Hacker News new | past | comments | ask | show | jobs | submit login

Is it possible/likely that many of these bad pairs are from this debian/openssl bug?

http://taint.org/2008/05/13/153959a.html




None of the newly found a ected moduli are blacklisted (cf. [24]). Based on this brief analysis, we conclude that the problem reported in the main body of this paper persists and that the 99.8% security level of 1024-bit RSA moduli is further reduced.

pp. 15 http://eprint.iacr.org/2012/064.pdf


They explicitly excluded the Debian/OpenSSL blacklisted keys from their sample before checking for shared factors.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: