It looks likely that the only remaining source of entropy in the generated keys comes from the PID of the process. This is 16 bits, typically much less effective entropy. So there may, in fact, be just a few thousand possibilities for a specific key size. Looks like ‘dowkd.pl’ lists about 262,000 entries. — MarshRay
Ich muss wohl niemanden mehr sagen, was nur 262k Möglichkeiten bedeutet…
0 Antworten to “Debian OpenSSL Schwäche … wie schlimm es ist”