Il 17 febbraio 2012 08:46, Roberto Resoli <roberto.resoli@xxxxxxxxx> ha scritto: > Il 16 febbraio 2012 19:10, Marco Ciampa <ciampix@xxxxxxxxx> ha scritto: >> On Thu, Feb 16, 2012 at 06:58:49PM +0100, Roberto Resoli wrote: >>> lo afferma un gruppo di ricerca guidato dal noto matematico olandese >>> Arjen K. Lenstra >>> >>> http://eprint.iacr.org/2012/064 >>> >>> Alcune reazioni: >>> http://blogs.computerworld.com/19734/rsa_crypto_is_flawed_risky >>> >> >> Come dice questo articolo... >> >> http://dankaminsky.com/2012/02/14/ronwhit/ >> >> What? (Trad: Cosa? Eh? Digerito male?) > > citando tutto: > "The conclusion they reached was that RSA, because it has two secrets > (the two primes, p and q), is “significantly riskier” than systems > using “single-secrets” like (EC)DSA or ElGamel. > > What?" > > è questa parte (da cui deriva anche il titolo del paper) a suscitare > la perplessità di Kaminski, > non la serietà dello studio. Peraltro ci sono solidi dati qui a giustificare la perplessità: "For ElGamal and DSA sharing is rare, but for RSA the frequency of sharing may be a cause for concern. What surprised us most is that many thousands of 1024-bit RSA moduli, including thousands that are contained in still-valid X.509 certicates, offer no security at all. This may indicate that proper seeding of random number generators is still a problematic issue" e subito dopo: "The lack of sophistication of our methods and ndings make it hard for us to believe that what we have presented is new, in particular to agencies and parties that are known for their curiosity in such matters. It may shed new light on NIST's 1991 decision to adopt DSA as digital signature standard as opposed to RSA, back then a \public controversy" (cf. [7]); but note the well-known nonce-randomness concerns for ElGamal and (EC)DSA (cf. Section 4.4) and what happens if the nonce is not properly used (cf. [6])." rob -- Per iscriversi (o disiscriversi), basta spedire un messaggio con OGGETTO "subscribe" (o "unsubscribe") a mailto:linuxtrent-request@xxxxxxxxxxxxx