I wrote a blog post about our findings in Apple's CommonCrypto (and corecrypto) library https://www.massi.moe/blog/primality-testing-in-apple-core-crypto … with security update now live in macOS Mojave 10.14.1 and iOS 12.1 with @kennyog @martinralbrecht @jurajsomorovsky
I think it's probably true that many specifications for many protocols (PAKE and otherwise) don't explicitly call out the importance of authenticating security parameters like these. I know (almost?) every NIST spec does call it out explicitly and in high detail.
-
-
People give SRP a lot of shit but the SRP white paper and the SRP RFCs explicitly demand a check for this attack.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Agreed.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.