oss-sec mailing list archives
OpenSSL RSA 1024 bits implementation broken?
From: Pierre Schweitzer <pierre () reactos org>
Date: Mon, 06 Oct 2014 11:33:03 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear all, There appear to have some noise on the Internet regarding a possible flaw in the 1024 bits RSA implementation in OpenSSL which would allow bruteforcing the private key in ~20 minutes. Does anyone has any information about this? The associated pastebin to the said information is: http://pastebin.com/D8itq6Ff Is this serious? Cheers, - -- Pierre Schweitzer <pierre () reactos org> System & Network Administrator Senior Kernel Developer ReactOS Deutschland e.V. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUMmHPAAoJEHVFVWw9WFsLrg0P/1ka7bz16HGh/4GKU6DzY3WM Y+bDARcGPo0aEIL7pDqNmjbhaTQnnVYNHFoEhYzxmvgGnMPeMCtOOp+m/esviuBD 3IdGIkWNE/i6tDnBQzMyW97Da3QlGedcyverTI5DJ0HhDq7vONR2wpEsEWGhRelI pZxDJbL50SFQ9ajoTTcBZZTOxI5Iq5eDBdGlwHbNUVDNH+9q556e26PEZdNWkpUM 2qixEsVdO036Dva3o75wLFkLkgV9xrnBSeaMEdcnOW0tCkxsob1LTvIrjO6eAwDJ TEUn2SOHbdSwlSyNbzUVAJPlcOCv+hBrAGOQq+u0KiyLoYk2qbaaY8FkDKiHnb4R kmlIWz2D95DJwsq2QLGeFi6jIM2aDH6/ZtILKUvgbuzrgYD8i44jzEhgQ7TDLb7V NP0HUNDYlbG+RUbsVPjnZHF63tXcMfOCurb8m+vPouOIwiowyXoOZ06Ew7FuYPCD wlwzy02CxDVhT0w/BjHq6qGJyREW7cfuR2p7O29DJ5HTyf7aL/AqKIPsBoa4x1iM ZfGu03C6q/QHn7Bc7/nvehiCr7k6+xoa5/naT7933WKbpADtCQEteooc/RQMVhop oDaJiGuKHXU1HfIRERkXPyFAhzSy0g9Q+EzWBxdRXLg9wjxhB0IbSCWAT+YiDVZj G2bUwNI4T1SMRRwPtTQc =0EPA -----END PGP SIGNATURE-----
Current thread:
- OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Jeremy Stanley (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Jeremy Stanley (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? David White (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Jeremy Stanley (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Dave Horsfall (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- <Possible follow-ups>
- Re: OpenSSL RSA 1024 bits implementation broken? Steve Kemp (Oct 06)