Is scallion protected against this vulnerability?

lachesis / scallion

GPU-based Onion Hash generator

Other

1.25k stars 164 forks source link

Is scallion protected against this vulnerability? #82

Open maxweisspoker opened 8 years ago

maxweisspoker commented 8 years ago

Forgive me, I am not a cryptographer, but I noticed scallion has not been updated in a while, and that the following issue was discovered somewhat recently:

http://www.math.unicaen.fr/~nitaj/rsa10.pdf

Is that potential vulnerability with public exponents a problem for keys generated with scallion? Or for some fraction of them?

freethenation commented 7 years ago

The keys generated by Scallion are quite similar to those generated by shallot. They have unusually large public exponents, but they are put through the full set of sanity checks recommended by PKCS #1 v2.1 via openssl's RSA_check_key function.

ChillerDragon commented 4 years ago

The link is dead :/ @maxweisspoker

meiskam commented 4 years ago

https://web.archive.org/web/20170705123024/http://www.math.unicaen.fr/~nitaj/rsa10.pdf