[Cryptography] Fwd: OPENSSL FREAK
Ray Dillinger
bear at sonic.net
Sat Apr 4 15:56:52 EDT 2015
On 04/04/2015 12:35 PM, Jerry Leichter wrote:
> The same goes for the export mode encryptions. Yes, all of them fall
> to brute force today. But an independent machine-checkable proof of
> that fact would require checks that are, even today, outside the
> bounds of practicality *for most if not all implementations that
> actually use those primitives*.
In the case under discussion, checking a cert from a
known-bogus Certificate Authority would be the simplest
implementation. Public keys known, private keys destroyed.
If the cert checks, the cipher is broken.
Of course the drawback is that you have to trust at least
a little bit that the destruction asserted actually
occurred.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150404/f97bd069/attachment.sig>
More information about the cryptography
mailing list