Re: openssl-blacklist & two keys per one pid
On May 19, 2008, at 9:52 PM, Jan Tomasek <Florian Weimer> wrote:
I do not trust dowkd.pl script because
it lacks info where keys were taken.
...
We did not want to publish this information in order to give system.
Do bear in mind that the public key consists of 1) the modulus and 2)
the public (or encryption) exponent; whereas
the private key consists of, again, 1) the modulus and 2) the private
(or decryption) exponent which must be kept secret.
They are called n and e and n and d respectively in most literature.
So note that the Modulus is in BOTH - and hence is known on the
'outside'** regardless which way round RSA is used.
Thus sharing*** the Modulus is not exactly that troublesome; and
building trust by making your results verifiable* is probably more
important - given that the bad guys got a 5 days headstart -and-
generating a keyspace takes not much time.
Dw
*: lots of eyes makes bugs shallow, allow for spot checks, etc.
**: For those on IRC which where not convinced; try openssl s_client -
connect www.amazon.com:443 -showcerts | openssl x509 -noout -modulus
(which will only show the first - pipe to file to get all).
***: The private key is sometimes stored in a different form, as the
p,q factors of n - in which case all aspects of the private key are
sensitive - people occasionally assume that that makes the modulus
sensitive too.
Reply to: