Re: SSH keys: DSA vs RSA
Steve Greenland <firstname.lastname@example.org> writes:
> "brian m. carlson" <email@example.com> wrote:
>> Therefore, anyone who had a DSA key has had it compromised...
> Shouldn't that be "anyone who had a DSA key *created by the flawed
> version of openssl* has had it compromised..."? Or are you asserting
> something stronger?
He's asserting something stronger. As I understand it, if you use a
perfectly valid and strong DSA key with a weak nonce (such as from a
broken random number generator), you just revealed your DSA key to someone
who knows what to look for and can brute-force or otherwise determine the
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>