[caops-wg] Debian key generation flaw
Mike Jones
mike.jones at manchester.ac.uk
Thu May 15 05:26:12 CDT 2008
Hi folks,
I've just been informed that openssl versions on Debian systems from Sep
2006 - May 2008 have had a substandard key generation algorithm. This is due
to a predictable random number seed, resulting, I am led to believe, in a key
space consisting of 32767 different keys for each key size, type and
endianess.
See e.g. http://lists.debian.org/debian-security-announce/2008/msg00152.html
rgds
Mike
--
Dr. Mike Jones
Research Computing Services at The University of Manchester
http://www.rcs.manchester.ac.uk
More information about the caops-wg
mailing list