Security Hardware Alert! Check Your Pubkey Now!

ROCA: Vulnerable RSA generation (CVE-2017-15361)
Security Hardware Alert! Check Your Pubkey Now!

If you are using any type of security hardware
And you generated RSA keys onchip?
keychest.net/roca

Offline Check:
>github.com/crocs-muni/roca

If affected, immediately revoke your key and try again. Generate your next one from a secure computer system instead, and transfer the key into the card later.

Check Your Yubikey and Ask for a Replacement:
(firmware read-only, not upgrade-able)
>yubico.com/keycheck/

Cost

Though the attack is not lightning fast, 140.8 CPU years is not difficult at all. 200 gaming PCs can crack a RSA key within a year. And all attackers can only get faster.
The full research is going to be presented at ACM CCS 2017 in November. The WPA2 attack (>>806357) is also presented here. What a shocking conference for this year.

Other urls found in this thread:

crocs.fi.muni.cz/public/papers/rsa_ccs17
en.wikipedia.org/wiki/Elliptic-curve_cryptography
safecurves.cr.yp.to/
cr.yp.to/talks/2013.05.31/slides-dan tanja-20130531-4x3.pdf
bada55.cr.yp.to/bada55-20150927.pdf
gost.cypherpunks.ru/English.html#English
twitter.com/AnonBabble

Source: crocs.fi.muni.cz/public/papers/rsa_ccs17

Stallman was right. Whether it is sofware or hardware, any form of proprietary is built with cancer.

All my pubkeys are Ed25519. Eat shit you legacy-fetishizing faggot

...

en.wikipedia.org/wiki/Elliptic-curve_cryptography

user... I
Don't think you should use eleptic curve based algorithms because the not secret agency backdoored their implementations long ago. Try again.

Shor's algorithm already obsoletes RSA anyway.

guys post private keys!

I suggest you stop being retarded. There's more than one curve.
See safecurves.cr.yp.to/

Sounds legit.

Gee it's not like this has been known since Sn*wden or even earlier

>made by a (((american college)))
Totally legit. Nope. No n-s-yayyy-kun here at all.

You retarded don't even know who is this fucking Daniel J. Bernstein? And you have no idea of his research, do you? Okay if you know nothing about crypto and think DJB is a kike sockpuppet manipulating cryptography, I have nothing to say, keep using the potentially backdoored (((NIST elliptic curves))).

Or if you do have some clues, do some reading and start using DJB's Curve25519.
>cr.yp.to/talks/2013.05.31/slides-dan tanja-20130531-4x3.pdf


The author of the research actually went much further than you.
Read a paper.
>bada55.cr.yp.to/bada55-20150927.pdf

Mind uploading the papers straight to Holla Forums so we don't have to click on your links?

...

It's PDF anyway.

...

T.cianigger A.I who autogenerates URL's and websites on the fly using (((let's encrap))) and digicert domain certificates
Fuck off.

Thanks for uploading them.

T. actual intelligence agent attempting to make imageboard readers think it's a good idea to do stupid unsecure shit so they can more easily target them in the future.

Opening these files could have compromised your computer.

Where should one get their ssl certificate? I'd just self sign but that makes you very vulnerable to mitm attacks.

Use GNUnet+IPFS+tor. Tor gets you a backbone to spread encrypted information looking like https traffic via obfs4 so ISP's can't block you as easily. GNUnet gets you semi-shitty web servers you can access over a webbrowser which means video streaming and pictures/text viewing without DNS servers. IPFS gets you a file sharing service that can't be destroyed easily. GNUnet supports encryption as does tor. But IPFS doesn't so the only layer protecting information is TOR for it.

What someone needs to do is make a *nix or *bsd distro with all of this in one package together. Along with libreSSL as the openssl implementation and icecat or palemoon as the webbrowser. Then make it stupid proof for normies. With a server edition for power users and server operators.

If you use the current SSL cert + DNS infrastructure you are fucked long term if kikes don't like you. Along with traffic blocking if you used one of the above alone. But together you get a interesting blocker to snooping on traffic or blocking it. It's still possible, but the entry to snooping is much much fucking higher.

Yeah, I meant as someone hosting a website on the clearnet.

>T.cianigger A.I who autogenerates URL's and websites on the fly using (((let's encrap))) and digicert domain certificates
inb4 I get called a cianigger/agent fud/whatever, but holy shit people are this autistic? I mean, I use Gentoo and ungoogled my life etc. but still, this sounds like pure autism. Do you go outside?

Yes.

You didn't answer my question at all. Also, what exactly is wrong with let's encrypt?

Don't use digicert certificates because they are compromised by pic related. Don't use (((let's encrap))) certificates because of how easily they could be compromised if anyone got ahold of the original signing certificate or key for it. They then could make a copy of your certificate and MITM and keep it pure ssl.

That is all the advice I have on ssl certificates as that's all I know about.

He meant the censorship.

Anyway, censorship is more or less an issue. WWW in current year can be pretty secure, but still not very resistance to censorship if major infrastructure providers decided to kick you out, like your web hosting and domain registrar. (((CA))) can abuse and revoke your legitimate certificate to render your website useless though never heard that ever happened. DNSSEC can also be potentially abused to DoS a ton of domain names. But the information transferred on the wire is protected by TLS and secure if used correctly... Don't even talk about the Great Cloudwall controlling 30% percent of the traffic on the Internet, oops, 8ch.net uses CloudFlare.

All the PoVs above are valid and important, but here is pretty absurd.
It's pointless. The whole CA system is broken, any well-known authorities can issue any certificates to any websites, no matter what you use. So why bother choosing, if the security is the same anyway? Just pick a low hanging fruit is enough. Further attempts are worthless.

If some feds decided to go after you and your users, they need to forge a valid certificate (cooperate with or compromise any one of the authorities from the default trusted list) and intercepts all the traffic towards your server, which is not easy to implement and leave evidence to the whole Internet, and can be partially defeated by Public Key Pinning. And if that is still not enough for you, what is the point to host your website for the general public on WWW anyway? This is what the level of security WWW can provide as for now, don't give overrated credit and then start shitposting about Let's Encrypt. If you just host something for your and your circlejerks, certificate whitelisting + /etc/hosts, or things like Tor/GNUNet/IPFS work exceptionally well. In the end, a certificate is required to make a public website on WWW more secure, regardless of which certificate you use.


This. If you know Internet cryptography you should know there's a personal website called cr.py.to.

>trusting your signatures and email encryption to (((Rivest))), (((Shamir))) and (((Adleman)))
Do you want to be cucked by MOSSAD and NSA, Holla Forums?
Start using trusted algorithms developed by white slavic men today.
gost.cypherpunks.ru/English.html#English

...

Something the mentally ill inbreeds in this thread sorely lack.

>replying to the epic (((t. cianigger))) (((n-s-yayyy-kun))) larper
sage

It only makes you vulnerable if you mindlessly ignore the browser warnings and accept everything. If your users have the means to properly check and verify the certificate fingerprint, then self-singed is perfectly ok.
It also have an advantage because unless you have your own IP space, you can only make self-signed certificates for IP addresses.


Nothing is wrong with Let's Encrypt. They are the only CA which you don't have to worry about being compromised and being able to decrypt all of your traffic (because your private keys don't get transferred to them).


compromised by pic related? How? What exactly is "wrong" with your pic?