oss-sec mailing list archives

Re: nss RSA forgery (CVE-2014-1568)

From: Hanno Böck <hanno () hboeck de>
Date: Thu, 25 Sep 2014 23:17:58 +0200

Some more info, but not much:
http://www.intelsecurity.com/advanced-threat-research/

Initially I thought this is probably not such a big deal because the
bleichenbacher attack requires e to be very small (like e=3 or e=4) and
everyone uses e=65537 these days. But it seems I was wrong on that,
lots of CAs still with e=3.

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: signature.asc
Description:

Current thread:

nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 24)
- Re: nss RSA forgery (CVE-2014-1568) Marcus Meissner (Sep 24)
  - Re: nss RSA forgery (CVE-2014-1568) Yves-Alexis Perez (Sep 25)
- Re: nss RSA forgery (CVE-2014-1568) Nick Semenkovich (Sep 24)
- Re: nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 25)
  - Re: nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 25)