Marsh Ray <[email protected]> writes: >* Here's an example of RSA-512 certificates being factored and used to sign >malware: >http://blog.fox-it.com/2011/11/21/rsa-512-certificates-abused-in-the-wild/
That's an example of *claims* of 512-bit keys being factored, with the thinking being "everyone knows 512-bit keys are weak, the certs used 512-bit keys, therefore they must have got them by factoring". Unfortunately this doesn't explain how they go the 1024-bit and longer keys that were also used in the attack. That's not to say they weren't obtained in this manner, but with nothing more than the Politician's Fallacy as supporting evidence there's nothing to indicate they didn't just steal them like everyone else does. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
