|
Packit |
aea12f |
rsa-md5-collision README -- Information about rsa-md5-collision self tests.
|
|
Packit |
aea12f |
Copyright (C) 2006-2012 Free Software Foundation, Inc.
|
|
Packit |
aea12f |
See the end for copying conditions.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
This directory contains colliding X.509 certificates for different
|
|
Packit |
aea12f |
identities, from:
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
http://www.win.tue.nl/hashclash/TargetCollidingCertificates/
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
The certificates are used by a simple self-test script,
|
|
Packit |
aea12f |
rsa-md5-collision, that check to make sure that GnuTLS reject both
|
|
Packit |
aea12f |
certificate chains.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Below is the e-mail exchanges with the authors where they agree to
|
|
Packit |
aea12f |
release the certificates under a permissive license, that allow the
|
|
Packit |
aea12f |
files to be included here.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
X-Hashcash: 1:22:061024:m.m.j.stevens@student.tue.nl::NIoLZwQj6TTZ4YZK:BUuA
|
|
Packit |
aea12f |
X-Hashcash: 1:22:061024:arjen.lenstra@epfl.ch::NgTq8sJW1QBlX/rv:g9Z
|
|
Packit |
aea12f |
From: Simon Josefsson <jas@extundo.com>
|
|
Packit |
aea12f |
To: "Weger\, B.M.M. de" <b.m.m.d.weger@TUE.nl>, m.m.j.stevens@student.tue.nl, arjen.lenstra@epfl.ch
|
|
Packit |
aea12f |
Subject: Re: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
References: <DFA3206A564B80499B87B89B49BCD3135DC17A@EXCHANGE3.campus.tue.nl>
|
|
Packit |
aea12f |
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
|
|
Packit |
aea12f |
X-Draft-From: ("gmane.ietf.irtf.cfrg" 784)
|
|
Packit |
aea12f |
X-Hashcash: 1:22:061024:b.m.m.d.weger@tue.nl::aYYmnRc08nJKaUMk:6ddD
|
|
Packit |
aea12f |
Date: Tue, 24 Oct 2006 08:28:07 +0200
|
|
Packit |
aea12f |
In-Reply-To: <DFA3206A564B80499B87B89B49BCD3135DC17A@EXCHANGE3.campus.tue.nl>
|
|
Packit |
aea12f |
(B. M. M. de Weger's message of "Mon\, 23 Oct 2006 23\:58\:21 +0200")
|
|
Packit |
aea12f |
Message-ID: <87ods2grd4.fsf@latte.josefsson.org>
|
|
Packit |
aea12f |
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
|
|
Packit |
aea12f |
MIME-Version: 1.0
|
|
Packit |
aea12f |
Content-Type: text/plain; charset=us-ascii
|
|
Packit |
aea12f |
Lines: 48
|
|
Packit |
aea12f |
Xref: localhost.localdomain rsa-md5:1
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Great work, thanks!
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
I'd like to include your certificates in GnuTLS, a TLS implementation
|
|
Packit |
aea12f |
that supports X.509, as self-tests of the certificate verification
|
|
Packit |
aea12f |
logic. Is this OK with you?
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Btw, Gnutls rejected the certificates, we already disable MD5 for
|
|
Packit |
aea12f |
verification purposes. :)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
For our legal department, I'd like a clarification of the license on
|
|
Packit |
aea12f |
the data, would you agree to release the certificates under the
|
|
Packit |
aea12f |
following license?
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Copying and distribution of this file, with or without modification,
|
|
Packit |
aea12f |
are permitted in any medium without royalty provided the copyright
|
|
Packit |
aea12f |
notice and this notice are preserved.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Also, if any other authors contributed, they would have to agree to
|
|
Packit |
aea12f |
this license as well. Are there other authors?
