Re: Is SSL/TSL really secure?
- From: "Wade" <wbicknell@xxxxxxxxxxxxxxxxxxxx>
- Date: 30 Mar 2006 09:50:14 -0800
I think both parties are right. Governments don't need to break the
encryption head on (a frontal attack). But at the same, I don't think
they can break the encryption unless something is configured
incorrectly ( a side attack). AES 128 would take millions of
milleniems to break by brute force, even at 40,000,000,000 calculations
a second, so SSL running AES 128 would not be easily broken. If a
nation-state is trying to get into the system, they have the resources
to gain access by other means. Their is an elite group of hackers from
every country spending time, sifting data, mapping networks. With
enough time and energy, not system is secure from a nation state
threat, even if the system is not plugged into anything else.
The supported symmetric key algorithms in todays SSL environments are
more than adequate to mask data for as long as the data is valuable, so
long as the implimentation is correct. But no data is safe from the
nation-state threat. Defense is expensive, offense is cheap.
.
- References:
- Is SSL/TSL really secure?
- From: tomodachigai
- Re: Is SSL/TSL really secure?
- From: Volker Birk
- Re: Is SSL/TSL really secure?
- From: Ludovic Joly
- Re: Is SSL/TSL really secure?
- From: Volker Birk
- Re: Is SSL/TSL really secure?
- From: Ludovic Joly
- Re: Is SSL/TSL really secure?
- From: Sebastian Gottschalk
- Re: Is SSL/TSL really secure?
- From: Barry Margolin
- Re: Is SSL/TSL really secure?
- From: Ludovic Joly
- Re: Is SSL/TSL really secure?
- From: Sebastian Gottschalk
- Is SSL/TSL really secure?
- Prev by Date: Re: CertOpenStore: Problem opening user certificates on a remote computer
- Next by Date: Re: CertOpenStore: Problem opening user certificates on a remote computer
- Previous by thread: Re: Is SSL/TSL really secure?
- Next by thread: Re: Is SSL/TSL really secure?
- Index(es):
