On 9/5/13, coderman <coderman@gmail.com> wrote:
On Thu, Sep 5, 2013 at 11:38 AM, grarpamp <grarpamp@gmail.com> wrote:
...
however, the crypto breakthrough discussed is more mundane:
Source? Sure, non-PFS can be exploited.
i asked Snowden for an authoritative copy... ;P
Didn't John just say something about journalists and interpretation ;)
But extending that as underlying explanation of the Bamford quote is dangerous. It's Bamford's quote, ask him.
there's lots of disinformation around this topic, comparisons and analogies that indicate this has been filtered through less technical intermediaries.
he can't say much about specifics, remember?
deployment of deep packet inspection with SSL/TLS capabilities.[0]
I'd call it 'applied decrypting' not some breakthrough in 'cryptanalyze'ing or 'break'ing any crypto. Words are important.
see above regarding technical vs. non-technical. for the high ups, getting access to encrypted communication is "breaking encryption". whether that is breaking by cooperative agreement and new hardware, or breaking by new attacks on crypto primitives themselves, it is indistinguishable to them but makes all the difference to us.
to walk through with rough ballpark but by no means representative numbers
All good extended analysis indeed. Perhaps my issue is just with the words. I read Bamford as indicating attacks against the crypto itself, not tricks applied downstream or around it (regardless of how wholesale, specific, successful or profitable a given applied approach might be in the eyes of the doers or the done). While recently novel and profitable with centralized services, borrowing traditional certs [1] or logging the PFS session keys [2] is vastly different from having a working "cryptanalysis" against the long term thought to be dependable underlings such as RSA, AES, ECC, etc. Surely if the cooperation to achieve [1] is so tight then [2] would be equally doable. Then again, might as well ship the plaintext straight off the servers.