[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: concrete steps for improving apt downloading security and privacy

On Mon, Jul 07, 2014 at 08:09:14PM +0900, Joel Rees wrote:
> But again, that's only half the story. When you send a kernel image
> encrypted, they have the plaintext and the crypt, and the thing is
> large and hard. This is the kind of data that can be used to
> completely break an entire encryption algorithm.

When you say "break an entire encryption algorithm", do you mean
"find the key" or really "break the whole algorithm"?

If you mean "break the whole algorithm and gain the ability to
convert ciphertexts to plaintexts no matter what key was used",
please consider that they could just encrypt a lot of data with
random keys themselves instead of collecting it from the internet.

If you mean "find the key": So what? You're talking about session
keys used in the TLS connection, right? Even if there was the kind
of attack you're thinking about, it would only allow an attacker to
gain access to the connection that he would be able to MITM anyway
without the TLS layer.

Attachment: signature.asc
Description: Digital signature

Reply to: