On Wed, May 28, 2008 at 04:31:20PM -0700, David Schwartz wrote:
> > Only against random attacks of course, if all attackers first check these
> > keys, then removing them strengthens the algorithm against (non-random)
> > brute-force attack. This said, the effort of explicitly avoiding these
> > is probably wasted (unless one suspects one has a identically weak RNG).
>
> I realize it's counter-intuitive, but even this is wrong. Suppose that
> there's an attack tool that everyone uses to attack a particular algorithm.
> It brute-forces passwords and follows a particular pattern.
>
> If you use an implementation that is known to not use the first 10,000 keys
> this algorithm tests, attackers will respond by skipping those 10,000 keys.
> The net result will only be a reduction in the keyspace.
You are changing the premise.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
