Subject: Re: really really obsolete etc/moduli in NetBSD
To: None <tech-security@netbsd.org>
From: William Allen Simpson <wsimpson@greendragon.com>
List: tech-security
Date: 01/15/2005 17:52:16
Thor Lancelot Simon wrote:

>On Sat, Jan 15, 2005 at 03:44:51PM -0500, William Allen Simpson wrote:
>  
>
>>Nobody should trust relatively short primes for any length of time. 
>>That's one of several reasons to change them regularly. 
>>    
>>
>
>I don't see how that actually addresses Charles' basic point: that unless
>the moduli currently in use *are not prime*, they cannot be "cracked" in
>any way that would reduce the security of the algorithms in which they are
>used.
>
>  
>
That is not accurate.  Primes used in modular exponentiation are
"cracked" by taking the discrete logarithm. 

This has nothing whatsoever to do with non-primes.

>Changing moduli obviously does supply more targets for an adversary who
>is trying to luck out and hit one that is not, in fact, prime -- but it
>is not so clear to me whether this is a good thing or a bad thing.
>
>  
>
This is not accurate, either.  Changing moduli will supply more targets
for an adversary who is trying to calculate the discrete logarithm of
one of them, limiting the exposure of the application. 

This has nothing whatsoever to do with non-primes.


>If the two paragraphs above are not correct, perhaps you would be so
>kind as to explain to me why, 
>
And you also might benefit from
  draft-ietf-secsh-dh-group-exchange-04
(context which you failed to include from my message.)


>without reference to other related uses
>of prime numbers in cryptography that are not directly germane, nor
>the sort of unfortunate personal brawling that seems to be going on
>between yourself and Charles.
>
>  
>
???  Charles, in his only message on this topic thus far, began by
calling my message "pure FUD", ended saying oddly "you have no pants",
and was pretty much content free in between.

I admonished him "Enough with the attitude, thank you very much."
(In the line just before you began your excerpt.)

That's a brawl?

I do wish NetBSD folk would take security more seriously.

-- 
William Allen Simpson
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32