this post was submitted on 10 Nov 2025
3 points (66.7% liked)

Secure Coms

84 readers
3 users here now

This is a community for enthusiest who love to ponder new ways for Alice to communicate with Bob in a world where global passive adversarys probably record every bit that ever crosses the wire.

Discuss cryptography, secure key exchange, private messangers, radios, encoding, networking tools, authentication mechanisms and anything relevant to coming up for ways to Alice to get a message to Bob.

founded 2 months ago
MODERATORS
cm0002@programming.dev
3
How the NSA can break trillions of encrypted Web and VPN connections (arstechnica.com)
submitted 1 month ago by cm0002@futurology.today to c/securecoms@programming.dev
4 comments fedilink hide all child comments
top 4 comments
sorted by: hot top controversial new old
[–] senorblackbean@lemmy.world 4 points 1 month ago (1 children)

Article is dated 2015. Blast from the past!

[–] LordMayor@piefed.social 2 points 1 month ago

This account is on multiple instances and posts a ton of crap. Not sure what they’re trying to accomplish.

[–] slazer2au@lemmy.world 3 points 1 month ago

Tl;dr

It is likely 512 and 1024 bit diffie Hellman primes are within the NSA budget to predict. Move to at least 2048.

Or better yet move to an elliptic curve

[–] Zachariah@lemmy.world 2 points 1 month ago

For years, privacy advocates have pushed developers of websites, virtual private network apps, and other cryptographic software to adopt the Diffie-Hellman cryptographic key exchange as a defense against surveillance from the US National Security Agency and other state-sponsored spies. Now, researchers are renewing their warning that a serious flaw in the way the key exchange is implemented is allowing the NSA to break and eavesdrop on trillions of encrypted connections.

The cost for adversaries is by no means modest. For commonly used 1024-bit keys, it would take about a year and cost a “few hundred million dollars” to crack just one of the extremely large prime numbers that form the starting point of a Diffie-Hellman negotiation. But it turns out that only a few primes are commonly used, putting the price well within the NSA’s $11 billion-per-year budget dedicated to “groundbreaking cryptanalytic capabilities.”