On Friday 18 Apr 2014 15:27:12 Dale wrote: > Matti Nykyri wrote: > > On Apr 17, 2014, at 23:17, walt wrote: > >> On 04/17/2014 11:43 AM, Matti Nykyri wrote: > >>> I don't know much about the secp521r1 curve or about its security. > >>> You can list all available curves by: > >>> > >>> openssl ecparam -list_curves > >> > >> I don't either, but I hope this guy does :) > >> > >> http://www.math.columbia.edu/~woit/wordpress/?p=6243 > > > > Good article :) The overall picture I had about EC is more or less the > > same as described in the article. But you always have to make a threat > > analysis and it depends on the private data you are protecting. By > > definition any private data will be disclosed given enough time and > > resources. > > > > So if your adversary is NSA... Well protecting the communication of > > regular internet user and your production server with SSL and x509 > > certificates will just not secure the content. I'm 100% certain that NSA > > has access to at least one CA root certificates private keys. With those > > they can do a man-in-the-middle attack that the regular user will most > > likely never spot. > > > > I my own security model I'm protected from NSA by the fact that it will > > disappear in the flow of all other traffic because NSA is not stealing > > credit card numbers :) ECDSA with ECDHE is fast and secure according to > > public sources. > > > > The problem is totally different if you are protecting the secrets of > > your company that are within the interest of NSA. I'm lucky I don't have > > to try that. > > On this topic about NSA, I read a article that claimed the NSA was able > to view httpS traffic live or close to live since they had some backdoor > access keys. I don't recall where the article was but since this is a > knowledgeable bunch, is this true? If for example I go to my bank or > credit card website, can they "easily" view that traffic? If your bank was using certain versions of openssl over the last two years, then *any* attacker who knew of the heartbleed bug would have been able to steal the private key of the server and decrypt all communications with it. It is rumoured (but could be FUD) NSA are likely to have known of this vulnerability for at least since November 2013. > One reason this jumped out at me was that in the article, it was claimed > that a group of people was going to rewrite the code/software/whatever > for httpS and other encryption tools. > > If someone has links to such info for me to read and pass on to others, > that would be great too. HTTPS on its own does not mean much, if it is using insecure (less secure) algorithms. RC4 and DES are no longer considered secure, but there are websites and browsers that still use them in preference to more secure cryptos. Some elliptic curves based algorithms peddled by NIST at the behest of NSA are now considered suspicious, if not downright compromised by design. http://safecurves.cr.yp.to/ -- Regards, Mick