W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: HTTP/2 and Pervasive Monitoring

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Wed, 20 Aug 2014 20:29:39 +0000
To: Martin Thomson <martin.thomson@gmail.com>
cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <23682.1408566579@critter.freebsd.dk>
--------
In message <CABkgnnUVHgkRdUKBYKoKec1UO_fF+GZEiqMXmirwd4XKjtYf2Q@mail.gmail.com>
, Martin Thomson writes:
>On 20 August 2014 11:36, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
>> Last I looked AES had 128 bit and larger keys, so that would be 2^127 ?
>
>No, 2^64.
>
>https://en.wikipedia.org/wiki/Birthday_attack

You are not looking for a birthday attack.  You are looking at pile
of billions of HTTP connections and you have to decrypt *all* of them.

>> To stop PM, we don't need unbreakable crypto, we just need crypto
>> which is sufficiently expensive to break.
>
>That's all we ever have.  We just draw the line in different places.
>My point is that the line is close enough to what is state of the art
>to not bother with anything less.

And my point is that plenty of people have told us that state of the
art is uneconomical to them, so you'll never get emergency services,
news and porn on that bandwagon.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Wednesday, 20 August 2014 20:30:06 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC