Collaborate Disseminate
In my /etc/ssh/ directory, I can see three keys which contains three different types of ssh keys:
-rw——- 1 root root 607 Oct 4 22:43 ssh_host_dsa_key
-rw-r–r– 1 root root 623 Oct 4 22:43 ssh_host_dsa_key.pub
-rw——- 1 root… Continue reading What are the differences between the RSA, DSA, and ECDSA keys that SSH uses?
I wonder where the public server key g^x for DSS authentication is communicated to the client when a DHE_DSS cipher suite is used in TLS 1.2. Precisely:
A DSS certificate contains crypto parameters (p_1, q_1, g_1). These va… Continue reading TLS – DHE_DSS: How does client know public DSS-server key?
I have a question about DSA and GPG. Suppose you are trying to verify a downloaded file is ‘legit’ (i.e., no malicious code and it is the intended file). I’ll just use Ubuntu’s 16.04 LTS ISO image as an example. Following thr… Continue reading Can an attacker replace the hash of a download, a download, and the public key?
I have a question about DSA and GPG. Suppose you are trying to verify a downloaded file is ‘legit’ (i.e., no malicious code and it is the intended file). I’ll just use Ubuntu’s 16.04 LTS ISO image as an example. Following through the instr… Continue reading Can an attacker replace the hash of a download, a download, and the public key?
I am analyzing the impact of CVE-2016-1000341 having CVSS score 7.5 and description “DSA signature generation vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of bl… Continue reading Impact analysis of CVE-2016-1000341 affecting BouncyCastle
I am analyzing the impact of CVE-2016-1000341 having CVSS score 7.5 and description “DSA signature generation vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of bl… Continue reading Impact analysis of CVE-2016-1000341 affecting BouncyCastle
I just installed a new wildcard certificate on my Ubuntu server (there was a single certificate installed before). I modified /etc/apache2/sites-available/000-default.conf which is for one specific subdomain and updated the p… Continue reading Website uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCH
In FIPS 186-1 and 186-2 L could be any number between 512 and 1024 (inclusive) that was a multiple of 64. N was fixed at 160.
FIPS 186-3 changed it so that L and N could be any combination of the following:
L = 1024, N = 1… Continue reading Does SSH support DSA with 2048 bit keys?
There was a question RSA vs. DSA for SSH authentication keys asking which key is better. Basically all answers were more in a favour of RSA over DSA but didn’t really tell that DSA would be somehow insecure.
Now however DSA … Continue reading Why OpenSSH deprecated DSA keys
There was a question RSA vs. DSA for SSH authentication keys asking which key is better. Basically all answers were more in a favour of RSA over DSA but didn’t really tell that DSA would be somehow insecure.
Now however DSA … Continue reading Why OpenSSH deprecated DSA keys