|
|
|
|
|
|
by s_q_b
4716 days ago
|
|
|
First, FBI cracked 512-bit disk encryption in a recent case, seemingly with NSA help, so it seems they've got some pretty powerful brute forcing capabilities. SSL is generally only 256-bit. http://www.fiercecio.com/techwatch/story/fbi-cracks-encrypte... Second, since some sites don't use Diffie Hellman key exchange (which provides for perfect forward secrecy), they don't even need to work that hard. They can just grab the keys in transit. Third, with a MITM attack, you can just drop in a box that makes SSL connections on both ends transparently. Therefore neither endpoint knows the encryption is being routed through a third malicious point. See e.g. http://www.zdnet.com/how-the-nsa-and-your-boss-can-intercept... None of this proves definitively that the NSA can do this, but it does mean that if you have something to hide you'd be foolish to rely purely upon SSL. |
|
|
> FBI cracked 512-bit disk encryption in a recent case
Very hard to believe that they brute-forced 512-bit AES. More likely they guessed, or otherwise located, the key, or found some implementation flaw in the software/device.
> don't even need to work that hard. They can just grab the keys in transit.
If and only if they have the private key. Which, I concede, they may well be able to get.
> Third, with a MITM attack, you can just drop in a box that makes SSL connections on both ends transparently
No you can not, not without installing a cert on every single user's machine. This would have been noticed if it was going on.
I admit that now I think about it, putting taps on DC data connections and simply requiring sites or the DC to provide any and all private keys would be substantially less invasive/visible than actually putting taps into the building, and with basically the same effectiveness (except for the PFS thing).