University Crest

[wlug] Crypto flaw was so glaring it may be intentional eavesdropping backdoor

 
wlug archive index About the wlug list Mailing lists home
To The University of Waikato HomepageWaikato Home > Waikato Mailing Lists > wlug Info > wlug archives
Peter Reutemann fracpete@w...
Wed Feb 3 12:04:10 NZDT 2016


"Socat is a more feature-rich variant of the once widely used Netcat
networking service for fixing bugs in network applications and for
finding and exploiting security vulnerabilities. One of its features
allows data to be transmitted through an encrypted channel to prevent
it from being intercepted by people monitoring the traffic. Amazingly,
when using the Diffie-Hellman method to establish a cryptographic key,
Socat used a non-prime parameter to negotiate the key, an omission
that violates one of the most basic cryptographic principles."

-- source: http://arstechnica.com/security/2016/02/crypto-flaw-was-so-glaring-it-may-be-intentional-eavesdropping-backdoor/

Cheers, Peter
-- 
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/


More information about the wlug mailing list
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.

The University of Waikato - Te Whare Wananga o Waikato