[131338] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Some notes the Debian OpenSSL PRNG bug and DHE

daemon@ATHENA.MIT.EDU (Eric Rescorla)
Fri Aug 22 15:28:15 2008

Date: Thu, 21 Aug 2008 20:01:22 -0700
From: Eric Rescorla <ekr@networkresonance.com>
To: cryptography@metzdowd.com

Some colleagues (Hovav Shacham, Brandon Enright, Scott Yikel, and
Stefan Savage) and I have been doing some followup work on the Debian
OpenSSL PRNG bug. Perry suggested that some cryptography readers
might be interested in our preliminary analysis of the DHE angle,
which can be found here:

http://www.educatedguesswork.org/2008/08/the_debian_openssl_prng_bug_an.html

Also, Hovav gave a WIP on this topic at USENIX Security. The slides are at:

http://cs.ucsd.edu/~hovav/dist/debianwip.pdf

-Ekr

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[131338] in cryptography@c2.net mail archive

Some notes the Debian OpenSSL PRNG bug and DHE

daemon@ATHENA.MIT.EDU (Eric Rescorla)Fri Aug 22 15:28:15 2008

daemon@ATHENA.MIT.EDU (Eric Rescorla)
Fri Aug 22 15:28:15 2008