Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 19 Oct 2015 15:40:58 -0700
From: Tim <tim-security@...tinelchicken.org>
To: oss-security@...ts.openwall.com
Subject: Re: Prime example of a can of worms

> We have AFAIK no good test suites to ensure random numbers/primes are
> cryptographically secure.
> 
> If we did we wouldn't have issues like CVE-2008-0166.


Actually, we might have this now.  See:
  http://www.cryptol.net/

These guys put on a very short training at BSidesPDX this last weekend
and it seems like it could be exactly what you're looking for.  No,
not to solve all the DH trouble, but it can make sure an
implementation matches a specification.  Of course you have to have a
specification.  But once you do, it can verify binaries' behavior.

tim

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