From owner-freebsd-security@freebsd.org  Fri Oct 27 23:17:36 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 25E12E52F56
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Fri, 27 Oct 2017 23:17:36 +0000 (UTC)
 (envelope-from repeatable_compression@yahoo.com)
Received: from sonic305-22.consmr.mail.ne1.yahoo.com
 (sonic305-22.consmr.mail.ne1.yahoo.com [66.163.185.148])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DB5657E8CE
 for <freebsd-security@freebsd.org>; Fri, 27 Oct 2017 23:17:35 +0000 (UTC)
 (envelope-from repeatable_compression@yahoo.com)
X-YMail-OSG: Kl4dQdgVM1msqR.S2NsQ1taP5P51i2wZW7RMAcXBPAbJRFtvDX8Ndjd1Nv77oE4
 5y2UaQyl_ojPiQaOgxNTk5whxgtjQTnym6y7IzZRljEbRloGPHuTt8zLqxO5i0DUljwTCUrEnYEF
 LuS8rxVY9rFX0.IWB2Nx_2ET4dNKw5ctMJt43bQycjj178tPmce7yzcHwcMAHzy_COeZYw61_EGD
 pWhfSVBZ7rymo1o4_tEIucjbEA0Tn7KKOvr4ONE6y42hNtpy5k.ZIXyelcscJgqYCU56GZGpaFtL
 OrPASmrcbFmR2jQetXxh.SmWvHaBsGSsBa7vk.bfKLeXj.IWSJpzwZWk1kBSR68NAihCXEGd_9Gp
 emn1mLkfG915CsRlhE6C5.EuDGQ8RStz900vRJO_gGJJ2Cir1fbiWR90.x6zHKoMPea7rObcF4A9
 HTS29xtOkDFIJTkJepvRo7DgVAra2eF0wJH0Uui8DNz7_BcRdvH5rf.hu7qQ7NKe7soHgCtVNvNY
 rqizFhICacx_uGiokzIpZoTmeFYtfZa3.wzcIbPBY73DTJQKGObcz8lub82Y-
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic305.consmr.mail.ne1.yahoo.com with HTTP; Fri, 27 Oct 2017 23:17:29 +0000
Received: from [127.0.0.1] by smtp111.mail.ne1.yahoo.com with NNFMP;
 27 Oct 2017 23:17:24 -0000
X-Yahoo-Newman-Id: 704549.63519.bm@smtp111.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: Kl4dQdgVM1msqR.S2NsQ1taP5P51i2wZW7RMAcXBPAbJRFt
 vDX8Ndjd1Nv77oE45y2UaQyl_ojPiQaOgxNTk5whxgtjQTnym6y7IzZRljEb
 RloGPHuTt8zLqxO5i0DUljwTCUrEnYEFLuS8rxVY9rFX0.IWB2Nx_2ET4dNK
 w5ctMJt43bQycjj178tPmce7yzcHwcMAHzy_COeZYw61_EGDpWhfSVBZ7rym
 o1o4_tEIucjbEA0Tn7KKOvr4ONE6y42hNtpy5k.ZIXyelcscJgqYCU56GZGp
 aFtLOrPASmrcbFmR2jQetXxh.SmWvHaBsGSsBa7vk.bfKLeXj.IWSJpzwZWk
 1kBSR68NAihCXEGd_9Gpemn1mLkfG915CsRlhE6C5.EuDGQ8RStz900vRJO_
 gGJJ2Cir1fbiWR90.x6zHKoMPea7rObcF4A9HTS29xtOkDFIJTkJepvRo7Dg
 VAra2eF0wJH0Uui8DNz7_BcRdvH5rf.hu7qQ7NKe7soHgCtVNvNYrqizFhIC
 acx_uGiokzIpZoTmeFYtfZa3.wzcIbPBY73DTJQKGObcz8lub82Y-
X-Yahoo-SMTP: KDkTLsqswBBCmUTAOzBaZ_hLyVQzFsoqgrhYGNK2rJDiXlA-
Subject: Re: Crypto overhaul
To: Poul-Henning Kamp <phk@phk.freebsd.dk>,
 Eric McCorkle <eric@metricspace.net>,
 Nathan Whitehorn <nwhitehorn@freebsd.org>,
 "freebsd-security@freebsd.org security" <freebsd-security@freebsd.org>,
 Ben Laurie <ben@links.org>, pg@eth1.com,
 Jeremiasfeliz <jeremiasfeliz@hotmail.com>
References: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net>
 <CAG5KPzws=jmF2wLeEAz8Lzn7Ugude=0w5neoQjeDjYnGtJpS9Q@mail.gmail.com>
 <13959.1509132270@critter.freebsd.dk>
From: Jules Gilbert <repeatable_compression@yahoo.com>
Message-ID: <ca32d2f5-59a6-f245-0fa0-21d06e731e95@yahoo.com>
Date: Fri, 27 Oct 2017 19:17:23 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <13959.1509132270@critter.freebsd.dk>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 23:17:36 -0000

These days no one talks about how wonderful CPM was, we used it because 
at one time, it was the only OS available.

So what is our excuse for using SSL?, because I'm fairly certain the NSA 
and just about everyone else in the neighborhood has hacked it.

Question for the group...  Does anyone believe that factoring is 
actually hard.  It was once, I know.  But today?

I'm not a crypto person, but even I wrote a simple factoring program.  
In C, using MAPM.  I produce a few of the left-most bits for a,b, where:

c = a*b;

where a is:  3 .. sqrt(c)

and (of course,) b must be: greater than sqrt(c)

from this I bisect the space of 3 .. sqrt(c) and begin the recursive 
descent.  The program does about 5,000 prime pairs an hour and this 
using MAPM!!

I gave away the source code, let me know if you didn't get a copy.  
You'll need g++ and MAPM




On 10/27/2017 3:24 PM, Poul-Henning Kamp wrote:

> --------IQjeDjYnGtJpS9Q@mail.gmail.com>
> , Ben Laurie writes:
>
>> OpenSSL includes (and is used for) lots of crypto that is not used in
>> SSL - since BearSSL targets SSL/TLS only, it can't, presumably, be
>> used to replace all uses of OpenSSL.
> Which implicitly raises the question if we really need all the
> boatloads of crap OpenSSL drags in, or if we would be in a better
> position with something simpler and saner ?
>