WTF. Accepting a prime as untrusted input should require a primality certificate from the party providing it.https://twitter.com/IACR_News/status/1030419487995117568 …
I'm talking about vulns against heuristic prime tests themselves, not against software performing inadequate or no tests.
-
-
Conceptually heuristic prime tests are only valid if the candidate is random.
- 1 more reply
New conversation -
-
-
They claim 1/16 success against one suite, that sounds heuristic.
-
It would be more like 1/2^80 if adequate number of rounds were used for non-random input, under known attacks. But in theory worse attacks may exist.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.