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Best regards, and thanks in advance,
|
|
Packit |
aea12f |
Simon
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
> Hi all,
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> We announce:
|
|
Packit |
aea12f |
> - an example of a target collision for MD5; this means:
|
|
Packit |
aea12f |
> for two chosen messages m1 and m2 we have constructed
|
|
Packit |
aea12f |
> appendages b1 and b2 to make the messages collide
|
|
Packit |
aea12f |
> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
|
|
Packit |
aea12f |
> said differently: we can cause an MD5 collision for
|
|
Packit |
aea12f |
> any pair of distinct IHVs;
|
|
Packit |
aea12f |
> - an example of a pair of valid, unsuspicious X.509
|
|
Packit |
aea12f |
> certificates with distinct Distinguished Name fields,
|
|
Packit |
aea12f |
> but identical CA signatures; this example makes use
|
|
Packit |
aea12f |
> of the target collision.
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
|
|
Packit |
aea12f |
> where the certificates and a more detailed announcement
|
|
Packit |
aea12f |
> can be found.
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Marc Stevens
|
|
Packit |
aea12f |
> Arjen Lenstra
|
|
Packit |
aea12f |
> Benne de Weger
|
|
Packit |
aea12f |
Return-Path: <arjen.lenstra@epfl.ch>
|
|
Packit |
aea12f |
Received: from yxa.extundo.com ([unix socket])
|
|
Packit |
aea12f |
by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 08:32:12 +0200
|
|
Packit |
aea12f |
X-Sieve: CMU Sieve 2.2
|
|
Packit |
aea12f |
Received: from smtp1.epfl.ch (smtp1.epfl.ch [128.178.50.22])
|
|
Packit |
aea12f |
by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with SMTP id k9O6VvPx016489
|
|
Packit |
aea12f |
for <jas@extundo.com>; Tue, 24 Oct 2006 08:31:57 +0200
|
|
Packit |
aea12f |
Received: (qmail 16665 invoked by uid 107); 24 Oct 2006 06:31:51 -0000
|
|
Packit |
aea12f |
Received: from mailav1.epfl.ch (128.178.50.190)
|
|
Packit |
aea12f |
by smtp1.epfl.ch with SMTP; 24 Oct 2006 06:31:51 -0000
|
|
Packit |
aea12f |
Received: from (smtp2.epfl.ch [128.178.50.133]) by MAILAV1.epfl.ch with smtp
|
|
Packit |
aea12f |
id 3c76_55596730_6329_11db_9dfc_001143d18479;
|
|
Packit |
aea12f |
Tue, 24 Oct 2006 08:31:51 +0200
|
|
Packit |
aea12f |
Received: from rex1.epfl.ch (128.178.50.178)
|
|
Packit |
aea12f |
by smtp2.epfl.ch (AngelmatoPhylax SMTP proxy); Tue, 24 Oct 2006 08:31:51 +0200
|
|
Packit |
aea12f |
X-MimeOLE: Produced By Microsoft Exchange V6.5
|
|
Packit |
aea12f |
Content-class: urn:content-classes:message
|
|
Packit |
aea12f |
MIME-Version: 1.0
|
|
Packit |
aea12f |
Content-Type: text/plain;
|
|
Packit |
aea12f |
charset="iso-8859-1"
|
|
Packit |
aea12f |
Content-Transfer-Encoding: quoted-printable
|
|
Packit |
aea12f |
Subject: RE: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
Date: Tue, 24 Oct 2006 08:31:42 +0200
|
|
Packit |
aea12f |
Message-ID: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch>
|
|
Packit |
aea12f |
In-Reply-To: <87ods2grd4.fsf@latte.josefsson.org>
|
|
Packit |
aea12f |
X-MS-Has-Attach:
|
|
Packit |
aea12f |
X-MS-TNEF-Correlator:
|
|
Packit |
aea12f |
Thread-Topic: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
Thread-Index: Acb3NZO8kzaCp7NPSV29z2Ydtt/p5gAAEyEg
|
|
Packit |
aea12f |
From: "Arjen Lenstra" <arjen.lenstra@epfl.ch>
|
|
Packit |
aea12f |
To: "Simon Josefsson" <jas@extundo.com>,
|
|
Packit |
aea12f |
"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>,
|
|
Packit |
aea12f |
<m.m.j.stevens@student.tue.nl>
|
|
Packit |
aea12f |
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham
|
|
Packit |
aea12f |
version=3.1.1
|
|
Packit |
aea12f |
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
|
|
Packit |
aea12f |
X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com
|
|
Packit |
aea12f |
X-Virus-Status: Clean
|
|
Packit |
aea12f |
Lines: 75
|
|
Packit |
aea12f |
Xref: localhost.localdomain rsa-md5:2
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Hi,
|
|
Packit |
aea12f |
Thanks!
