Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 5 May 2016 17:21:46 +0300
From: Alexander Cherepanov <>
Subject: Re: broken RSA keys

On 2016-05-05 12:23, Hanno Böck wrote:
> What one will find are 273 vulnerable moduli.

I've took a look.

174 moduli are divisible by 2**32+1. All of them consist of duplicated 
32-bit limbs, as we have already seen in previous examples. There are no 
exponents in the set, so I've only checked moduli.

214 moduli are both in this set and in the phuctor set. There are 11 
moduli that are in phuctor only:

> I'll upload a keyids file to the pgpmoduli repo:
> The way to interpret that data is that line numbers match. I.e. the gcd
> in line 10 of gcds matches the modulus in line 10 of vulnerable_moduli
> and the keyid in line 10 of keyids etc.

There are only 259 keyids though.

Alexander Cherepanov

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.