zzz
Every vowel with constanants and every constenant with vowels. And that’s just the simplist way of doing it.
You could have multiple translations for each ‘a’, such as either xyz or yyy.
Or you could replace one letter with another single letter, but that takes more work.
Then reverse the process with auto-correct.
A lot of work unfortunately.
YAHOO sued for gross negligence over huge hacking...
https://www.yahoo.com/news/yahoo-sued-gross-negligence-over-huge-data-breach-213708408—finance.html
[Even though NSA had their algorithm filed away. Might be NSA’s fault when NSA got hacked.]
Doubtful. Also anyone who develops their own encryption is stupid. No offense to you, AW!M, but your encryption is much much much easier to break than any known encryption algorithm,. The analysts would use information theory, entropy, and other concepts and quickly figure it out.
There is a truism with encryption that people need to realize. Against a determined and smart adversary it is much easier for them (in your case much much much easier) to figure out the algorithm than to reverse engineer a key with a legitimate know algorithm. In fact what most attackers do when faced with encryption is try to hack beneath it and find the plaintext before it gets encrypted.
Here's a simple example. You connect to your bank with HTTPS. My goal is to insert a new destination bank account into one of your transactions so I can get the money instead. I tap your connection. Can I break HTTPS and figure out the key? No way. Can I insert new content into that connection? Even more difficult.
Instead I would try to get you to connect to a fake version of your bank. Or even easier I would try to get you to connect to a "free stuff" website and install some malicious app on your computer and insert the account into the message right before it gets encrypted and sent to your bank.
People don't break encryption unless they are the NSA (and probably China) and they only would do that for extremely high value targets and even then it is going to take time and resources. If you were such a high value target and used the encryption you described, or even something 100 times better, your adversaries would thank their lucky stars that you did that instead of using AES256.