|
|
Packit |
aea12f |
I can't speak for my coauthors, but it's all fine with me, though I find =
|
|
Packit |
aea12f |
the year in your proposed copyright statement a bit odd (I would have =
|
|
Packit |
aea12f |
expected 2006). There are no more authros involved.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
best regards, Arjen Lenstra
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
----------------
|
|
Packit |
aea12f |
Arjen K. Lenstra a k l @ e p f l . c h
|
|
Packit |
aea12f |
EPFL IC LACAL
|
|
Packit |
aea12f |
INJ 330 (B=E2timent INJ)
|
|
Packit |
aea12f |
Station 14
|
|
Packit |
aea12f |
CH-1015 Lausanne, Switzerland
|
|
Packit |
aea12f |
T=E9l: + 41 21 693 8101
|
|
Packit |
aea12f |
Fax: + 41 21 693 7550
|
|
Packit |
aea12f |
=20
|
|
Packit |
aea12f |
=20
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
-----Original Message-----
|
|
Packit |
aea12f |
From: Simon Josefsson [mailto:jas@extundo.com]=20
|
|
Packit |
aea12f |
Sent: Tuesday, October 24, 2006 8:28 AM
|
|
Packit |
aea12f |
To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
|
|
Packit |
aea12f |
Subject: Re: target collisions and colliding certificates with different =
|
|
Packit |
aea12f |
identities
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Great work, thanks!
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
I'd like to include your certificates in GnuTLS, a TLS implementation
|
|
Packit |
aea12f |
that supports X.509, as self-tests of the certificate verification
|
|
Packit |
aea12f |
logic. Is this OK with you?
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Btw, Gnutls rejected the certificates, we already disable MD5 for
|
|
Packit |
aea12f |
verification purposes. :)
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
For our legal department, I'd like a clarification of the license on
|
|
Packit |
aea12f |
the data, would you agree to release the certificates under the
|
|
Packit |
aea12f |
following license?
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Copying and distribution of this file, with or without =
|
|
Packit |
aea12f |
modification,
|
|
Packit |
aea12f |
are permitted in any medium without royalty provided the copyright
|
|
Packit |
aea12f |
notice and this notice are preserved.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Also, if any other authors contributed, they would have to agree to
|
|
Packit |
aea12f |
this license as well. Are there other authors?
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Best regards, and thanks in advance,
|
|
Packit |
aea12f |
Simon
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
> Hi all,
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> We announce:
|
|
Packit |
aea12f |
> - an example of a target collision for MD5; this means:=20
|
|
Packit |
aea12f |
> for two chosen messages m1 and m2 we have constructed=20
|
|
Packit |
aea12f |
> appendages b1 and b2 to make the messages collide=20
|
|
Packit |
aea12f |
> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
|
|
Packit |
aea12f |
> said differently: we can cause an MD5 collision for=20
|
|
Packit |
aea12f |
> any pair of distinct IHVs;
|
|
Packit |
aea12f |
> - an example of a pair of valid, unsuspicious X.509=20
|
|
Packit |
aea12f |
> certificates with distinct Distinguished Name fields,=20
|
|
Packit |
aea12f |
> but identical CA signatures; this example makes use=20
|
|
Packit |
aea12f |
> of the target collision.
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
|
|
Packit |
aea12f |
> where the certificates and a more detailed announcement=20
|
|
Packit |
aea12f |
> can be found.
