On Mon, Jan 06, 2014 at 05:24:00PM +0100, Jean-Yves Migeon wrote: > I don't think it is possible; key parameters do not keep information > about the state they were created in. The system is weak not because > the key is invalid but rather because an attacker has fewer states > to test before being successful.
But that assumes the attacker knows how the random generator was skewed, dosn't it? And if the attacker can test it remotely, we should be able to test it locally with access to the private key, or am I missing something? -- Emmanuel Dreyfus [email protected]
