[Ach] forward secrecy

Aaron Zauner azet at azet.org
Fri Nov 15 05:33:32 CET 2013


Hi,

I think we should include a short paragraph on forward secrecy. Often when I talk to administrators they do not know what FS is. Since keys can be supeanoed, stolen or hacked this has become a very real issue (think lavabit - the guy wasn’t aware of forward secrecy or the implications of traffic being stored over a long period of time - every communication can now easily be decrypted by gov. agencies since he had to supply the key for his SSL setup). A couple of years ago I myself would have labeled most people as paranoid for suggesting such a thing - although technically possible I didn’t believe that anyone would hoard such amounts of data for such a long time. And I was not alone thinking this way, I spoke to many security people over the years and many agreed that this would be infiseable. Well - It might be, but since goverments rather spend money on huge datacenters and graph analysis of massive amounts of data than proper healthcare that turned out to be a false assumption.


Aaron <Tinfoilhat>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131115/77413c29/attachment.sig>


More information about the Ach mailing list