Perfect Forward Secrecy: Not So Perfect, Not So Forward

IPTV iptv at gn.apc.org
Tue Dec 11 13:13:09 GMT 2012 

This is about gmail.   The web mail service has its SSL terminal on 
their mail server where it become plaintext and is stored and used in 
all sorts of things Google won't talk about.   In that context, 
plaintext retrieval for LE is trivial.

Duncan


At 11/12/2012   07:20, you wrote:
>Communication Data scrutiny report [1], paragraph 92 implies that 
>Google are in a position to retrospectively decrypt SSL sessions.
>
>ian
>>
>>92. Many internet services are encrypted; this includes many of the 
>>major overseas based communications services such as Gmail. 
>>Encryption is the basis of internet security and companies encrypt 
>>their services to protect their customers. If these companies are 
>>asked directly for communications data and agree to supply it, 
>>whether under RIPA or following a request under a Mutual Legal 
>>Assistance Treaty (MLAT), then they will decrypt the information, 
>>extract the relevant communications data and provide it to the 
>>requesting authority in an accessible format. They told us however 
>>that if information about their service was collected by another 
>>CSP they would not cooperate in helping decrypt it. Sarah Hunter 
>>from Google explained:
>>
>>"From a Google Inc perspective, we are very confident about the 
>>security of our encryption. If a valid RIPA request comes in or UK 
>>law enforcement goes through the MLAT, receives a court order and 
>>in turn gets Gmail user data, we will obviously provide that data 
>>decrypted. If it was to use a third-party provider to gather the 
>>encrypted data, I think it very unlikely that Google Inc would 
>>provide anyone outside Google Inc with that key. That is simply 
>>because, as everyone said earlier, security is our most important 
>>asset. Our relationship with our users is predicated on trust. 
>>Without that, we have no business".65
>
>
>
>[1] 
><http://www.publications.parliament.uk/pa/jt201213/jtselect/jtdraftcomuni/79/79.pdf>http://www.publications.parliament.uk/pa/jt201213/jtselect/jtdraftcomuni/79/79.pdf

More information about the ukcrypto mailing list