Full Disclosure mailing list archives

Re: OpenID/Debian PRNG/DNS Cache poisoning advisory

From: "Forrest J. Cavalier III" <mibsoft () mibsoftware com>
Date: Fri, 08 Aug 2008 21:37:44 -0400

Eric Rescorla wrote:


To be concrete, we have 2^15 distinct keys, so, the
probability of a false positive becomes (2^15)/(2^b)=2^(b-15).
To get that probability below 1 billion, b+15 >= 30, so
you need about 45 bits. I chose 64 because it seemed to me
that a false positive probability of 2^{-48} or so was better.

-Ekr


Since it's a known set, I think you can use perfect hashing.
There will still be false positives, but presumably no
"bad" keys, nor keys matching the hash everyone agrees on,
are going to be issued after today, right?

Yeah, right.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: OpenID/Debian PRNG/DNS Cache poisoning advisory, (continued)
- - - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Guido (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Jin Sei (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Peter Gutmann (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Dan Kaminsky (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Nicolas Williams (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III (Aug 09)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Seth Breidbart (Aug 13)
    - key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Stefan Kanthak (Aug 08)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08)
  - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Clausen, Martin (DK - Copenhagen) (Aug 12)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)
    - Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)