On Mon, Jul 07, 2014 at 08:09:14PM +0900, Joel Rees wrote: > But again, that's only half the story. When you send a kernel image > encrypted, they have the plaintext and the crypt, and the thing is > large and hard. This is the kind of data that can be used to > completely break an entire encryption algorithm. When you say "break an entire encryption algorithm", do you mean "find the key" or really "break the whole algorithm"? If you mean "break the whole algorithm and gain the ability to convert ciphertexts to plaintexts no matter what key was used", please consider that they could just encrypt a lot of data with random keys themselves instead of collecting it from the internet. If you mean "find the key": So what? You're talking about session keys used in the TLS connection, right? Even if there was the kind of attack you're thinking about, it would only allow an attacker to gain access to the connection that he would be able to MITM anyway without the TLS layer.
Description: Digital signature