-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On 01/02/2014 01:22 PM, m.roth@5-cent.us wrote:
Eero Volotinen wrote:
Is there nice way to put back EC encryption on Centos?
RHEL disabled it due "patent issues", but is third party providing packages to EC enabled packages to centos ?
*Which* elliptic curve? I trust you've been reading the revelations from Snowdon about the NSA putting a backdoor in the common ones, esp. the POSIX ones.
- From what I've been able to find, this is a bit overstated.
There is *one* random number algorithm (Dual_EC_DRBG) associated with ECC that is believed to have been compromised. That it appeared vulnerable has long been known; Bruce Schneier wrote about it in 2007. It also happens to be inefficient and so is not widely used (but a few commercial products use it).
http://www.wired.com/politics/security/commentary/securitymatters/2007/11/se...
I was unable to find an associated vulnerability in Linux. I trust the OpenSSL folks would be on top of this faster than you can blink an eye if it were a current issue. They have not, from what I've seen, reacted to the revelations.
http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C22...
- -- David Benfell see https://parts-unknown.org/node/2 if you don't understand the attachment