On 17/10/17 20:36, Nick Lamb via dev-security-policy wrote:
The bitmasks are effectively lists of expected remainders for each small prime,
if your modulus has an expected remainder for all the 20+ small primes that
distinguish Infineon, there's a very high chance it was generated using their
Hi Rob, all,
we are treating this as an incident although all certs related to D-Trust are
indeed Qualified/EUTL certs governed by National German Law and are not
chaining up to roots that trusted by NSS, hence are not related to the WekbPKI.
An incident report will be submitted by tomorrow
Am Mittwoch, 18. Oktober 2017 11:15:03 UTC+2 schrieb Rob Stradling:
> I've completed a full scan of the crt.sh DB, which found 171 certs with
> ROCA fingerprints.
>
> The list is at https://misissued.com/batch/28/
>
> Many of these are Qualified/EUTL certs rather than anything to do with
> the
On Wednesday, October 18, 2017 at 4:15:03 AM UTC-5, Rob Stradling wrote:
> The list is at https://misissued.com/batch/28/
>
> Many of these are Qualified/EUTL certs rather than anything to do with
> the WebPKI. Only about half of them chain to roots that are trusted by NSS.
>
It's really
I've completed a full scan of the crt.sh DB, which found 171 certs with
ROCA fingerprints.
The list is at https://misissued.com/batch/28/
Many of these are Qualified/EUTL certs rather than anything to do with
the WebPKI. Only about half of them chain to roots that are trusted by NSS.
On
On 16/10/17 23:15, Jakob Bohm via dev-security-policy wrote:
Unfortunately, as of right now, their github repository still doesn't
include the promised C/C++ implementation,
Hi Jakob. Today I ended up rewriting the ROCA fingerprint checker in C
(using OpenSSL BIGNUM calls) to get it working
ecurity-policy
Sent: Tuesday, October 17, 2017 7:37 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Efficient test for weak RSA keys generated in Infineon TPMs /
smartcards
On Monday, 16 October 2017 23:15:51 UTC+1, Jakob Bohm wrote:
> They have also obfuscated their test by provi
On Monday, 16 October 2017 23:15:51 UTC+1, Jakob Bohm wrote:
> They have also obfuscated their test by providing bitmasks as decimal
> bigints instead of using hexadecimal or any other format that makes the
> bitmasks human readable.
The essential fingerprinting trick comes down to this (I had
On Mon, Oct 16, 2017 at 09:14:29PM +0100, Rob Stradling via dev-security-policy
wrote:
> On 16/10/17 20:01, Matthew Hardeman via dev-security-policy wrote:
> > The authors of the paper on the weak RSA keys generated by Infineon TPMs
> > and smart cards have published code in multiple languages /
On 16/10/2017 21:01, Matthew Hardeman wrote:
The authors of the paper on the weak RSA keys generated by Infineon TPMs and
smart cards have published code in multiple languages / platforms that provide
for an efficient test for weakness by way of the Infineon TPM bug.
Perhaps this should be a
On 16/10/17 20:01, Matthew Hardeman via dev-security-policy wrote:
The authors of the paper on the weak RSA keys generated by Infineon TPMs and
smart cards have published code in multiple languages / platforms that provide
for an efficient test for weakness by way of the Infineon TPM bug.
11 matches
Mail list logo