Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Jerry Feldman wrote: > recipient's public key), so to make this bidierctional they need to > break 2 keys, so the job gets more difficult. Breaking the session key The public key is more easily recovered from, say, a public key server. This requires no effort at all. It may be easier -- and it will become easier as time passes -- to factor the prime numbers that comprise the public key and use them to recreate the private key. The strength of RSA is that it is very, very computationally expensive to factor large prime numbers. Kent Borg wrote: > if you are doing SSL with that public key, the key exchange cannot be > understood by a passive observer, so passively recording the packets > will not let someone later decrypt the exchange. If you have the certificate and you can snoop the session handshake then you can recover the session key and decrypt the session. The security of the secret key is paramount to every PK system. I assert that the NSA have compromised the public CAs just as they have compromised the service providers. This is computationally very inexpensive. It simply requires the FISC to fire up Word and print out a few national security letters. The NSA either have copies of all of the certificates issued by public CAs or can obtain them upon request. As you repeatedly point out, the NSA wants to store everything. "Everything" includes SSL handshakes. Certificate + handshake = session key => decrypted session in real time. Any user, any session, any time, any reason. No cryptanalysis needed. No brute force needed. -- Rich P.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |