Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
First of all, RSA encryption does NOT equal RSA the company. We're talking about the company here.
Second, the reuters article mentions only the Elliptic curve PRNG NOT the Elliptic curve encryption. Basically, the backdoor that was inserted was really just making RSA co. use the Elliptic curve PRNG, which is known to be extremely weak: http://blog.0xbadc0de.be/archives/155
It was actually discovered in 2012: http://cyberwarzone.com/did-nsa-put-...ption-standard
We also discovered evidence of the implementation in the RSA BSAFE products of a non-standard TLS extension called “Extended Random.” This extension, co-written at the request of the National Security Agency, allows a client to request longer TLS random nonces from the server, a feature that, if it enabled, would speed up the Dual EC attack by a factor of up to 65,000. In addition, the use of this extension allows for for attacks on Dual EC instances configured with P-384 and P-521 elliptic curves, something that is not apparently possible in standard TLS. While the code implementing Extended Random was not compiled into our build of Share for C/C++, it was available (though deactivated) in the build of Share for Java that we analyzed. In the latter case, we were able to re-enable it and verify the functionality. Note that the attack times reported below do not take advantage of extended random.
In short they now has a means to decrypt RSA keys tens of thousands of times faster.
Unless I read things wrong I think that's a too sensationalist summary of things. First of all you need a "product" that includes the Dual Elliptic Curve Deterministic Random Bit Generator (some versions of Windows IIRC) and then the Extended Random protocol would have been a proposed addition to that.
Quote:
Originally Posted by lleb
What to replace RSA with for ssh keys and more?
First of all there's a difference between RSA Inc the company (BSAFE SW, HW token) and RSA as in the algorithm. Secondly as you moved from OpenSSH-1 to OpenSSH-2 you should already have moved from RSA to DSA keys (http://www.snailbook.com/faq/ssh-1-vs-2.auto.html) and only use RSA when talking to systems that can't do DSA.
Unless I read things wrong I think that's a too sensationalist summary of things. First of all you need a "product" that includes the Dual Elliptic Curve Deterministic Random Bit Generator (some versions of Windows IIRC) and then the Extended Random protocol would have been a proposed addition to that.
good to know here.
Quote:
First of all there's a difference between RSA Inc the company (BSAFE SW, HW token) and RSA as in the algorithm. Secondly as you moved from OpenSSH-1 to OpenSSH-2 you should already have moved from RSA to DSA keys (http://www.snailbook.com/faq/ssh-1-vs-2.auto.html) and only use RSA when talking to systems that can't do DSA.
i thought dsa keys were considerably easier to crack then rsa? thankfully i am running OpenSSH-2 on all of my systems.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
