On Tue, 3 Apr 2018 19:39:57 +0000, David Boyes <dbo...@sinenomine.net> wrote:
>On 4/3/18, 3:00 PM, "IBM Mainframe Discussion List on behalf of Phil Smith" ><IBM-MAIN@LISTSERV.UA.EDU on behalf of p...@voltage.com> wrote: >I believe we're talking about different things. What you're describing isn't >civilian use of TLS. It's probably stream-cipher stuff (which is weaker >anyway) and in any case is within the telco system. Nobody is going to crack >TLS, even with lots and lots of data. > >Afraid not. > >https://www.blackhat.com/docs/us-16/materials/us-16-Ortisi-Recover-A-RSA-Private-Key-From-A-TLS-Session-With-Perfect-Forward-Secrecy.pdf > > >Thus the push for TLS 1.3 deployment. Boys, the issue is not whether TLS can be broken. "Anything you can do, I can do better!" the song goes. Given time and energy, any economically viable crypto can be broken. The entire industry is about making time and energy the limiting factor as opposed to the strength of the algorithms themselves. My point was that of the three delivery methods today (tape, DVD, and network), the network delivery is the most secure because it is the most expensive one to defeat. It's far easier and cheaper to buy off the little guy in the trucking firm to substitute the similar-looking package than to get the telco to do your dirty work for you. Or establish yourself AS a telco. (GREAT. There's the next nightmare: low-cost ISP who is really state actor.) Alan Altmark IBM ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN