[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: http://www.openssl.org/news/secadv_20060905.txt

To: Mike Tancsa <mike_(_at_)_sentex_(_dot_)_net>
Subject: Re: http://www.openssl.org/news/secadv_20060905.txt
From: Colin Percival <cperciva_(_at_)_freebsd_(_dot_)_org>
Date: Tue, 05 Sep 2006 09:08:10 -0700
Cc: freebsd-security_(_at_)_freebsd_(_dot_)_org

Mike Tancsa wrote:
> Does anyone know the practicality of this attack ? i.e. is this trivial
> to do ?

I'm as surprised by this as you are -- usually I get advance warning about
upcoming OpenSSL issues via vendor-sec -- but on first glance it looks like
this attack is indeed trivial.

Also, it looks like the attack isn't limited to keys with a public exponent
of 3; unless I misunderstand the bug, it affects small exponents generally.
An exponent of 17 on a 4096-bit key is almost certainly vulnerable; beyond
that I would need to read the ASN code to confirm.

Keys with a public exponent of 65537 are absolutely not vulnerable to this
attack.

Colin Percival
_______________________________________________
freebsd-security_(_at_)_freebsd_(_dot_)_org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe_(_at_)_freebsd_(_dot_)_org"

References:
- http://www.openssl.org/news/secadv_20060905.txt
  - From: Mike Tancsa

Prev by Date: Re: http://www.openssl.org/news/secadv_20060905.txt
Next by Date: Getting GELI Keys from Floppy
Previous by thread: Re: http://www.openssl.org/news/secadv_20060905.txt
Next by thread: Getting GELI Keys from Floppy
Index(es):
- Date
- Thread

Visit your host, monkey.org