[guardian-dev] DSA
Michael Rogers
michael at briarproject.org
Thu Aug 15 16:08:43 EDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Hans,
Key generation isn't the issue I meant. DSA leaks the private key in
signatures if you don't use a good RNG when signing, regardless of
whether you used a good RNG to generate the key.
https://www.imperialviolet.org/2013/06/15/suddendeathentropy.html
Cheers,
Michael
On 15/08/13 20:58, Hans-Christoph Steiner wrote:
>
> RSA and other algorithms will also have problems if there is bad
> random. DSA is just more quickly affected. But yes, OTR keys are
> DSA, and OTR clients on Android generate DSA keys on Android. They
> probably all use SecureRandom, so they probably are all affected by
> this bug. I think Nathan is already working on how to do migration
> in Gibberbot/ChatSecure.
>
> This is one reason why we ported GPG to Android. GPG is not
> affected by this bug at all. Ultimately we hope to use GPG to do
> generate any and all keys, since GPG is the most proven software
> for that kind of thing.
>
> .hc
>
> On 08/15/2013 03:53 PM, Michael Rogers wrote:
>> So: OTR uses DSA; DSA leaks the private key if the RNG is bad;
>> Android has a bad RNG. Could long-term OTR private keys have been
>> leaked as a result of the Android RNG bug?
>>
>> Cheers, Michael _______________________________________________
>> Guardian-dev mailing list
>>
>> Post: Guardian-dev at lists.mayfirst.org List info:
>> https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>>
>> To Unsubscribe Send email to:
>> Guardian-dev-unsubscribe at lists.mayfirst.org Or visit:
>> https://lists.mayfirst.org/mailman/options/guardian-dev/hans%40guardianproject.info
>>
>>
>>
You are subscribed as: hans at guardianproject.info
>>
>
>
>
> _______________________________________________ Guardian-dev
> mailing list
>
> Post: Guardian-dev at lists.mayfirst.org List info:
> https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe Send email to:
> Guardian-dev-unsubscribe at lists.mayfirst.org Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/michael%40briarproject.org
>
> You are subscribed as: michael at briarproject.org
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJSDTVLAAoJEBEET9GfxSfMXHwH/jlOVx1R4Ri5FjQjt6IZ4aSL
khFSSu0vDQh9tULDyCcpri1PI3dCCNi41uQG7TZglB7QzygwRKfBjDOjkK+0RoYr
Qn+KYaEAW8Kb9ybCtUdEc6kzFxFQ644DhYm7ie2KrO1Nxj1xO9k8aEfshpEzl3vX
ZqP6uP3Qy2dT2YqVfhEW6BxeNj4hjRvk4LlP/WhirxZhQGTZ4t1MnXEfJMsaA57F
X59RgfxwTr6SiIvQTTiUAMtWZZ51bXKvXVtHoonsDayJqCV/+bqb+Pq1mIL6xE4z
5pfv+f1kX8nVUZQcvdOjku4OUf3WnrulP6xAVyEr4f9V3OYM5YIKvCxS/9WCgsk=
=tDV7
-----END PGP SIGNATURE-----
More information about the Guardian-dev
mailing list