oss-sec mailing list archives
Re: nss RSA forgery (CVE-2014-1568)
From: Hanno Böck <hanno () hboeck de>
Date: Fri, 26 Sep 2014 00:11:21 +0200
On Thu, 25 Sep 2014 23:17:58 +0200 Hanno Böck <hanno () hboeck de> wrote:
Some more info, but not much: http://www.intelsecurity.com/advanced-threat-research/ Initially I thought this is probably not such a big deal because the bleichenbacher attack requires e to be very small (like e=3 or e=4) and everyone uses e=65537 these days. But it seems I was wrong on that, lots of CAs still with e=3.
Correcing me: There are not lots of, but exactly 6. Camerfirma_Chambers_of_Commerce_Root.pem: 3 (0x3) Camerfirma_Global_Chambersign_Root.pem: 3 (0x3) Digital_Signature_Trust_Co._Global_CA_1.pem: 3 (0x3) Digital_Signature_Trust_Co._Global_CA_3.pem: 3 (0x3) Go_Daddy_Class_2_CA.pem: 3 (0x3) Starfield_Class_2_CA.pem: 3 (0x3) Some background: having very small exponents for RSA isn't a problem if you do everything right, but it vastly increases the likelyhood of issues like this popping up. It'd seem like a good safeguard to get rid of all e=3 keys. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
signature.asc
Description:
Current thread:
- nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 24)
- Re: nss RSA forgery (CVE-2014-1568) Marcus Meissner (Sep 24)
- Re: nss RSA forgery (CVE-2014-1568) Yves-Alexis Perez (Sep 25)
- Re: nss RSA forgery (CVE-2014-1568) Nick Semenkovich (Sep 24)
- Re: nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 25)
- Re: nss RSA forgery (CVE-2014-1568) Hanno Böck (Sep 25)
- Re: nss RSA forgery (CVE-2014-1568) Marcus Meissner (Sep 24)