[Cryptography] Other obvious issues being ignored?
Thierry Moreau
thierry.moreau at connotech.com
Mon Oct 19 09:10:30 EDT 2015
The recent realization that public key cryptosystems having common
parameters (DH) may be vulnerable from the very fact that they rely on
common parameters is puzzling to me.
In hindsight, the question would have been (highly) relevant ever since
the practitioner had a choice between such cryptosystems and
cryptosystems having entity-specific parameters (RSA, Rabin-Williams),
the latter being vulnerable to flaws or trapdoors in the parameter
generation implementation for each entity.
Moreover, the basic finding in the "Imperfect forward secrecy"
publication (https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf) was
within the reach of skilled mathematicians ever since the number field
sieve algorithm could be explained in a university classroom.
It's a shame that this old issue has been ignored until now!
What other "obvious" questions are we ignoring?
- Thierry Moreau
More information about the cryptography
mailing list