[Cryptography] Checking for the inadvertent use of test keys
Ray Dillinger
bear at sonic.net
Thu Sep 3 20:09:12 EDT 2015
On 09/02/2015 11:51 AM, Guus Sliepen wrote:
> On Wed, Sep 02, 2015 at 07:00:27PM +1200, Peter Gutmann wrote:
>
>> What I'm after is a simple safety check to warn about inadvertent use of
>> predictable sequences that might get used as test keys. I'm after actual
>> algorithmic tests rather than general advice like "have you looked at
>> Kolmogorov complexity"...
>
> You could algorithmically Google the key and warn when the number of
> hits is too high.
Don't even joke about sending keys off to a third-party who's going
to have to have them in the clear to provide meaningful results.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150903/edae67e3/attachment.sig>
More information about the cryptography
mailing list