Jump to content
Not connected, Your IP:
Sign in to follow this  

[Noob Question] : MITMA, ISP & VPN.

Recommended Posts

Hi there,

Not being a computer wizard, I begin to learn how this whole encrypted connection story works & I read some articles about the public/private keys exchange between Bob & Alice. My question is : "How can I be TECHNICALLY sure that I will be protected from my Internet Service Provider doing a 'Man in the Middle' attack, when I will do the first key exchange?" This question could concern AirVPN, any VPN provider or OpenVPN.

I tried of course to google that, but everytime I do it, it gives me back articles about how the keys exchange works. Is it something in the key exchange that I did not understand? Can someone give me some key words I might be missing or some links to articles about it? I will do the rest of the work.

Thank you.

Share this post

Link to post

I'm not 100% sure but I think anyone wanting to do a man in the middle attack would get timed out before they had a chance to decrypt your initial message/hand-shake i.e. if your ISP or anyone else wanted to set up a man in the middle when you were exchanging the opening key sequence then the fact that whoever this interloper is not having the private key on their end means that they would need an absolutely humongous amount of processing power to be able to calculate all the sequences they would need to to crack the opening sequence and get into your traffic.

I think basically that's all the RSA key thing is,it demands an impossible amount of processing power to crack rather than actually be an uncrackable thing.

I read somewhere recently that all the publicly known processing power available to the CIA or the NSA or one of those agencies would take 3 weeks to crack your average VPN handshake key and Open VPN generates a new key every hour or sooner if you want to change those settings so even if they have 10 or 100 times that cpu available unknown to us it would still take longer for a know Gov agency to crack a VPN hand-shake than it would take for the VPN to generate a new key so I think it's safe to assume that unless you really are doing something truly heinous then it's very doubtful that anyone will be wanting to pay that much attention to you.

Unless your girlfriend is particularly hot of course and you spend a lot of time (ahem) video-conferencing with her.

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

  • Create New...