|
|
|
|
|
|
by uh_oh
4756 days ago
|
|
|
My understanding is that MITM (but in a perfect way, using the leaked private key) is still required, if ephemeral Diffie-Hellman is involved. You can't just passively record the stream and decrypt it, since you don't know the exchanged DH secret. The suggestion that the companies actually gave them the keys and this explains the "direct access" phrase makes a lot of sense! |
|
|