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Marc Stevens
|
|
Packit |
aea12f |
> Arjen Lenstra
|
|
Packit |
aea12f |
> Benne de Weger
|
|
Packit |
aea12f |
From: Simon Josefsson <jas@extundo.com>
|
|
Packit |
aea12f |
To: "Arjen Lenstra" <arjen.lenstra@epfl.ch>
|
|
Packit |
aea12f |
Cc: "Weger\, B.M.M. de" <b.m.m.d.weger@TUE.nl>, <m.m.j.stevens@student.tue.nl>
|
|
Packit |
aea12f |
Subject: Re: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
References: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch>
|
|
Packit |
aea12f |
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
|
|
Packit |
aea12f |
X-Draft-From: ("nnimap+yxa:INBOX.private.2006.10" 623)
|
|
Packit |
aea12f |
X-Hashcash: 1:22:061024:b.m.m.d.weger@tue.nl::pMR7JuXUTTt/Zjut:0aGD
|
|
Packit |
aea12f |
X-Hashcash: 1:22:061024:arjen.lenstra@epfl.ch::juw1iXMSKV62mZGj:CBbu
|
|
Packit |
aea12f |
X-Hashcash: 1:22:061024:m.m.j.stevens@student.tue.nl::SJdQwxRXP39Dw2C4:n6ia
|
|
Packit |
aea12f |
Date: Tue, 24 Oct 2006 08:43:59 +0200
|
|
Packit |
aea12f |
In-Reply-To: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch>
|
|
Packit |
aea12f |
(Arjen Lenstra's message of "Tue\, 24 Oct 2006 08\:31\:42 +0200")
|
|
Packit |
aea12f |
Message-ID: <87d58igqmo.fsf@latte.josefsson.org>
|
|
Packit |
aea12f |
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)
|
|
Packit |
aea12f |
MIME-Version: 1.0
|
|
Packit |
aea12f |
Content-Type: text/plain; charset=iso-8859-1
|
|
Packit |
aea12f |
Content-Transfer-Encoding: 8bit
|
|
Packit |
aea12f |
Lines: 80
|
|
Packit |
aea12f |
Xref: localhost.localdomain rsa-md5:3
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
"Arjen Lenstra" <arjen.lenstra@epfl.ch> writes:
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
> Hi,
|
|
Packit |
aea12f |
> Thanks!
|
|
Packit |
aea12f |
> I can't speak for my coauthors, but it's all fine with me, though I
|
|
Packit |
aea12f |
> find the year in your proposed copyright statement a bit odd (I
|
|
Packit |
aea12f |
> would have expected 2006). There are no more authros involved.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
|
|
Packit |
aea12f |
Benne also replied.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/Simon
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
> best regards, Arjen Lenstra
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> ----------------
|
|
Packit |
aea12f |
> Arjen K. Lenstra a k l @ e p f l . c h
|
|
Packit |
aea12f |
> EPFL IC LACAL
|
|
Packit |
aea12f |
> INJ 330 (Bâtiment INJ)
|
|
Packit |
aea12f |
> Station 14
|
|
Packit |
aea12f |
> CH-1015 Lausanne, Switzerland
|
|
Packit |
aea12f |
> Tél: + 41 21 693 8101
|
|
Packit |
aea12f |
> Fax: + 41 21 693 7550
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> -----Original Message-----
|
|
Packit |
aea12f |
> From: Simon Josefsson [mailto:jas@extundo.com]
|
|
Packit |
aea12f |
> Sent: Tuesday, October 24, 2006 8:28 AM
|
|
Packit |
aea12f |
> To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
|
|
Packit |
aea12f |
> Subject: Re: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Great work, thanks!
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> I'd like to include your certificates in GnuTLS, a TLS implementation
|
|
Packit |
aea12f |
> that supports X.509, as self-tests of the certificate verification
|
|
Packit |
aea12f |
> logic. Is this OK with you?
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Btw, Gnutls rejected the certificates, we already disable MD5 for
|
|
Packit |
aea12f |
> verification purposes. :)
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> For our legal department, I'd like a clarification of the license on
|
|
Packit |
aea12f |
> the data, would you agree to release the certificates under the
|
|
Packit |
aea12f |
> following license?
