W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2001

RE: DSA cracked?? or wired wrong??

From: L. Sassaman <rabbi@quickie.net>
Date: Tue, 6 Feb 2001 15:32:03 -0800 (PST)
To: John Boyer <JBoyer@PureEdge.com>
cc: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>, Philip Hallam-Baker <pbaker@verisign.com>, "XML-Signature (E-mail)" <w3c-ietf-xmldsig@w3.org>
Message-ID: <Pine.LNX.4.30.QNWS.0102061531450.24860-100000@thetis.deor.org>
CNN.com has an article on this as well:

http://www.cnn.com/2001/TECH/internet/02/06/DSA.flaw.idg/index.html

On Tue, 6 Feb 2001, John Boyer wrote:

>
> Hi Philip,
>
> The article I received this morning, from NewsBytes, talked about
> problems with DSA more so than a break in the core algorithm.
>
> Apparently, one Daniel Bleichenbacher of Lucent found that DSA as
> specified has some bias in its random number generator, making keys in a
> certain numeric region twice as likely as normal.  Also, apparently, the
> fix is really simple.
>
> See http://www.bell-labs.com/ for details
>
> John Boyer
>
> -----Original Message-----
> From: Christian Geuer-Pollmann
> [mailto:geuer-pollmann@nue.et-inf.uni-siegen.de]
> Sent: Tuesday, February 06, 2001 12:29 PM
> To: Philip Hallam-Baker
> Cc: XML-Signature (E-mail)
> Subject: Re: DSA cracked?? or wired wrong??
>
>
> --On Dienstag, 6. Februar 2001 12:23 -0800 Philip Hallam-Baker
> <pbaker@verisign.com> wrote:
>
> > I didn't hear this? Anyone know a source for this possibly confused
> > journalist?
> >
> > http://www.wired.com/news/technology/0,1282,41625-2,00.html
>
> It's hip this month to 'crack' well-know algorithms like DSA or RSA ;-))
>
> http://slashdot.org/articles/01/02/05/1911258.shtml
> http://www.zdnetasia.com/news/dailynews/story/0,2000010021,20178050,00.htm
> http://www.mb.com.ph/INFO/2001-02/IT020201.asp
> http://www.mb.com.ph/INFO/2001-02/IT020601.asp
>
>
> Best regards,
>
> Christian
>
>
>


__

L. Sassaman

Security Architect                  |  "I'm falling down a spiral,
Technology Consultant               |   Destination unknown..."
                                    |
http://sion.quickie.net             |      --Golden Earring
Received on Tuesday, 6 February 2001 18:32:32 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:12 GMT