<div dir="auto"><div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 29 Oct 2021, 15:55 A Crisan, <<a href="mailto:alina.florar@gmail.com">alina.florar@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-family:garamond,times new roman,serif;font-size:small">Hi Matthew,</div></div><div class="gmail_quote"><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default">I was reading the above exchange, and I do have a question linked to your last affirmation. To give you some context, the last 2021 ENISA report seem to suggest that internet traffic is "casually registered" by X actors to apply post Retrospective decryption (excerpt below). This would be at odds with your (deescalating) affirmation that hijacks are non-malicious and they are de-peered quickly, unless you pinpoint complete flux arrest only. Are there any reportings/indicators... that look into internet flux constant monitoring capabilities/capacities? Thanks.</div></div></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">RPKI uses authentication not confidentiality. There is no encryption taking place, other than the signatures on the certificates etc.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default">Excerpt from the introduction: "<span><span dir="ltr">What makes matters worse is
that any cipher text intercepted by an attacker today can be decrypted
by the attacker as soon as he has access to a large quantum computer
(Retrospective decryption). </span></span></div></div></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Which do not exist (yet).</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default"><span><span dir="ltr">Analysis of Advanced Persistent Threats
(APT) and Nation State capabilities, </span></span></div></div></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Buzzwords.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default"><span><span dir="ltr">along with whistle blowers’
revelations</span></span></div></div></div></blockquote></div></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default" dir="auto"><span><span dir="ltr"> have shown that threat actors can and are casually recording
all Internet traffic in their data centers</span></span></div><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default" dir="auto"><span><span dir="ltr"></span></span></div></div></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">No they're not. It's just not possible or indeed necessary to duplicate everything at large scale. Perhaps with a large amount of filtering, certain flows would be captured, but in the days of pervasive TLS, this seems less and less worthwhile.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default" dir="auto"><span><span dir="ltr"> and that they select
encrypted traffic as interesting and worth storing.This means that any
data encrypted using any of the standard public-key systems today will
need to be considered compromised once a quantum computer exists and
there is no way to protect it retroactively, because a copy of the
ciphertexts in the hands of the attacker. This means that data that
needs to remain confidential after the arrival of quantum computers need
to be encrypted with alternative means"</span></span></div></div></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">None of this is relevant to RPKI (ROV) at all. In fact, it reads like the fevered dreams of a cyber security research student. What's your point regarding your message? ROV does not use (nor needs) encryption.</div><div dir="auto"><br></div><div dir="auto">M</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div style="font-family:garamond,times new roman,serif;font-size:small" class="gmail_default"><span><span dir="ltr"></span></span><span style="font-size:9.29843px;font-family:sans-serif" role="presentation" dir="ltr"></span></div></div></div>
</blockquote></div></div></div>