Wednesday, July 29, 2015

The NSA hACK

So why is NSA making the attempt to collect all communication?  We have two data types, un-encrypted and encrypted. Which you think is the ruse here?

If I encrypted something with one key and send it one time to only one person, its secure. Well sort-of as if has a part that is the same content wise with another message using the same key it is no longer secure. Remember, Gmail uses one SSL key folks, so does Yahoo and MS and Apple.[Slight correction, all those who use SSL/TLS have one key per short session with the key being set to anew on if the session is long]

Or to put it another way NSA needs to collect all encrypted traffic to brute  force attack through message attacks a particular key and or particular message. It gets more accurate, the brute force attack, if you have almost all the encrypted messages of a particular key.

What is the counter? Change your keys often and vary what human language you use in the content such as using a human language that has a high amount of letters, Chinese.