[Cryptography] Protecting Private Keys

Jim Popovitch jimpop at gmail.com
Sat Sep 7 15:46:10 EDT 2013


On Sat, Sep 7, 2013 at 10:20 AM, Jeffrey I. Schiller <jis at mit.edu> wrote:
> One of the most obvious ways to compromise a cryptographic system is
> to get the keys. This is a particular risk in TLS/SSL when PFS is not
> used. Consider a large scale site (read: Google, Facebook, etc.) that
> uses SSL. The private keys of the relevant certificates needs to be
> literally on hundreds if not thousands of systems.

$5k USD to anyone one of the thousands of admins with access....

-Jim P.


More information about the cryptography mailing list