[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH keys: DSA vs RSA

Steve Greenland <steveg@moregruel.net> writes:
> "brian m. carlson" <sandals@crustytoothpaste.ath.cx> wrote: 

>> Therefore, anyone who had a DSA key has had it compromised...

> Shouldn't that be "anyone who had a DSA key *created by the flawed
> version of openssl* has had it compromised..."? Or are you asserting
> something stronger?

He's asserting something stronger.  As I understand it, if you use a
perfectly valid and strong DSA key with a weak nonce (such as from a
broken random number generator), you just revealed your DSA key to someone
who knows what to look for and can brute-force or otherwise determine the

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: