http://blog.cryptographyengineering.com/2013/12/how-does-nsa-break-ssl.html
Interesting bits. Turns out that the client side RNG is more important than the server (breaks SSL), and a weak key on either side during D/H is fatal. I wonder if the guy who made the Debian OpenSSL bug had any other "interesting" commits. -- http://www.subspacefield.org/~travis/ Remediating... like a BOSS.
pgp9OUztOStkS.pgp
Description: PGP signature
_______________________________________________ RNG mailing list [email protected] http://lists.bitrot.info/mailman/listinfo/rng
