Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method

Georgi Guninski guninski at guninski.com
Fri Sep 4 22:28:03 PDT 2015


On Fri, Sep 04, 2015 at 03:08:16PM +0300, Georgi Guninski wrote:
> On Fri, Sep 04, 2015 at 02:34:37PM +0300, Georgi Guninski wrote:
> > tested on openssl 1.0.1g (I know it is old).
> >
> 
> Same on latest openssl-1.0.1p.

This works with openssl 1.0.1p over SSL.

Attached is self signed cert and the priv. key.

Session:
 ./apps/openssl s_server -accept 8080 -cert ./cacert2.pem -key
 ./key-comp2.key -HTTP

 openssl s_client -connect localhost:8080

 Server public key is 1204 bit
 Verify return code: 18 (self signed certificate)


 sage: q=0x008000000000000000001d8000000000000000012b
 sage: factor(q)
 604462909807314587353111 * 1208925819614629174706189


-------------- next part --------------
-----BEGIN CERTIFICATE-----
MIIDWTCCAxmgAwIBAgIJANFIfLCCwmohMAkGByqGSM44BAMwRTELMAkGA1UEBhMC
QVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdp
dHMgUHR5IEx0ZDAeFw0xNTA5MDUwNDU5MDhaFw0xNTEwMDUwNDU5MDhaMEUxCzAJ
BgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5l
dCBXaWRnaXRzIFB0eSBMdGQwggH6MIIBWAYHKoZIzjgEATCCAUsCgZcPiGcAAAAA
AAADlG+9AAAAAAAAJEigmgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwOatQAAAAAACP3Up7cAAAAAAFsia2LP
AhUAgAAAAAAAAAAAHYAAAAAAAAAAASsCgZcJ0Mj2s9j1N/CsS+vIqYa5k3wugZhu
yrgI1i+ZMmtqo7LrO49iH3YjnqRakj8ULK5mCzpSBR9KLBAlpO/1bmUHQc+231A1
71MfJ8M7rMQvn0mSKwIKSt9vdwRXv8cOIUiO3tP9ik1waHPM+EtoPAWhQwohG4wA
vPvONp9j3mXkvICvx2qQwBa5PeEupzYR66yUJATABKClA4GbAAKBlwrWl9e0mw+D
DEMMIjLRtfD4nJilQHF7cYHqhr6vJcFwYwkPuLyRZxokMHvOQmFH5XOdF9RG9Txt
nfYw0gbmmnEQPWOqId2AGd5VJRHeeVvd5SPWKwQzETp0NkpaQjreMgwEb28elDUP
xIvlT+/NOwjVVl/JiqrFDOIKEidQQxIVq227m60bvxbCymmUGOKMpNvy59dpUiyj
UDBOMB0GA1UdDgQWBBR86RWS1KB00TAlUbBQ5fvT+m/dZDAfBgNVHSMEGDAWgBR8
6RWS1KB00TAlUbBQ5fvT+m/dZDAMBgNVHRMEBTADAQH/MAkGByqGSM44BAMDLwAw
LAIUIgfVcrrQmbZ66mEuuovK1VMcw4gCFCIx+eoRWZKvFiuA6eBg++lN0uV9
-----END CERTIFICATE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: key-comp2.key
Type: application/pgp-keys
Size: 938 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20150905/77b4a8a6/attachment-0002.key>


More information about the cypherpunks mailing list