Hacker News new | past | comments | ask | show | jobs | submit login

Sounds similar to the post from a few days ago about the Firefox WebCrypto allowing too much adjustment of DH parameters: https://news.ycombinator.com/item?id=21980199



It is indeed very similar in spirit, and of course much more devastating here.

Another attack, implemented on ECDSA and similar in spirit (though not the same attack) is in Sean Devlin's Set 7 of Cryptopals:

https://toadstyle.org/cryptopals/61.txt




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: