-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 25/10/13 15:10, Sam Tuke wrote:
Yes indeed. I just dug up some articles:
http://www.theregister.co.uk/2013/09/23/rsa_crypto_warning/ https://www.schneier.com/essay-446.html
Also: https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html#c1675929
The solutions are pretty easy though - stop using RSA (most FS products already did this some time ago afaics), and use longer key lengths with elliptic curve cryptography (sort of obvious in the first place, but developers need to take note).
Best,
Sam. - -- Sam Tuke Campaign Manager Free Software Foundation Europe IM : samtuke@jabber.fsfe.org Latest UK Free Software news: uk.fsfe.org Is freedom important to you? Join the fellowship.fsfe.org