Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Georgi Guninski
guninski at guninski.com
Sun Sep 13 05:15:00 PDT 2015
On Thu, Sep 10, 2015 at 02:39:08PM +0300, Georgi Guninski wrote:
> FYI:
>
> This is on libressl-dev:
>
> http://article.gmane.org/gmane.comp.encryption.libressl/74
> http://news.gmane.org/gmane.comp.encryption.libressl
>
From libressl's commits (modulo me being MITMed)
https://github.com/libressl-portable/portable/commit/105c86f3ed1508e9bb55ea3e59670b388ec7a076
first round of 2.3.0 release notes
[line 52]
+ Thanks for <censored> for
+ mentioning the possibility of a weak (non prime) q value and
+ providing a test case.
+
+ See
+ https://cpunks.org/pipermail/cypherpunks/2015-September/009007.html
+ for a longer discussion.
More information about the cypherpunks
mailing list