On 27-01-2011 18:27, Arno Garrels wrote:
Without the certificate(s) and private key(s) he may intercept transparently
as long as he likes. When he wants to decrypt the session on the fly he
has to go thru the handshake process on behave of the victim by presenting
the stolen certificate(s), acting as a proxy server.

But stolen keys is your previous argument. After you have it, decoding the data is much more easy if you know how the key is used to encrypt/decrypt it. Knowing the encrypt algorithm is also important to, with brute-force, decode the data, if you just want to see what the communication is all about. That's why the security agencies don't like closed protocols.

To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to