[Discuss] KeePassX
Gregory Boyce
gboyce at badbelly.com
Wed Aug 14 07:42:07 EDT 2013
That depends on the cipher in use and if it supports perfect forward
secrecy or not.
http://en.wikipedia.org/wiki/Perfect_forward_secrecy
On 08/14/2013 06:34 AM, Jerry Feldman wrote:
> Agreed. But, breaking the session key only works for a single message or a
> single session. If they want to target a specific individual, breaking the
> RSA/DSA keys will give them access to all encrypted messages. (within the
> context is that a sent message is encrypted by the recipient's public key),
>
Yes, breaking the RSA/DSA key will let them read files or e-mails
(effectively a file) encrypted with that public key. But I think that if
you are doing SSL with that public key, the key exchange cannot be
understood by a passive observer, so passively recording the packets will
not let someone later decrypt the exchange.
-kb
______________________________**_________________
Discuss mailing list
Discuss at blu.org
http://lists.blu.org/mailman/**listinfo/discuss<http://lists.blu.org/mailman/listinfo/discuss>
More information about the Discuss
mailing list