Romantic Cryptography, i.e. how to say "I love you" but only if the other person is going to say "me too"
.. and sorry for the direct PDF link. http://www.anagram.com/jcrap/Volume_7/ $\Re(s) = \frac{1}{2}$ for all s where $\zeta(s) = 0$ and $0 < \Re(s) < 1$
.. I mean, where zeta is the Riemann's one :) Test for CVE-2015-1793 (Alternate Chains Certificate Forgery)
Chain is as follows:
rootCA (self-signed)
|
interCA
|
subinterCA subinterCA (self-signed)
| |
leaf ------------------
|
bad
rootCA, interCA, subinterCA, subinterCA (ss) all have CA=TRUE
leaf and bad have CA=FALSE
subinterCA and subinterCA (ss) have the same subject name and keys
interCA (but not rootCA) and subinterCA (ss) are in the trusted store
(roots.pem)
leaf and subinterCA are in the untrusted list (untrusted.pem)
bad is the certificate being verified (bad.pem)
Versions vulnerable to CVE-2015-1793 will fail to detect that leaf has
CA=FALSE, and will therefore incorrectly verify bad *) Alternate chains certificate forgery
During certificate verfification, OpenSSL will attempt to find an
alternative certificate chain if the first attempt to build such a chain
fails. An error in the implementation of this logic can mean that an
attacker could cause certain checks on untrusted certificates to be
bypassed, such as the CA flag, enabling them to use a valid leaf
certificate to act as a CA and "issue" an invalid certificate.
This issue was reported to OpenSSL by Adam Langley/David Benjamin
(Google/BoringSSL).
[Matt Caswell] $a = "DjBlYVWap4fQC8b3C73+NATPA2We"."c"."E+FNMAP+2WcTIdAzJQv6y2hFaP0F"."V"."y7hgdJc4ZlbX0fNKQgWdePWo3R7w";
$b = "DjBlYVWap4fQC8b3C73+NATPA2We"."d"."E+FNMAP+2WcTIdAzJQv6y2hFaP0F"."d"."y7hgdJc4ZlbX0fNKQgWdePWo3R7w";
var_dump($a === $b); // false
var_dump(md5(base64_decode($a)) === md5(base64_decode($b))); // true
:-P