back to article PANIC! RSA keys are compromised!

Just as quickly as a panic emerged about vulnerable 4096-bit RSA keys, it's been defused. The discussion started with this brief post at Loper-OS, with the headline claim that: “I am pleased to announce that we have now broken a 4096-bit RSA key, as well as its factor-sharing counterpart (yet to be determined, but won’t wait …

  1. imanidiot Silver badge
    Alert

    So it's the usual

    Media are having a fieldday over someone overstating their own non-peer-reviewed embiggened "research conclusion". Color me surprised...

    (We need a "Nicolas Cage/You don't say" icon)

    1. choleric
      Mushroom

      Re: So it's the usual

      You're too generous!

      The media are having a field day over getting encryption wrong again.

      1. Mark 85 Silver badge

        Re: So it's the usual

        Which means that probably certain legislators will get it wrong once one of the staff brings it to their attention.

  2. Voland's right hand Silver badge

    Missing detail

    That ins one of HPA (H. Peter Anvin) keys.

    For those who are unaware HPA was (and probably still is) BOFH@kernel.org. That is actually a rather interesting key to play with as there is actual real stuff signed with it.

  3. Anonymous Coward
    Anonymous Coward

    I wish they'd have a gander at large (>>4kb) ElGamal keys generated by GnuPG

    >:-B

  4. Anonymous Coward
    Anonymous Coward

    Internal Server Error

    The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.

    I guess that means my key is safe then?

    1. CaptainBanjax

      Yes

      Its safe...from ALL.

      Unfortunately the only way to fix the error is to reboot the internet though.

      Just post a countdown here and we'll all reboot our routers for you. Shouldnt take long.

      1. DropBear
        Joke

        Re: Yes

        But why can't we all just use the backup internet in the mean time...?

  5. Daniel B.
    Boffin

    Happy Crypto Friends

    The thing is that anyone reading the original article would notice that p could be divided by 3. Which was a dead giveaway that either the key was broken, or that particular RNG was, or the key validation procedure was b0rked. Even the dude that published that was less concerned with cracking a 4096 bit key and more concerned on what would generate a key with a stupidly small prime number.

  6. Sorry that handle is already taken. Silver badge

    Mircea Popescu

    If it's the same Mircea Popescu, the guy seems to be a bit of a nutbar.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021