 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On 08/14/2013 06:34 AM, Jerry Feldman wrote: > Agreed. But, breaking the session key only works for a single message > or a single session. If they want to target a specific individual, > breaking the RSA/DSA keys will give them access to all encrypted > messages. (within the context is that a sent message is encrypted by > the recipient's public key), Yes, breaking the RSA/DSA key will let them read files or e-mails (effectively a file) encrypted with that public key. But I think that if you are doing SSL with that public key, the key exchange cannot be understood by a passive observer, so passively recording the packets will not let someone later decrypt the exchange. -kb
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
