A few days ago socat, a popular networking tool, issued a curious sounding security advisory: "In the OpenSSL address implementation the hard coded 1024 bit DH p parameter was not prime. The effective cryptographic strength of a key exchange using these parameters was weaker than the one one could get by using a prime p. Moreover, since there is no indication of how these parameters were chosen, the existence of a trapdoor that makes possible for an eavesdropper to recover the shared secret from a key exchange that uses them cannot be ruled out."
Exploiting the Diffie-Hellman bug in socat
Exploiting the Diffie-Hellman bug in socat
Exploiting the Diffie-Hellman bug in socat
A few days ago socat, a popular networking tool, issued a curious sounding security advisory: "In the OpenSSL address implementation the hard coded 1024 bit DH p parameter was not prime. The effective cryptographic strength of a key exchange using these parameters was weaker than the one one could get by using a prime p. Moreover, since there is no indication of how these parameters were chosen, the existence of a trapdoor that makes possible for an eavesdropper to recover the shared secret from a key exchange that uses them cannot be ruled out."