Linked by Thom Holwerda on Thu 4th Mar 2010 21:53 UTC
Privacy, Security, Encryption Computer scientists say they've discovered a "severe vulnerability" in the world's most widely used software encryption package that allows them to retrieve a machine's secret cryptographic key. The bug in the OpenSSL cryptographic library is significant because the open-source package is used to protect sensitive data in countless applications and operating systems throughout the world. Although the attack technique is difficult to carry out, it could eventually be applied to a wide variety of devices, particularly media players and smartphones with anti-copying mechanisms.
Permalink for comment 412818
To read all comments associated with this story, please click here.
RE[2]: Comment by f0dder
by mintar on Tue 9th Mar 2010 09:49 UTC in reply to "RE: Comment by f0dder"
Member since:

...then again, it's about harvesting bits from the private key - devices doing auth only need the public key. Probably less interesting than I initially thought ;)

Harvesting bits from the public key would not make much sense now, would it? After all, it's public.

Reply Parent Score: 1