On Wed, May 28, 2008 at 03:38:47PM -0700, David Schwartz wrote:
> In principle, specifically avoiding these keys weakens the algorithm by
> reducing the keyspace.
>
Only against random attacks of course, if all attackers first check these
keys, then removing them strengthens the algorithm against (non-random)
brute-force attack. This said, the effort of explicitly avoiding these
is probably wasted (unless one suspects one has a identically weak RNG).
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
