Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method

Georgi Guninski guninski at guninski.com
Sat Sep 5 03:07:31 PDT 2015


On Sat, Sep 05, 2015 at 08:28:03AM +0300, Georgi Guninski wrote:
> This works with openssl 1.0.1p over SSL.
> 
> Attached is self signed cert and the priv. key.
> 
> Session:
>  ./apps/openssl s_server -accept 8080 -cert ./cacert2.pem -key
>  ./key-comp2.key -HTTP
> 
>  openssl s_client -connect localhost:8080
> 
>  Server public key is 1204 bit
>  Verify return code: 18 (self signed certificate)
> 
> 
>  sage: q=0x008000000000000000001d8000000000000000012b
>  sage: factor(q)
>  604462909807314587353111 * 1208925819614629174706189
>

Troll friendly :))))

This appears to work on libressl-2.2.3 too.

Independent verification will be appreciated.

Hi Theo :P

-- 
georgi



More information about the cypherpunks mailing list