Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Georgi Guninski
guninski at guninski.com
Sat Sep 5 08:02:40 PDT 2015
On Sat, Sep 05, 2015 at 02:41:51PM +0000, Alfonso De Gregorio wrote:
> >> A key-recovery attack may allow the retroactive decryption of past
> >> communication sessions, if the network endpoints rely on fixed
> >> Diffie-Hellman. Of course, whenever an attacker can successfully mount
> >> a MITM attack the current sessions are compromised.
> >>
> >
> > Thanks. Are you referring to "DH as per the fucked RFC" or as "DH implemented
> > properly"?
>
> I'm concerned with Fixed Diffie-Hellman implemented properly.
>
Do you have example of application which distinguishes proper DH from
non-proper DH?
More information about the cypherpunks
mailing list