Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On 08/14/2013 07:36 AM, Kent Borg wrote: > On 08/14/2013 06:34 AM, Jerry Feldman wrote: >> Agreed. But, breaking the session key only works for a single message >> or a single session. If they want to target a specific individual, >> breaking the RSA/DSA keys will give them access to all encrypted >> messages. (within the context is that a sent message is encrypted by >> the recipient's public key), > > Yes, breaking the RSA/DSA key will let them read files or e-mails > (effectively a file) encrypted with that public key. But I think that > if you are doing SSL with that public key, the key exchange cannot be > understood by a passive observer, so passively recording the packets > will not let someone later decrypt the exchange. Basically, there are 3 groups of those who want to hack encryption 1. Governments - they have resources and if they want to get your information they have tools to do it. 2. criminals who want your information. Unless you are very wealthy, there is very small chance they will try to break your encryption. Simple cost benefit. 3. random hackers. There are people out there with skills and some resources. It is hard to protect against these people because of their skills. While they don't have acres of supercomputers they have the skills to build or use low cost clusters. So, I'm not really worried. If the NSA or FBI wanted to get my information and read my emails they can do it, and there is very little that I can do other than remain under the radar. -- Jerry Feldman <gaf at blu.org> Boston Linux and Unix PGP key id:3BC1EB90 PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |