Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Sep 3 04:59:11 PDT 2015
One saving grace about RFC 2631 was that it was pretty much universally
ignored for the reason that it was, well, a pretty stupid way to do things, so
the number of affected implementations would be approximately zero.
(I only know of one, rather minor, vendor who implemented it. Microsoft
implemented it in receive-only mode solely so that they couldn't be accused of
being non-standards-compliant, but I'd be very surprised if there was anything
still around that supported it. For starters you'd need to be able to find a
CA that could issue you a DH certificate...).
Peter.
More information about the cypherpunks
mailing list