[Discuss] KeePassX

[richard.pieri at gmail.com (Richard Pieri)]

Jerry Feldman wrote:
> recipient's public key), so to make this bidierctional they need to
> break 2 keys, so the job gets more difficult. Breaking the session key

The public key is more easily recovered from, say, a public key server. 
This requires no effort at all.

It may be easier -- and it will become easier as time passes -- to 
factor the prime numbers that comprise the public key and use them to 
recreate the private key. The strength of RSA is that it is very, very 
computationally expensive to factor large prime numbers.


Kent Borg wrote:
 > if you are doing SSL with that public key, the key exchange cannot be
 > understood by a passive observer, so passively recording the packets
 > will not let someone later decrypt the exchange.

If you have the certificate and you can snoop the session handshake then 
you can recover the session key and decrypt the session. The security of 
the secret key is paramount to every PK system.

I assert that the NSA have compromised the public CAs just as they have 
compromised the service providers. This is computationally very 
inexpensive. It simply requires the FISC to fire up Word and print out a 
few national security letters. The NSA either have copies of all of the 
certificates issued by public CAs or can obtain them upon request.

As you repeatedly point out, the NSA wants to store everything. 
"Everything" includes SSL handshakes.

Certificate + handshake = session key => decrypted session in real time. 
Any user, any session, any time, any reason. No cryptanalysis needed. No 
brute force needed.

-- 
Rich P.