search for: dual_ec_drbg

Also, Jerry Solinas, the person listed as an author of the curves, also is the author of DUAL_EC_DRBG. On Tue, May 29, 2018 at 3:43 AM, Damien Miller <djm at mindrot.org> wrote: > On Tue, 29 May 2018, Damien Miller wrote: > >> We're aware of those arguments but don't find them convincing enough to >> switch early. > > (but we will be switching to ssh-ed25519 a...

We're aware of those arguments but don't find them convincing enough to switch early. On Mon, 28 May 2018, Yegor Ievlev wrote: > A backdoored curve could be easily generated using the algorithm used > to generate the NIST curves. > https://bada55.cr.yp.to/vr.html > > The algorithm that generates a backdoored curve is very simple: > Suppose the NSA (the author of the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This is a heads-up that OpenSSH keys are deprecated upstream by OpenSSH, and will be deprecated effective 11.0-RELEASE (and preceeding RCs). Please see r303716 for details on the relevant commit, but upstream no longer considers them secure. Please replace DSA keys with ECDSA or RSA keys as soon as possible, otherwise there will be issues when

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This is a heads-up that OpenSSH keys are deprecated upstream by OpenSSH, and will be deprecated effective 11.0-RELEASE (and preceeding RCs). Please see r303716 for details on the relevant commit, but upstream no longer considers them secure. Please replace DSA keys with ECDSA or RSA keys as soon as possible, otherwise there will be issues when

Hello list, I'm not sure whether this is bug worthy or just my own insanity. I'm using 6.4p1 packages from Debian jessie and wheezy-backports. I like VisualHostKey, although it may not add any protection (other than not trusting ones own known_hosts file?), I've become accustomed to it as it seems that extra neurons fire when I log into a host and get a visual cue of what looks like

...ed keys used for ECDSA, tinc uses the "secp521r1" curve, as published by NIST. There are suspicions in the cryptographic community that the NSA has influenced the EC standards so they contain weaknesses that the NSA supposedly could exploit. There are two concerns I have heard of: 1) The Dual_EC_DRBG algorithm, which uses elliptic curve cryptography to create a pseudo random number generator (PRNG), might be flawed. NIST has since issued a recommendation that this algorithm should not be used anymore. Tinc does NOT use this algorithm. 2) The curves secp???r1 have been generated using...

...ed keys used for ECDSA, tinc uses the "secp521r1" curve, as published by NIST. There are suspicions in the cryptographic community that the NSA has influenced the EC standards so they contain weaknesses that the NSA supposedly could exploit. There are two concerns I have heard of: 1) The Dual_EC_DRBG algorithm, which uses elliptic curve cryptography to create a pseudo random number generator (PRNG), might be flawed. NIST has since issued a recommendation that this algorithm should not be used anymore. Tinc does NOT use this algorithm. 2) The curves secp???r1 have been generated using...