Alan Altmark wrote: >Boys, the issue is not whether TLS can be broken. "Anything you can do, >I can do better!" the song goes. Given time and energy, any economically >viable crypto can be broken. The entire industry is about making time >and energy the limiting factor as opposed to the strength of the >algorithms themselves.
Agreed. The point I was trying to make is that it's a mistake to make TLS sound trivial to break. It's not. "time and energy" with AES 128 (never mind 192 or 256) is heat-death of the universe time, and that's not even considering the energy. So "not gonna happen" is reasonable. (And no, quantum computing doesn't help break symmetric crypto. Current asymmetric, yes; but there are other known algorithms that are quantum-resistant. So even that concern is just hype.) As for the link David posted, that's an attack on one particular careless implementation, not a general problem with TLS 1.2. Even with fancy hardware and the vuln the link talks about, it's not a slam-dunk, as the presentation makes clear. I'm leery of making folks more nervous than they need to be about a topic they're mostly not conversant or comfortable with already. >My point was that of the three delivery methods today (tape, DVD, and >network), the network delivery is the most secure because it is the most >expensive one to defeat. It's far easier and cheaper to buy off the >little guy in the trucking firm to substitute the similar-looking >package than to get the telco to do your dirty work for you. Or >establish yourself AS a telco. (GREAT. There's the next nightmare: >low-cost ISP who is really state actor.) Yes! Chuckie is just another of Bob Hackerman's aliases, right? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN