iMessage's 'End-To-End' Encryption Hardly Any Better Than TLS, Say Cryptography Researchers

Status
Not open for further replies.

mrbofus

Honorable
May 13, 2013
5
0
10,510
0
"iMessage's 'End-To-End' Encryption Hardly Any Better Than TLS, Say Cryptography Researchers"

Why is "end-to-end" in quotes? Isn't iMessage's encryption end-to-end? The quotes, particularly in the headline, imply that it's not...?
 

Darkk

Distinguished
Oct 6, 2003
615
0
18,980
0
"Ever since Edward Snowden released the NSA documents, an encryption mechanism called “forward secrecy” has significantly increased in popularity with service providers. The mechanism essentially automatically rotates the encryption keys at regular intervals, and once it switches to a new key, past data can’t be decrypted anymore."

Not entirely accurate. Using "forward secrecy" simply protects a session in transit. There are several sessions over a short period of time. Only that session gets compromised if the attacker figured out the session encryption key.

The attacker can capture all those sessions and do offline brute force which will take huge amount of resources and time to do it. NSA might be able to do this in parallel which is beyond reach for most of us.
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS