On Tue, 18 Oct 2016, Yoav Nir wrote:
It's a little more than conjecture.
1) It has been proven that malicious 1024 bit DH values can be generated
by academia that cannot be independantly discovered. Therefore any
nationstate with access to the same theory and more CPU power could
have done this years ago.
Someone can trapdoor 1024-bit values, therefore someone else can trapdoor
2) We have the RFC 5114 values who'se original authors/sponsors are not
disclosing how these were generated.
1) + 2) means we cannot know if these values were trapdoor’ed.
Yeah, we cannot know. That’s why it’s conjecture.
conjecture: 1. an opinion or conclusion formed on the basis of
I have complete information for "one cannot detect trapdoors without knowing
IPsec mailing list