Tag Archives: dh

密碼系統的 Monoculture

這篇文章講到最近密碼系統的現象:「On the Impending Crypto Monoculture」。 目前常在用的密碼系統包括了 RSA、DH、ECDH、ECDSA、SHA-2、AES 這些演算法,而最近這幾年大家在推廣使用的演算法都出自於同一個人手裡,Dan Bernstein,也就是 djb: A major feature of these changes includes the dropping of traditional encryption algorithms and mechanisms like RSA, DH, ECDH/ECDSA, SHA-2, and AES, for a completely different set of mechanisms, including … Continue reading

Posted in Computer, Murmuring, Security | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , | 1 Comment

在攻擊時總是挑最弱的一環:NSA 對 DH 的攻擊

在「How is NSA breaking so much crypto?」這邊提到了 2012 年有文章說明 NSA 有能力解開部份的加密通訊,而後來 Snowden 所提供的資料也證實了這點: In 2012, James Bamford published an article quoting anonymous former NSA officials stating that the agency had achieved a “computing breakthrough” that gave them “the ability to … Continue reading

Posted in Computer, Murmuring, Network, Security, VPN, WWW | Tagged , , , , , , , , , , , , | Leave a comment

CloudFlare 的 Keyless SSL 服務

CloudFlare 有兩篇公告出來:「Announcing Keyless SSL™: All the Benefits of CloudFlare Without Having to Turn Over Your Private SSL Keys」、「Keyless SSL: The Nitty Gritty Technical Details」。前面的一篇偏向公告文 (以及公關稿),而後面的一篇提到了實際運作的方式。 用兩張 Keyless SSL 的 flow 就可以知道差異了,一張是 RSA-based,一張是 DH-based: 把與 private key 相關的運算拆出來,由後方計算完成後再計算出 session key 與 … Continue reading

Posted in CDN, Cloud, Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , | Leave a comment

1024bits 的 RSA 與 DH...

看到「Majority of Tor crypto keys could be broken by NSA, researcher says」,說明 NSA 曾經跟 IBM 訂作特殊晶片: "Everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys," Graham wrote in a blog post published Friday. "Assuming no … Continue reading

Posted in Computer, Murmuring, Network, Security, Software | Tagged , , , , , , , | Leave a comment