Hacker News new | ask | show | jobs
by green7ea 4046 days ago
From my understanding, this doesn't show that he can break RSA but rather that the key generator that generated the keys in the GPG strong suite were completely broken. The factors were 7 and 77 which is completly ridiculous, they should be in the range of 2^2048. This does mean further scrutiny on key generators is a must.
1 comments
acqq 4046 days ago
Exactly. The GPG that generated that keypair was obviously not doing what it was supposed to do.

It can be something on the level of the famous Debian patch fiasco.

The worrying thing is that nobody until now published such findings.

The second found p is 21(!?)

Edit: see the new post from agwa, if all the keys with bad properties came the same way it's much less worrying.

link
ikeboy 4046 days ago
https://eprint.iacr.org/2012/064.pdf

https://factorable.net/weakkeys12.extended.pdf

link
acqq 4046 days ago
Thanks.

The first paper mentions some 157 PGP keys and some "probably copy-paste errors." Maybe somebody can tell more about it, I wasn't able to evaluate the effects.

The second didn't analyze PGP keys, but otherwise was certainly impressive.

link
ikeboy 4046 days ago
http://shoestringfoundation.org/cgi-bin/blosxom.cgi/2004/07/...
link
noondip 4046 days ago
A look at the PGP ecosystem through the key server data

https://eprint.iacr.org/2015/262.pdf

link
acqq 4046 days ago
That one sounds optimistic:

"Based on my research it seems that over a very long time the use of PGP implementations with deeply awed random number generation functions was very rare."

link