[cryptography] Underhanded Crypto

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Nov 28 05:59:07 EST 2014


ianG <iang at iang.org> writes:

>Seems like we'll find out tho, as Peter and Bear are willing to give it a
>shot.

It's not really "giving it a shot" in my case, it's taking crypto
implementation mistakes so old that people have forgotten about them and
adding them to recent code.  All you need to do in theory is plough through a
bunch of old CVEs and update the use from (say) SSH 1.2.09 to something
current, and you're done.

Peter.



More information about the cryptography mailing list