Poul-Henning Kamp: """With expenditures of this scale, there are a whole host of... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		silvestrov on July 31, 2013 \| parent \| context \| favorite \| on: XKeyscore: NSA program collects 'nearly everything... Poul-Henning Kamp: """With expenditures of this scale, there are a whole host of things one could buy to weaken encryption. I would contact providers of popular cloud and "whatever-as-service" providers and make them an offer they couldn't refuse: on all HTTPS connections out of the country, the symmetric key cannot be random; it must come from a dictionary of 100 million random-looking keys that I provide. The key from the other side? Slip that in there somewhere, and I can find it (encrypted in a Set-Cookie header?).""" http://queue.acm.org/detail.cfm?id=2508864

nl on Aug 1, 2013 [–]

That's an interesting idea.

Even better would be for the NSA to penetrate Thwate, Verisign etc and make the keys they "generate" non-random (perhaps only for a subset of certificates sold)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact