[cryptography] Duplicate primes in lots of RSA moduli

Paul Hoffman paul.hoffman at vpnc.org
Sat Feb 18 15:02:04 EST 2012


On Feb 18, 2012, at 11:37 AM, Jeffrey I. Schiller wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 02/18/2012 01:50 PM, Thor Lancelot Simon wrote:
>> Um, why would it ever _unblock_, on such a device under typical
>> first-boot conditions?
> 
> The idea would be that bootstrap would continue without the key being
> generated. The key generation could then be retried periodically.
> Eventually the device should gather some entropy from network packet
> arrival time and similar environmental input (whether or not that input,
> particularly in the VM environment, is providing really good entropy is
> a different question).


Really? Many cryptographers would say that number of unpredictable bits is very much a part of the question. For example, you cannot prove that the duplicate keys found were generated when the PRNG of the system was uninitialized: it's quite possible that they were generated when the PRNG was initialized with the same inputs.

--Paul Hoffman




More information about the cryptography mailing list