[Cryptography] FREAK attack
Salz, Rich
rsalz at akamai.com
Wed Mar 4 21:46:18 EST 2015
> I took the liberty of forwarding this to a geek list, and a bod who runs security
> at a University department responded thus:
Hmm, that bod should drop a few pegs in their quality metric.
> Sounds some what theoretical.
Not at all. Here's the first public disclosure: https://blogs.akamai.com/2015/03/cve-2015-0204-getting-out-of-the-export-business.html (with permission of one of the research team), and here's the best posting on the whole thing: http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html. TL;DR: 512-bit RSA keys can be cracked on AWS orother provider for $100 and 10 hours.
/r$
--
Senior Architect, Akamai Technologies
IM: rsalz at jabber.me Twitter: RichSalz
More information about the cryptography
mailing list