15 May
2008
15 May
'08
6:56 p.m.
Daniel de Kok wrote:
"Furthermore, all DSA keys ever used on affected Debian systems for signing or authentication purposes should be considered compromised; the Digital Signature Algorithm relies on a secret random value used during signature generation."
Take care, Daniel
SANS have more on this today and will likely continue to update the story as new developments emerge:
To summarise, scripts that allow brute-forcing of keys are already in the wild - expect to see an upturn in activity on port 22 as a result. Further, for SSL secured websites, if the public key is known, no brute-forcing is even necessary.
Ned