On 01/15/2012 07:18 PM, Jonathan Thornburg wrote:
On Sat, 14 Jan 2012, Alfonso De Gregorio wrote:
Back in December 2010, we discussed the OpenBSD IPSec backdoor allegations.
Two days ago, Cryptome.org published the Gregory Perry's follow-up to
the this story.

FBI OpenBSD Backdoors and RSA Cipher Vulnerability
http://cryptome.org/2012/01/0032.htm

I'm struck by the lack of any detailed information here about just what
constituted(-es?) the "FBI OpenBSD Backdoors".  I'd be much more impressed
if the claim were more along the lines of "take a close look at
/usr/src/sys/foo/bar/baz.c near line 1400 and you might be surprised".


I did look into it when the first round of allegations were made. Sure, there was a bug or two in the IPsec code back then. It's been pretty thoroughly discussed on this list already. But I don't care to repeat that, but it's http://extendedsubset.com/?p=41 if you're interested.

The latest bit about "at least one mathematical vulnerability in the RSA encryption algorithm related to changing the base numbering system of the resulting RSA modulus after a block of plaintext had been encrypted" doesn't make sense to me.

The "RSA modulus" (n = pq) doesn't "result from" or change after an encryption operation.

Whereas the "modulus resulting" (i.e., the remainder) from the encryption operation (c = m^e mod n) seems (at first glance) less interesting to the chosen-plaintext attacker. That modulo operation serves to protect m and keep the computations reasonable, not to protect the private key, right?

- Marsh
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to