[cryptography] Duplicate primes in lots of RSA moduli

Jon Callas jon at callas.org
Sat Feb 18 12:04:57 EST 2012

It was (2), they didn't wait.

Come on -- every one of these devices is some distribution of Linux that comes with a stripped-down kernel and Busybox. It's got stripped-down startup, and no one thought that it couldn't have enough entropy. These are *network* people, not crypto people, and the distribution didn't have a module to handle initial-boot entropy generation.

Period, that's it. It's not malice, it's not even stupidity, it's just ignorance.

The answer to "what were they thinking?" is almost always "they weren't."


More information about the cryptography mailing list