On Thursday, February 27, 2014 1:07:00 AM UTC+1, Andrey Novoseltsev wrote: > > Hello, > > When I try to start a notebook from 6.1.1, I get > > sage-6.1.1/local/lib/python2.7/site-packages/Crypto/Util/number.py:57: > PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using > libgmp >= 5 to avoid timing attack vulnerability. > > Which did not happen before. Googling shows it in a few threads related to > other things, so I am not the only one with this warning - how serious it > is and why does it appear? Do we have a too old version of GMP or it is > detected incorrectly? > pycrypto wants to use powm_sec functions only available in latest versions of GMP and which will never be in MPIR. Unless you're using Sage to do actual crypto (which is a bad idea) and fear that someone spies your computer it's a no issue.
I think we kind of dealt with that when updating pycrypto, but apparently we missed something or you're using parts of pycrypto not used in sage (in fact none of pycrypto should be imported by default now IIRC). Thank you! > Andrey > -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To post to this group, send email to sage-devel@googlegroups.com. Visit this group at http://groups.google.com/group/sage-devel. For more options, visit https://groups.google.com/groups/opt_out.
