[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method

To: Alfonso De Gregorio <[email protected]>
Subject: Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
From: [email protected] (Georgi Guninski)
Date: Sat, 5 Sep 2015 11:07:32 +0300
Cc: [email protected]
In-reply-to: <CA+bTbPCHKm_n8ei9qw6yx=VVbHh+z8jQ1GNYa+gs6ZLC0AfxyQ@mail.gmail.com>
References: <[email protected]$> <9A043F3CF02CD34C8E74AC1594475C73F4AF0463@uxcn10-5.UoA.auckland.ac.nz> <[email protected]$> <[email protected]$> <[email protected]$> <[email protected]$> <CA+bTbPDoQi030MN4j8E4fmx_KOQP48xsbJjGM4X2rk=_E3zgZQ@mail.gmail.com> <[email protected]$> <CA+bTbPCHKm_n8ei9qw6yx=VVbHh+z8jQ1GNYa+gs6ZLC0AfxyQ@mail.gmail.com>

On Sat, Sep 05, 2015 at 07:41:11AM +0000, Alfonso De Gregorio wrote:
> Sure, the questions are: What is the origin of the current wording of
> the standard, that opens an avenue for lax checks for group
> parameters? Or, if, as you correctly pointed out, an implementation
> MAY NOT check group parameters, which entity deserves credit for it?
>

IMHO I haven't demonstrated attack against DH yet
(believe it is possible).

The current examples are against DSA, not DH.

Follow-Ups:
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Alfonso De Gregorio)

References:
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Georgi Guninski)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Peter Gutmann)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Georgi Guninski)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Georgi Guninski)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Georgi Guninski)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Georgi Guninski)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Alfonso De Gregorio)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Georgi Guninski)
- Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
  - From: [email protected] (Alfonso De Gregorio)

Prev by Date: Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Next by Date: Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Previous by thread: Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Next by thread: Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method
Index(es):
- Date
- Thread