These are the old pages from the weblog as they were published at Cornell. Visit for up-to-date entries.

January 25, 2003

A Critique of 'Master Key Copying Revealed'

I've never seen such a ridiculously overhyped teaser article about a very simple 150 year old weakness. [Donald Eastlake]

Clemens, Joe, Wes, Slashdot and others have pointed yesterday to the paper by Matt Blaze on the how Master Keys can be created, all triggered by an article in the New York Times. I have to agree that the paper is an interesting read. However I hope everyone realizes, as I think Wes also tried to hint at, that these vulnerabilities are common knowledge, and have been for a long time already.  I think that a good critique to the paper was given in a message that Donald Eastlake sent on Dave Farber's IP mailing list (Donald being one of the crypto pioneers). In the message Donald shows how the trivial the techniques really are.

Posted by Werner Vogels at January 25, 2003 09:55 AM