dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
26
share rss forum feed


fatpipe

join:2011-10-02
Austin, TX
reply to hyphenated

Re: Please Help me to Understand

Please explain how you would do this. Because if encryption has a "backdoor", then in my opinion one cannot call it encryption or am I'm completely wrong in my understanding of encryption.



joako
Premium
join:2000-09-07
/dev/null
kudos:6

It can be encrypted all you want but the question is do you and only you control the encryption keys? Otherwise it's worthless. Many services do encrypt but also keep the keys for your convenience.


kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3
reply to fatpipe

It is still encypted, but there would be two or more keys,

Your key that you use, and one or more backdoor keys that work too.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.



ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
reply to joako

If the customer did not create the keys, then it must be assumed that the encryption keys are compromised.



bvdx

@ycnx.net
reply to kevinds

Most encryption for social media sites is transport encryption. It is asymmetric encryption such as TLS aka. SSL/https. The data is fed to the application on the backend in clear text, a backdoor could allow a copy of the clear data sent to the government as well as the real destination, i.e. the application server. It takes alot more computing power and money to wiretap data as a man in the middle.