LWN.net Logo

Cryptographic weakness on Debian systems

Cryptographic weakness on Debian systems

Posted May 13, 2008 15:59 UTC (Tue) by hmh (subscriber, #3838)
In reply to: Cryptographic weakness on Debian systems by hmh
Parent article: Cryptographic weakness on Debian systems

The key vulnerability check basically hashes the key and searches for it in a blacklist of
256Ki entries.  The code says that blacklist is not known to be the complete set of weak keys,
it could be just a subset.

Further comments of that really means depend on studying the OpenSSL code at depth, which I
hope someone will disclose soon.


(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds