Bug #91149 for CryptX: Suspected backdoors in all supported curves, no support for suspected clean curves

RT for rt.cpan.org

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the CryptX CPAN distribution.

Report information

The Basics

Id:	91149
Status:	resolved
Priority:	0/
Queue:	CryptX

People

Owner:	Nobody in particular
Requestors:	christopher [...] pobox.com
Cc:
AdminCc:

Bug Information

Severity:	(no value)
Broken in:	(no value)
Fixed in:	(no value)

History Show all quoted text

Tue Dec 03 08:09:50 2013 christopher [...] pobox.com - Ticket created

Subject:	Suspected backdoors in all supported curves, no support for suspected clean curves
Date:	Tue, 3 Dec 2013 23:09:21 +1000
To:	bug-CryptX [...] rt.cpan.org
From:	Chris Drake <christopher [...] pobox.com>

According to Snowden & suspected by Bruce Schneier, all the supported curves here have probable back doors. Support for other curves free from the influence of the NSA is needed in here.

Wed Dec 11 10:00:09 2013 MIK [...] cpan.org - Correspondence added

I'll try to add generic support for passing custom curve parameters, libtomcrypt has support for this - I just need to design proper perl interface + implement better key export/import.

Wed Dec 11 10:00:10 2013 The RT System itself - Status changed from 'new' to 'open'

Wed Jan 15 05:26:57 2014 MIK [...] cpan.org - Correspondence added

The latest DEV release contains improved ECC module which now supports more predefined curves + allows you to use custom curve definition. See https://metacpan.org/pod/release/MIK/CryptX-0.019_1/lib/Crypt/PK/ECC.pm#generate_key

Wed Jan 15 05:27:17 2014 MIK [...] cpan.org - Status changed from 'open' to 'patched'

Sat Jan 18 04:21:02 2014 MIK [...] cpan.org - Correspondence added

released 0.020 with fix for this rt

Sat Jan 18 04:21:03 2014 MIK [...] cpan.org - Status changed from 'patched' to 'resolved'