| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Feb 2012 20:50:54 +0200 From: Georgi Guninski <guninski@...inski.com> To: coderman <coderman@...il.com> Cc: full-disclosure@...ts.grok.org.uk, Ramo <ramo@...dvikings.com> Subject: Re: RSA and random number generation On Wed, Feb 22, 2012 at 09:38:33AM -0800, coderman wrote: > On Tue, Feb 21, 2012 at 2:09 PM, Ramo <ramo@...dvikings.com> wrote: > > I'll just leave this here..... > > > > http://eprint.iacr.org/2012/064.pdf > > anyone who cares about proper key generation uses a hardware entropy > source. they put them in CPUs, they provide them on motherboards. they > make them very high throughput so your /dev/urandom will never block > no matter what the task. > > hwrandom -> egd -> /dev/[u]random always filled at boot and ever > after... SOLVED. > > anything less is asking for failure. > if i understood the paper correctly they broke some rsa keys because they shared a prime $p$ (the rsa keys are different, shared rsa keys might be explained by the debian random fiasco or the like bugs). i would suspect it is quite unlikely entropy/seed to explain the above scenario - the odds appear small to me. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists