nanog mailing list archives
RE: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
From: "John Souvestre" <johns () sstar com>
Date: Fri, 1 Nov 2013 23:00:11 -0500
Money. The better the encryption the more it costs to crack. With forward security you can even protect against your private key leaking. In short, you can raise the stakes and make it economically unfeasible for even the NSA. John John Souvestre - New Orleans LA - (504) 454-0899 -----Original Message----- From: Mike Lyon [mailto:mike.lyon () gmail com] Sent: Fri, November 01, 2013 9:19 pm To: Harry Hoffman Cc: Niels Bakker; nanog () nanog org Subject: Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic So even if Goog or Yahoo encrypt their data between DCs, what stops the NSA from decrypting that data? Or would it be done simply to make their lives a bit more of a PiTA to get the data they want? -Mike
On Nov 1, 2013, at 19:08, Harry Hoffman <hhoffman () ip-solutions net> wrote: That's with a recommendation of using RC4. Head on over to the Wikipedia page for SSL/TLS and then decide if you want
rc4 to be your preference when trying to defend against a adversary with the resources of a nation-state.
Cheers, Harry Niels Bakker <niels=nanog () bakker net> wrote:* mikal () stillhq com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]:Its about the CPU cost of the crypto. I was once told the number of CPUs required to do SSL on web search (which I have now forgotten) and it was a bigger number than you'd expect -- certainly hundreds.False: https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html "On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that." -- Niels.
Attachment:
smime.p7s
Description:
Current thread:
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic, (continued)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Valdis . Kletnieks (Nov 03)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Masataka Ohta (Nov 03)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Valdis . Kletnieks (Nov 03)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Joly MacFie (Nov 04)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Masataka Ohta (Nov 05)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Valdis . Kletnieks (Nov 06)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Masataka Ohta (Nov 06)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Mike Lyon (Nov 01)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Lyndon Nerenberg (Nov 01)
- RE: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic John Souvestre (Nov 01)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Matthew Petach (Nov 02)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Michael Thomas (Nov 02)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic joel jaeggli (Nov 01)
- Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic Randy Bush (Nov 01)