Gea-Suan LinApr 15, 2024

PuTTY 使用 ecdsa-sha2-nistp521 的漏洞

看到「PuTTY vulnerability vuln-p521-bias (greenend.org.uk)」這個消息,官網的說明在「PuTTY vulnerability vuln-p521-bias」這邊。

DSA 類的簽名演算法有個得很小心的地方,是 nonce 選擇不當會造成 key recovery,這在原文有提到:

All DSA signat

https://blog.gslin.org/archives/2024/04/16/11746/putty-%e4%bd%bf%e7%94%a8-ecdsa-sha2-nistp521-%e7%9a%84%e6%bc%8f%e6%b4%9e/

#Computer #Murmuring #Network #Security #Software #cryptography #generation #key #nist #p521 #p521 #putty #puttygen #security #sha512

PuTTY 使用 ecdsa-sha2-nistp521 的漏洞

看到「PuTTY vulnerability vuln-p521-bias (greenend.org.uk)」這個消息,官網的說明在「PuTTY vulnerability vuln-p521-bias」這邊。 DSA 類的簽名演算法有個得很小心的地方,是 nonce 選擇不當會造成 key recovery,這在原文有提到: All DSA signature schemes...

Gea-Suan Lin's BLOG
fuomag9Apr 15, 2024
Revoke your #ssh #p521 #putty #keys immediately!! www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
PuTTY vulnerability vuln-p521-bias