[Cryptography] DH non-prime kills "socat" command security
Henry Baker
hbaker1 at pipeline.com
Tue Feb 2 20:43:51 EST 2016
For the past year, the Linux command "socat" has been assuming that the
following number is prime; thus breaking its crypto security.
14331936439490594261714896808578599103914668374026899657956682701558096
91247024938331090743438798945866534651922222519090748320381515854480347
31101690454685781999248641772509287801359980318348021809541131200479989
22079392594151856814372197299325182316616493333479662500817485143037796
6394594186901123322297453
isn't prime, and Maxima's primep function sez so.
The number above is divisible by 271 and 13,597, but primep sez that
even after dividing out these two factors, the 1002-bit result
38894884397634366007356454548332370646972724268802781973440208895542936\
165564656473524541403310393405820598366261673173802130771236325314878371830363\
723788045821711985461441675679316058246609104355161134470046705337593170498462\
616195650378975298117141144096886684800236261920005248055422089305813639519
still isn't prime.
Does anyone have a fast factoring machine for 1000-bit numbers?
http://www.theregister.co.uk/2016/02/03/socat_backdoor_fix/
Socat slams backdoor, sparks thrilling whodunit
Year-old bug ruined crypto
More information about the cryptography
mailing list