How difficult is it to crack HTTPS?

security https cryptography
5,895

Solution 1

I guess it is just theoretically possible with some huge calculation and sniffer.

# not that practical , nor worth of through.

my advice is be sure to check CAs of website, and relax yourself.

Solution 2

There is no encryption that is unbreakable; it just takes time. However, the equipment and time it takes to break encryption is a commodity. No government would want to bother wasting its resources cracking your passwords, unless they had a very good reason to. Those resources are usually spent deciphering verifiable targets of interest.

If they really wanted to get your data, it would be more effective to hack your physical PC ... or hack you until you tell them the passwords.

Share:
5,895
user22105
Author by

user22105

Updated on September 18, 2022

Comments

  • user22105
    user22105 over 1 year

    I'll be using a computer at a foreign country. Suppose the government is trying to figure out my password, would I be able to protect my password using HTTPS to log into GMail, or my company accounts?

    (Given that my surrounding is safe, I'm using my own laptop, except I'll be using the country's gateway to access the internet.)

    • Randolf Richardson
      Randolf Richardson almost 13 years
      You may be able to use a VPN (such as OpenVPN) and proxy your HTTP and HTTPS traffic through its encrypted connection back at the server, but if the country you will be visiting determines this to be illegal then the consequences could be serious (e.g., a prison sentence).
    • bwDraco
      bwDraco almost 13 years
      Duplicate, also closed as not constructive: superuser.com/questions/225472/how-safe-is-https
  • Randolf Richardson
    Randolf Richardson almost 13 years
    With "hack you until you tell them the passwords" you are referring to what's known as "rubber hose cryptanalysis" which basically means that an adversary is using physical violence (e.g., causing pain with a rubber hose) to coerce a subject into revealing a password, secret key, or other such information needed for decryption. Unfortunately, this type of cryptanalysis fails very badly when the subject really doesn't know the password, secret key, etc.
  • Randolf Richardson
    Randolf Richardson almost 13 years
    Are internet cafes particularly more dangerous somehow than other places where one can get connected to the internet?
  • Randolf Richardson
    Randolf Richardson almost 13 years
    I'll upvote your Answer if you insert the word "Yes" (or "Yes, it's possible.") right at the very beginning.
  • Keltari
    Keltari almost 13 years
    @Randolf - I would suspect he knows his Gmail password.
  • Randolf Richardson
    Randolf Richardson almost 13 years
    Certainly. Governments also don't need to hack passwords for users of webmail service providers -- they can just issue a court order for copies of all eMails from a particular user's account (or else the webmail service provider could be fined and/or their web site could be blocked by the country's firewalls).
  • Oyen
    Oyen almost 13 years
    @Randolf Richardson Yes they are. Anything you are running on an unknown computer you have the chance of it using a keylogger. If it's on an open wireless network things are even worse.
  • Randolf Richardson
    Randolf Richardson almost 13 years
    @Andrew Finnell: Well, for using an unknown computer I definitely agree, although I don't agree that an internet cafe would be any more risky than other unsupervised public access computers (such as those at some public libraries, schools, etc.). For any wireless internet connection (secured or no), I view it as being as risky as the rest of the internet in general -- anything and everything is happening (as far as any kind of hacking is concerned), and assumptions about privacy and security are sort of like invitations for trouble by dark hackers.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to make TLS connection from PHP in web server, and safely
Sending password safely from the front-end to the back-end using MD5
Is HTTPS the only defense against Session Hijacking in an open network?
Can HTTPS connections be hijacked with a man-in-the-middle attack?
window.opener.document.getElementById("parentId1").value = myvalue not working
How can the SSL client validate the server's certificate?
Generating 128-bit keys with keytool
Why do I get browser warnings on my new lets encrypt ssl setup?
Does renewing SSL certificate require re-issuing the cert?
SSL session persistence and secure cookies