On Sat, Feb 18, 2012 at 05:28:41PM +0100, Stanislav Meduna wrote: > On 18.02.2012 17:02, Edward Ned Harvey wrote: > > > So these studies went out and scoured the internet, collecting public keys > > from every service they could find, which amounts to something like 1-2 > > million servers, and they scanned them all for identical keys and/or shared > > factors. They found approx 1 in every 250 internet-facing servers > > "randomly" chose the same keys or key factors, thus completely broken > > cryptography, and the owners are unaware because they thought they chose > > random keys. > > Any link to the studies? - I was not able to find anything relevant.
I believe he's talking about: http://eprint.iacr.org/2012/064 Which at least the following people talking about it: http://dankaminsky.com/2012/02/14/ronwhit/ https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
