Flutterby™! : Diffie-Hellman vulnerability

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

Diffie-Hellman vulnerability

2015-10-15 19:46:53.152298+02 by Dan Lyke 0 comments

How is NSA breaking so much crypto?.

For the nerds in the audience, here’s what’s wrong: If a client and server are speaking Diffie-Hellman, they first need to agree on a large prime number with a particular form. There seemed to be no reason why everyone couldn’t just use the same prime, and, in fact, many applications tend to use standardized or hard-coded primes. But there was a very important detail that got lost in translation between the mathematicians and the practitioners: an adversary can perform a single enormous computation to “crack” a particular prime, then easily break any individual connection that uses that prime.

Apparently one particular prime gives you 1/5 of the top million HTTPS sites, 2/3 of VPNs, and 1/4 of all SSH servers.

The paper is Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice (PDF), I have not dug in further.

[ related topics: Interactive Drama Privacy Weblogs Civil Liberties Cryptography Government ]

comments in ascending chronological order (reverse):

Comment policy

We will not edit your comments. However, we may delete your comments, or cause them to be hidden behind another link, if we feel they detract from the conversation. Commercial plugs are fine, if they are relevant to the conversation, and if you don't try to pretend to be a consumer. Annoying endorsements will be deleted if you're lucky, if you're not a whole bunch of people smarter and more articulate than you will ridicule you, and we will leave such ridicule in place.

Flutterby™ is a trademark claimed by

Dan Lyke
for the web publications at www.flutterby.com and www.flutterby.net.