| |||||||||||||
|
| |||||||||||||
Cryptographic weakness on Debian systemsCryptographic weakness on Debian systemsPosted May 14, 2008 10:54 UTC (Wed) by mbizon (subscriber, #37138)In reply to: Cryptographic weakness on Debian systems by cjwatson Parent article: Cryptographic weakness on Debian systems
I have quite a lot of keys for which ssh-vulnkey has no blacklist information. Mainly 1024 bits RSA, and 4096 bits of both kind. The README.compromised-keys does not give any hint about how these blacklist files where generated. Do you plan to release the tool to help generate them for any keysize, or to have more pre-generated files included in openssh-blacklist ?
(Log in to post comments)
Cryptographic weakness on Debian systems Posted May 14, 2008 11:15 UTC (Wed) by cjwatson (subscriber, #7322) [Link] At present I don't think it's wise to release what essentially amounts to exploit code. For keys that aren't in the blacklist about which you aren't sure, I recommend looking at the timestamp information (RSA keys generated before 17 Sep 2006, when the bug was introduced, aren't vulnerable), but otherwise regenerate the key in case of doubt.
Cryptographic weakness on Debian systems Posted May 15, 2008 10:53 UTC (Thu) by endecotp (guest, #36428) [Link] The complete set of vulnerable keys has now been published.
Cryptographic weakness on Debian systems Posted May 17, 2008 7:50 UTC (Sat) by markshuttle (subscriber, #22379) [Link] I doubt that. The complete set would include all possible key sizes, For DSA that's fixed at 1024 bits, for RSA it's open-ended, though anybody with more than 4096 bits is being very conservative ;-). We had a 16k-bit key at Thawte, but it blew up most crypto libraries and toolkits at the time, so we didn't use it much.
|
|
||||||||||||