Reply to post: Re: If everything's encrypted, what's the problem?

You're on a Huawei to Hell, US Sec State Pompeo warns allies: Buy Beijing's boxes, no more intelligence for you

James R Grinter

Re: If everything's encrypted, what's the problem?

If you have the server private key then you can decrypt the captured TLS sessions (including at a later date, e.g. if you steal that key), *unless* they use a cipher scheme that implements perfect forward secrecy.

Then you can’t.

But you certainly can’t break TLS just by sniffing the packets as an independent observer, unless you can “break” the maths behind DH.

https://security.stackexchange.com/a/42350 has a pretty good explainer

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019