On 01/15/2012 07:18 PM, Jonathan Thornburg wrote:
On Sat, 14 Jan 2012, Alfonso De Gregorio wrote:
Back in December 2010, we discussed the OpenBSD IPSec backdoor allegations.
Two days ago, Cryptome.org published the Gregory Perry's follow-up to
the this story.
FBI OpenBSD Backdoors and RSA Cipher Vulnerability
http://cryptome.org/2012/01/0032.htm
I'm struck by the lack of any detailed information here about just what
constituted(-es?) the "FBI OpenBSD Backdoors". I'd be much more impressed
if the claim were more along the lines of "take a close look at
/usr/src/sys/foo/bar/baz.c near line 1400 and you might be surprised".
I did look into it when the first round of allegations were made. Sure,
there was a bug or two in the IPsec code back then. It's been pretty
thoroughly discussed on this list already. But I don't care to repeat
that, but it's http://extendedsubset.com/?p=41 if you're interested.
The latest bit about "at least one mathematical vulnerability in the RSA
encryption algorithm related to changing the base numbering system of
the resulting RSA modulus after a block of plaintext had been encrypted"
doesn't make sense to me.
The "RSA modulus" (n = pq) doesn't "result from" or change after an
encryption operation.
Whereas the "modulus resulting" (i.e., the remainder) from the
encryption operation (c = m^e mod n) seems (at first glance) less
interesting to the chosen-plaintext attacker. That modulo operation
serves to protect m and keep the computations reasonable, not to protect
the private key, right?
- Marsh
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography