Yup, confirmed: the ROCA guys deliberately obfuscated their vulnerable key test (and made it slower). This is sad.https://github.com/crocs-muni/roca/issues/39 …
-
Its a "fingerprint", which is heuristic and (imo) doesnt reveal anything about the particular weakness; see,https://twitter.com/mongobug/status/920322434791821312 …
It's not a heuristic, it's a strict check. It detects 100% of Infineon keys and has a tiny false positive rate for non-Infineon keys.
-
-
But yes, it doesn't per se reveal the specific weakness (though it sends hints). However the obfuscation adds nothing.
-
Totally agree re: obfuscation :)
End of conversation
New conversation -
-
-
The link I just posted generates non-Infineon keys with a 100% false positive rate according to the "strict check".
-
Of course you can *construct* false positives (or true positives - are you sure your keys are not vulnerable?), but that means nothing.
- Show replies
New conversation -
-
-
Also see previous paper on key generator fingerprinting by the same authors: https://www.usenix.org/node/197198
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.