oss-sec mailing list archives
Re: OpenSSL RSA 1024 bits implementation broken?
From: Jeremy Stanley <jeremy () openstack org>
Date: Mon, 6 Oct 2014 13:39:45 +0000
On 2014-10-06 11:33:03 +0200 (+0200), Pierre Schweitzer wrote:
There appear to have some noise on the Internet regarding a possible flaw in the 1024 bits RSA implementation in OpenSSL which would allow bruteforcing the private key in ~20 minutes. Does anyone has any information about this? The associated pastebin to the said information is: http://pastebin.com/D8itq6Ff Is this serious?
It's been picked apart somewhat in a thread[1] on Perry Metzger's moderated cryptography mailing list. [1] http://www.metzdowd.com/pipermail/cryptography/2014-October/023142.html -- Jeremy Stanley
Current thread:
- OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Jeremy Stanley (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Jeremy Stanley (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? David White (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Jeremy Stanley (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Dave Horsfall (Oct 06)
- Re: OpenSSL RSA 1024 bits implementation broken? Pierre Schweitzer (Oct 06)
- <Possible follow-ups>
- Re: OpenSSL RSA 1024 bits implementation broken? Steve Kemp (Oct 06)