0

It is now possible to store long periods of vast data transfers (ie. one month of all the communication in/out of the whole country, continent etc.).

Can the SSL communication still be considered safe in these circumstances?

I am not a security expert, I am just wondering...

Let all the communication between all the subjects involved (Certification Authority and both communicating entities) be transferred over network that is being watched and all the data exchange is stored somewhere. Also consider that CA has not been breached (secure data stored in CA do not leave CA, otherwise this communication is no longer safe).

Is this communication still secure?

How long would it take to crack weak SSL certificate in case we have all the data transferred over the network available for the fastest supercomputer at the moment? (with short key, ie. 256bit with ie. 100 PFLOPS)

How long would it take for 2048bit key in case we have all the data transferred over the network available?

Thank you for answers, I am ready to modify this question if necessary (in case some text / information needs modifying to be exact enough)

Petr Urban
  • 298
  • 2
  • 13
  • Your assumption that "CA has not been breached" isn't believable. The simple thing for the black helicopter people to do is get hold of the root certificates and then use them to decode everything – Vorsprung Jul 19 '13 at 08:33
  • 5
    This question appears to be off-topic because it is about security and probably belongs more to Security.SE (although it may need improvement too). – Bruno Jul 19 '13 at 08:44
  • Good point Vorsprung, I am now more interested in scenario when someone has only the data transfers available. In case of breaching data of CA there's no doubt that such communication is not safely encrypted. – Petr Urban Jul 19 '13 at 10:25
  • 1
    @Vorsprung There's nothing useful to an eavesdropper at the CA. Root certificates can't be used to 'decode' anything. They would have to get hold of the private key of the actual server in the actual conversation. – user207421 Jul 19 '13 at 22:31

1 Answers1

3

Your question embodies a contradiction in terms. You can't have a man-in-the-middle attack on a stored session. A Man-in-the-middle attack occurs while the connection is up, and involves the MITM posing as the peer to both ends, which requires certificate forgery. The situation described in your question concerns post-hoc decrypting of a completed session, which at worst require brute-force iterating over the possible keys, and whose feasibility halves with every bit in the key. These are completely different attacks.

user207421
  • 305,947
  • 44
  • 307
  • 483