[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: Re: [TLS] Questions about some expired drafts
From: Stephen Checkoway <s () pahtak ! org>
Date: 2015-01-30 6:06:16
Message-ID: D0E0A93B-A3D9-4513-A4DA-735523BAF298 () pahtak ! org
[Download RAW message or body]
On Jan 27, 2015, at 8:22 PM, Yuhong Bao <yuhongbao_386@hotmail.com> wrote:
> Yea, I believe the draft-rescorla-tls-extended-random is quite famous as a \
> backdoor, along with Dual_EC_DRBG.
Well, it makes attacks easier by exposing more consecutive raw Dual EC output bits. \
For P-384 and P-521, it makes the attack doable at all (at least in theory, I didn't \
actually validate that against an implementation that supported extended random like \
RSA's BSAFE libraries).
--
Stephen Checkoway
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic