RSA backdoors & Canon printers
2017-12-19 00:08:42.684898+01 by
Dan Lyke
3 comments
Oh this is beautiful: RT Matthew Green
@matthew_d_green:
There is no way the extended_random extension and TLS1.3’s keyshare just
happened to share the same value. I smell an excellent prank.
Apparently RSA implemented a crypto backdoor in their BSAFE TLS library. Security
researcheers who reverse-engineered the free version of this library saw the backdoor, but
believed it was turned off. Apparently it was turned on in the commercial version used in
Canon printers. This flag conflicted with a new TLS keyshare feature.
Wonder if someone did this in order to surreptitiously expose that the flag was getting
turned on in the commercial version of the library.
[ related topics:
Language Interactive Drama Books Invention and Design Cryptography Woodworking
]
comments in ascending chronological order (reverse):
#Comment Re: RSA backdoors & Canon printers made: 2017-12-24 01:12:30.997836+01 by:
Dan Lyke
The Strange Story of Extended Random, some further exploration.
#Comment Re: RSA backdoors & Canon printers made: 2017-12-24 17:19:23.157515+01 by:
TheSHAD0W
> (If these turn out to be special Department of Defense printers, I will eat my words.)
I wouldn't be surprised though. One branch of government spying on another? I believe it.
#Comment Re: RSA backdoors & Canon printers made: 2017-12-26 18:03:56.299723+01 by:
Dan Lyke
Yep, I could totally believe that there's various inter-departmental skullduggery afoot...