List Info

Thread: http://www.openssl.org/news/secadv_20060905.txt
http://www.openssl.org/news/secadv_20060 905.txt
user name
 2006-09-05 14:53:43 
Does anyone know the practicality of this attack ? i.e. is
this trivial to do ?

         ---Mike

------------------------------------------------------------
--------
Mike Tancsa,                                      tel +1 519
651 3400
Sentex Communications,                            mikesentex.net
Providing Internet since 1994                   
www.sentex.net
Cambridge, Ontario Canada                        
www.sentex.net/mike

_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"
http://www.openssl.org/news/secadv_20060 905.txt
user name
 2006-09-05 15:56:30 
At 10:53 AM 9/5/2006, Mike Tancsa wrote:
>Does anyone know the practicality of this attack ? i.e.
is this 
>trivial to do ?

Also, for RELENG_6, can someone confirm the patch referenced
in

h
ttp://www.openssl.org/news/patch-CVE-2006-4339.txt

be applied with the one change of


+{ERR_REASON(RSA_R_PKCS1_PADDING_TOO_SHORT),"pkcs1
padding too short"},

to


+{RSA_R_PKCS1_PADDING_TOO_SHORT,"pkcs1 padding too
short"},


I manually added in the diffs and everything seems to
compile and 
function with some limited testing. I did

cd /usr/src/crypton/openssl/crypto/rsa
patch < p
cd /usr/src/secure
make clean
make obj
make depend
make includes
make
make install





>         ---Mike
>
>--------------------------------------------------------
------------
>Mike Tancsa,                                      tel +1
519 651 3400
>Sentex Communications,                           
mikesentex.net
>Providing Internet since 1994                   
www.sentex.net
>Cambridge, Ontario Canada                        
www.sentex.net/mike
>
>_______________________________________________
>freebsd-securityfreebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
>To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"
http://www.openssl.org/news/secadv_20060 905.txt
user name
 2006-09-05 16:08:10 
Mike Tancsa wrote:
> Does anyone know the practicality of this attack ? i.e.
is this trivial
> to do ?

I'm as surprised by this as you are -- usually I get
advance warning about
upcoming OpenSSL issues via vendor-sec -- but on first
glance it looks like
this attack is indeed trivial.

Also, it looks like the attack isn't limited to keys with a
public exponent
of 3; unless I misunderstand the bug, it affects small
exponents generally.
An exponent of 17 on a 4096-bit key is almost certainly
vulnerable; beyond
that I would need to read the ASN code to confirm.

Keys with a public exponent of 65537 are absolutely not
vulnerable to this
attack.

Colin Percival
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"
[1-3]

about | contact  Other archives ( Real Estate discussion Medical topics )