I wrote a blog post about our findings in Apple's CommonCrypto (and corecrypto) library https://www.massi.moe/blog/primality-testing-in-apple-core-crypto … with security update now live in macOS Mojave 10.14.1 and iOS 12.1 with @kennyog @martinralbrecht @jurajsomorovsky
Is there a PAKE protocol where the params aren't covered by a signature?
-
-
All of them - the point of a PAKE is for both parties to authenticate and establish keys without any PKI, hence no sigs.
-
I've never implemented TLS-SRP, but I thought it added certificate signatures to the mix precisely for reasons like this? I thought that's what the DSS/RSA ciphersuites in RFC5054 are?
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.