> * Alok wrote: > > > A bit off the thread... > > Ever wondered if one can break PKI given that the 1st request to a server is > > mostly GET / in https? > > The "GET /HTTP/1.0" is done using a symetric cipher like RC2 or RC4 etc. > The PKI is only used to transfer the symetric key between hosts. Using > a suitable keylength (1024) its a tough job to break. Longer than the > lifetime of the universe or some silly number like that.
yup the PKI part may be a problem.... lets take PKI out for a moment and talk simple block encryption, given that you know a. the message or the 1st few bits in it b. the set of possible block algorithms used to encrypt Can you determine session key? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
