[cryptography] Duplicate primes in lots of RSA moduli
noloader at gmail.com
Wed Feb 22 19:50:47 EST 2012
On Wed, Feb 22, 2012 at 7:37 PM, Marsh Ray <marsh at extendedsubset.com> wrote:
> On 02/22/2012 05:49 PM, Jeffrey Walton wrote:
>> Remember, OpenSSL gave tacit approval: "If it helps with debugging,
>> I'm in favor of removing them,"
> The full quote from Ulf Möller is:
>> Kurt Roeckx schrieb:
>>> What I currently see as best option is to actually comment out
>>> those 2 lines of code. But I have no idea what effect this really
>>> has on the RNG. The only effect I see is that the pool might
>>> receive less entropy. But on the other hand, I'm not even sure
>>> how much entropy some unitialised data has.
>> Not much. If it helps with debugging, I'm in favor of removing them.
>> (However the last time I checked, valgrind reported thousands of
>> bogus error messages. Has that situation gotten better?)
> What Ulf gave was his own weak conditional support based on the way Kurt
> posed the question, which implied that it was only entropy from
> uninitialized memory being added.
I seem to recall Debian stating they interpreted the statement as an
OK (but I can't find a citation at the moment).
For what its worth, I could not tell if Möller was OK with removing
the statements for Debug only, or all versions (loosely, Debug and
Release). What was not very clear at all (to me): how removing the
statements was even helpful in debugging.
> But did OpenSSL go ahead and remove them or express interest a patch? No.
In this instance, I believe Debian made the changes then pushed the
patch upstream. Debian did not wait for OpenSSL action. Isn't that
fairly typical? I don't recall what happened afterwards (did OpenSSL
kick the patch?).
> Personally, I think it's a brilliant example of engineering
> miscommunication. One of open source crypto's great teaching moments, akin
> to the civil engineer's KC Hyatt walkway collapse.
> P.S. Sadly, in case anyone hadn't heard, Ulf Möller died last month.
Very unfortunate. I hate to hear things like that (cryptograper or not).
More information about the cryptography