On 20/10/17 21:31, Hector Martin 'marcan' via dev-security-policy wrote:
Here's a non-obfuscated version of the modulus check without the
redundant entries:
https://mrcn.st/p/MOEoh2EH
Even simpler version, using the original relations directly (or
precalculating the same lists):
https://gis
Hi,
For completeness:
I checked some of the eIDAS providers after this and I found a couple
of non-logged certificates that are also vulnerable. They don't seem to
chain up to any CA that is loggable by CT logs. But for completeness
I'll post them here.
These are the subjects:
C=DE, O=Deutscher
On 17/10/17 20:36, Nick Lamb via dev-security-policy wrote:
The bitmasks are effectively lists of expected remainders for each small prime,
if your modulus has an expected remainder for all the 20+ small primes that
distinguish Infineon, there's a very high chance it was generated using their
3 matches
Mail list logo
