Two sets of researchers revealed that insufficiently random choices of the prime numbers from which encryption keys are derived for Web site SSL/TLS certificates mean that the private parts of the keys can be derived. Fortunately, it’s not a flaw in an algorithm, and seems to affect only a small number of sites. Read the whole explanation in Glenn Fleishman’s account at Boing Boing.
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.