Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 22 Nov 2017 12:10:02 -0500
From: Chad Dougherty <>
Subject: Re: Go programming language invalid modular
 exponentiation result (Exp() in math/big pkg)

On 2017-11-22 11:34, Michal Zalewski wrote:
>> Is this fuzzer freely available?  I'd love to try it out on the bignum
>> support I added to the CHICKEN Scheme implementation for its upcoming
>> new major release (probably somewhere mid-2018).  Being able to release
>> it with a bit higher confidence in its correctness would be nice, as this
>> is almost all brand new code.
> Not the same tool, but Hanno released a bignum fuzzer that found quite
> a few issues back in the day:

One more reference that might help you, perhaps indirectly, is 
Ralf-Philipp Weinmann's talk from BlackHat USA 2015, "Assessing and 
Exploiting BigNum Vulnerabilities":



Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