Craig: Date: 8 Jul 2003 17:33:02 -0000 Craig: From: Craig Brauckmiller <[EMAIL PROTECTED]> Craig: To: [EMAIL PROTECTED] Craig: Subject: HTTPS - How hard to decrypt? Craig: Craig: Craig: Craig: We have begun rolling out wireless cards to our VP laptops. We have also Craig: purchased T-Mobile Hotspot accounts for them to use in such places as Craig: Starbucks, American Admiral's Clubs, etc. Craig: Craig: >From my testing, the user name and password entry screen that TMobile Craig: requires you to fill in before they will allow you to do any type of Craig: surfing. Craig: Craig: The login page does use HTTPS, so I assume the user name and password are Craig: encrypted when the user submits the page. Craig: Craig: How hard is it to decrypt SSL based traffic over a wireless link or wired Craig: for that matter? Is it something trivial, or would it take some time to Craig: break? I just worry about a hacker hanging out at Starbucks and snagging Craig: a user name and password for free internet access. Craig: Craig: Thanks Craig: Craig: Craig Brauckmiller
IMHO I should think it depends on a few factors, mainly the number of bits used in the encryption. 64-bit encryption would take less time than 128-bit. Given enough time brute force will crack anything. I dont see someone sitting at Starbucks wasting time trying to crack the standard 128-bit SSL. I dont think you have anything to worry about. Scott Birl http://concept.temple.edu/sysadmin/ Senior Systems Administrator Computer Services Temple University ====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====* --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
