So even if Goog or Yahoo encrypt their data between DCs, what stops the NSA from decrypting that data? Or would it be done simply to make their lives a bit more of a PiTA to get the data they want?
-Mike > On Nov 1, 2013, at 19:08, Harry Hoffman <hhoff...@ip-solutions.net> wrote: > > That's with a recommendation of using RC4. > Head on over to the Wikipedia page for SSL/TLS and then decide if you want > rc4 to be your preference when trying to defend against a adversary with the > resources of a nation-state. > > Cheers, > Harry > > Niels Bakker <niels=na...@bakker.net> wrote: > >> * mi...@stillhq.com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]: >>> Its about the CPU cost of the crypto. I was once told the number of >>> CPUs required to do SSL on web search (which I have now forgotten) >>> and it was a bigger number than you'd expect -- certainly hundreds. >> >> False: https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html >> >> "On our production frontend machines, SSL/TLS accounts for less than >> 1% of the CPU load, less than 10KB of memory per connection and less >> than 2% of network overhead. Many people believe that SSL takes a lot >> of CPU time and we hope the above numbers (public for the first time) >> will help to dispel that." >> >> >> -- Niels. >>
