dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
58

hyphenated
@bellsouth.net

hyphenated to fatpipe

Anon

to fatpipe

Re: Please Help me to Understand

No guru here just thinking, you wan't necessarily have to break encryption to have a "backdoor".

fatpipe
join:2011-10-02
Austin, TX

fatpipe

Member

Please explain how you would do this. Because if encryption has a "backdoor", then in my opinion one cannot call it encryption or am I'm completely wrong in my understanding of encryption.

joako
Premium Member
join:2000-09-07
/dev/null

joako

Premium Member

It can be encrypted all you want but the question is do you and only you control the encryption keys? Otherwise it's worthless. Many services do encrypt but also keep the keys for your convenience.

kevinds
Premium Member
join:2003-05-01
Calgary, AB

kevinds to fatpipe

Premium Member

to fatpipe
It is still encypted, but there would be two or more keys,

Your key that you use, and one or more backdoor keys that work too.

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

ArrayList to joako

Premium Member

to joako
If the customer did not create the keys, then it must be assumed that the encryption keys are compromised.

bvdx
@ycnx.net

bvdx to kevinds

Anon

to kevinds
Most encryption for social media sites is transport encryption. It is asymmetric encryption such as TLS aka. SSL/https. The data is fed to the application on the backend in clear text, a backdoor could allow a copy of the clear data sent to the government as well as the real destination, i.e. the application server. It takes alot more computing power and money to wiretap data as a man in the middle.