WTF. Accepting a prime as untrusted input should require a primality certificate from the party providing it.https://twitter.com/IACR_News/status/1030419487995117568 …
-
-
Abstract seems to suggest a dud prime in D-H exchange can create a backdoor via subgroup discrete log. /me downloading ...
-
I'm talking about vulns against heuristic prime tests themselves, not against software performing inadequate or no tests.
-
Conceptually heuristic prime tests are only valid if the candidate is random.
-
And who knows where the counter party got it!
End of conversation
New conversation -
-
-
Fun paper, thanks!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.