[cryptography] Duplicate primes in lots of RSA moduli

Jeffrey Walton noloader at gmail.com
Wed Feb 22 18:49:10 EST 2012


On Wed, Feb 22, 2012 at 2:53 AM, James A. Donald <jamesd at echeque.com> wrote:
> On 2012-02-22 12:31 PM, Kevin W. Wall wrote:
>> 1) They think that key size is the paramount thing; the bigger the
>> better.
>> 2) The have no clue as to what cipher modes are. It's ECB by default.
>> 3) More importantly, they don't know how to choose a cipher mode (not
>>      surprising, given #2). They need to understand the trade-offs.
>> 4) They have no idea about how to generate keys, derived keys, IVs,
>> 5) They don't know what padding is, or when/why to use it.
>> 6) They have a very naive concept of entropy...where/when to use it
>>  and from where and how to obtain it.
>
> The debian debacle was none of the above - the patch was simply obviously
> stupid even if one had no idea about what the software was supposed to be
> doing.
Remember, OpenSSL gave tacit approval: "If it helps with debugging,
I'm in favor of removing them,"
http://www.mail-archive.com/openssl-dev@openssl.org/msg21156.html.

OpenSSL Team Members: http://www.openssl.org/about/.

Jeff

Jeff



More information about the cryptography mailing list