FYI,
https://duhkattack.com/
Who is vulnerable?
Traffic from any VPN using FortiOS 4.3.0 to FortiOS 4.3.18 can be decrypted by
a passive network adversary who can observe the encrypted handshake traffic.
Other key recovery attacks on different protocols may also be possible.
We also found eleven other historically FIPS-certified implementations that
document hard-coded X9.31 RNG seed keys in their products. We give the full
list in our paper.
Sent from my iPhone
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
