On Sat, Feb 18, 2012 at 05:28:41PM +0100, Stanislav Meduna wrote:
> On 18.02.2012 17:02, Edward Ned Harvey wrote:
> 
> > So these studies went out and scoured the internet, collecting public keys
> > from every service they could find, which amounts to something like 1-2
> > million servers, and they scanned them all for identical keys and/or shared
> > factors.  They found approx 1 in every 250 internet-facing servers
> > "randomly" chose the same keys or key factors, thus completely broken
> > cryptography, and the owners are unaware because they thought they chose
> > random keys.
> 
> Any link to the studies? - I was not able to find anything relevant.

I believe he's talking about:
http://eprint.iacr.org/2012/064

Which at least the following people talking about it:
http://dankaminsky.com/2012/02/14/ronwhit/
https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs


Kurt

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to