[exim-dev] [Bug 1837] small subgroup attack

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1837] small subgroup attack
https://bugs.exim.org/show_bug.cgi?id=1837

--- Comment #6 from Phil Pennock <pdp@???> ---
The change is needed. Not disputing that.

The current values can be validated by comparison to the documented values;
each one came from an RFC, and was transformed using util/gen_pkcs3.c

This change updates the encoded data strings but doesn't update any information
about their provenance, making it much harder for people to validate the origin
of these and know that we're not back-dooring their crypto.

So the better fix is likely to update util/gen_pkcs3.c to take an optional
dh_q; see the usage() function for the current API.

This is my fault; I didn't understand the importance of the q values and stuck
to encoding what worked for all the values, not handling optional extras from
the newer RFC.

--
You are receiving this mail because:
You are on the CC list for the bug.