- From: L. Sassaman <rabbi@quickie.net>
- Date: Tue, 6 Feb 2001 15:32:03 -0800 (PST)
- To: John Boyer <JBoyer@PureEdge.com>
- cc: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>, Philip Hallam-Baker <pbaker@verisign.com>, "XML-Signature (E-mail)" <w3c-ietf-xmldsig@w3.org>
CNN.com has an article on this as well:
http://www.cnn.com/2001/TECH/internet/02/06/DSA.flaw.idg/index.html
On Tue, 6 Feb 2001, John Boyer wrote:
>
> Hi Philip,
>
> The article I received this morning, from NewsBytes, talked about
> problems with DSA more so than a break in the core algorithm.
>
> Apparently, one Daniel Bleichenbacher of Lucent found that DSA as
> specified has some bias in its random number generator, making keys in a
> certain numeric region twice as likely as normal. Also, apparently, the
> fix is really simple.
>
> See http://www.bell-labs.com/ for details
>
> John Boyer
>
> -----Original Message-----
> From: Christian Geuer-Pollmann
> [mailto:geuer-pollmann@nue.et-inf.uni-siegen.de]
> Sent: Tuesday, February 06, 2001 12:29 PM
> To: Philip Hallam-Baker
> Cc: XML-Signature (E-mail)
> Subject: Re: DSA cracked?? or wired wrong??
>
>
> --On Dienstag, 6. Februar 2001 12:23 -0800 Philip Hallam-Baker
> <pbaker@verisign.com> wrote:
>
> > I didn't hear this? Anyone know a source for this possibly confused
> > journalist?
> >
> > http://www.wired.com/news/technology/0,1282,41625-2,00.html
>
> It's hip this month to 'crack' well-know algorithms like DSA or RSA ;-))
>
> http://slashdot.org/articles/01/02/05/1911258.shtml
> http://www.zdnetasia.com/news/dailynews/story/0,2000010021,20178050,00.htm
> http://www.mb.com.ph/INFO/2001-02/IT020201.asp
> http://www.mb.com.ph/INFO/2001-02/IT020601.asp
>
>
> Best regards,
>
> Christian
>
>
>
__
L. Sassaman
Security Architect | "I'm falling down a spiral,
Technology Consultant | Destination unknown..."
|
http://sion.quickie.net | --Golden Earring
Received on Tuesday, 6 February 2001 18:32:32 UTC