NNSquad - Network Neutrality Squad
[ NNSquad ] Flaw found in Public Key Crypto implementations
Flaw found in Public Key Crypto implementations
http://j.mp/zVfXVU (New York Times)
"The researchers described their work in a paper that will be presented
at a cryptography conference to be held in Santa Barbara, Calif., in
August, but made their findings public on Tuesday because they believe
the issue is of immediate concern to the operators of Web servers that
rely on the public key cryptography system. "This comes as an
unwelcome warning that underscores the difficulty of key generation in
the real world," said James P. Hughes, an independent Silicon Valley
cryptanalyst who worked with a group of researchers led by Arjen K.
Lenstra, a widely respected Dutch mathematician who is a professor at
the cole Polytechnique Fdrale de Lausanne in Switzerland. "Some people
may say that 99.8 percent security is fine," he added. That still
means that approximately as many as two out of every thousand keys
would not be secure."
- - -
Throughout the history of cryptography, the problems of key generation and management
continue to be the twin Achilles' heels of many implemented systems.
--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren
Co-Founder: People For Internet Responsibility: http://www.pfir.org
Founder:
- Data Wisdom Explorers League: http://www.dwel.org
- Network Neutrality Squad: http://www.nnsquad.org
- Global Coalition for Transparent Internet Performance: http://www.gctip.org
- PRIVACY Forum: http://www.vortex.com
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren
Tel: +1 (818) 225-2800 / Skype: vortex.com
_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad