Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Georgi Guninski
guninski at guninski.com
Thu Sep 3 06:30:04 PDT 2015
On Thu, Sep 03, 2015 at 11:59:11AM +0000, Peter Gutmann wrote:
> One saving grace about RFC 2631 was that it was pretty much universally
> ignored for the reason that it was, well, a pretty stupid way to do things, so
> the number of affected implementations would be approximately zero.
>
Anyway, I would appreciate if someone checks if current implementations
accept composite $q$.
> (I only know of one, rather minor, vendor who implemented it. Microsoft
> implemented it in receive-only mode solely so that they couldn't be accused of
> being non-standards-compliant, but I'd be very surprised if there was anything
> still around that supported it. For starters you'd need to be able to find a
> CA that could issue you a DH certificate...).
>
What do you mean by DH certificate?
Can DH sign?
> Peter.
More information about the cypherpunks
mailing list