Hi Stefan, On May 24, 2012, at 2:26 PM, Stefan Wollny wrote:
> Question: > "3. Is the technique used also able to at least in part decode and/or > analyze encrypted communication (e.g. by SSH of PGP)?" > > Answer: > "Yes, the technique used is in principle able to do this, depending on > the way and quality of the encryption." (Yepp - that's the complete > answer!) > > Is this some sort of Governmental FUD by just NOT adding s.th. like "if > the password/passphrase is weak enough"? I think the answer is very shallow and misguiding. There are only two ways to do this: (1) immediately via man-in-the-middle attacks, or (2) later decryption of recorded traffic. The first method is easily detectable, and the second method creates a lot of overhead in the long run. Storage, where to get private keys from, etc. Both of them offer full decryption, so I am not sure what the "partial decode and/or analyze" really means. The question is way too broad to get a precise answer. Of course you can decode SSH, but only on the protocol layer itself, not the payload. "Analyzing" encrypted protocols is easy, and it may raise a flag, but there is no way there's this thing that will read your emails on-the-fly even though you are using PGP. Franco
