Re: SSH keys: DSA vs RSA (was: Alioth and SSH: restored)
On Wed, May 14, 2008 at 06:22:37PM -0500, Steve Greenland wrote:
>> Therefore, anyone who had a DSA key has had it compromised...
> Shouldn't that be "anyone who had a DSA key *created by the flawed
> version of openssl* has had it compromised..."? Or are you asserting
> something stronger?
No. Any key who had a single DSA signature created by the flawed version of
OpenSSL should be considered compromised. DSA requires a secret, random
number as part of the signature process; if someone figures it out, or you
use the same number twice, the entire secret key falls.
/* Steinar */