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Copying and distribution of this file, with or without modification,
|
|
Packit |
aea12f |
> are permitted in any medium without royalty provided the copyright
|
|
Packit |
aea12f |
> notice and this notice are preserved.
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Also, if any other authors contributed, they would have to agree to
|
|
Packit |
aea12f |
> this license as well. Are there other authors?
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Best regards, and thanks in advance,
|
|
Packit |
aea12f |
> Simon
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
>> Hi all,
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> We announce:
|
|
Packit |
aea12f |
>> - an example of a target collision for MD5; this means:
|
|
Packit |
aea12f |
>> for two chosen messages m1 and m2 we have constructed
|
|
Packit |
aea12f |
>> appendages b1 and b2 to make the messages collide
|
|
Packit |
aea12f |
>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
|
|
Packit |
aea12f |
>> said differently: we can cause an MD5 collision for
|
|
Packit |
aea12f |
>> any pair of distinct IHVs;
|
|
Packit |
aea12f |
>> - an example of a pair of valid, unsuspicious X.509
|
|
Packit |
aea12f |
>> certificates with distinct Distinguished Name fields,
|
|
Packit |
aea12f |
>> but identical CA signatures; this example makes use
|
|
Packit |
aea12f |
>> of the target collision.
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
|
|
Packit |
aea12f |
>> where the certificates and a more detailed announcement
|
|
Packit |
aea12f |
>> can be found.
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> Marc Stevens
|
|
Packit |
aea12f |
>> Arjen Lenstra
|
|
Packit |
aea12f |
>> Benne de Weger
|
|
Packit |
aea12f |
Return-Path: <m.m.j.stevens@student.tue.nl>
|
|
Packit |
aea12f |
Received: from yxa.extundo.com ([unix socket])
|
|
Packit |
aea12f |
by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 09:23:28 +0200
|
|
Packit |
aea12f |
X-Sieve: CMU Sieve 2.2
|
|
Packit |
aea12f |
Received: from ipact2.infopact.nl (ipact2.infopact.nl [212.29.160.71])
|
|
Packit |
aea12f |
by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id k9O7NIbh023920
|
|
Packit |
aea12f |
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
|
|
Packit |
aea12f |
for <jas@extundo.com>; Tue, 24 Oct 2006 09:23:22 +0200
|
|
Packit |
aea12f |
Received: from ipact2.infopact.nl (localhost.localdomain [127.0.0.1])
|
|
Packit |
aea12f |
by ipact2.infopact.nl (8.13.7/8.13.7) with ESMTP id k9O7NAZd008636
|
|
Packit |
aea12f |
for <jas@extundo.com>; Tue, 24 Oct 2006 09:23:11 +0200
|
|
Packit |
aea12f |
Received: (from defang@localhost)
|
|
Packit |
aea12f |
by ipact2.infopact.nl (8.13.7/8.13.7/Submit) id k9O7J939006762
|
|
Packit |
aea12f |
for <jas@extundo.com>; Tue, 24 Oct 2006 09:19:09 +0200
|
|
Packit |
aea12f |
Received: from smtp.banaan.org (72-130-ftth.onsnet.nu [88.159.130.72])
|
|
Packit |
aea12f |
by ipact2.infopact.nl (envelope-sender <m.m.j.stevens@student.tue.nl>) (MIMEDefang) with ESMTP id k9O7J72W006742; Tue, 24 Oct 2006 09:19:09 +0200 (CEST)
|
|
Packit |
aea12f |
Received: by smtp.banaan.org (Postfix, from userid 1018)
|
|
Packit |
aea12f |
id DE1B689D80; Tue, 24 Oct 2006 09:19:06 +0200 (CEST)
|
|
Packit |
aea12f |
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
|
|
Packit |
aea12f |
X-Spam-Level:
|
|
Packit |
aea12f |
X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,FORGED_RCVD_HELO
|
|
Packit |
aea12f |
autolearn=ham version=3.1.1
|
|
Packit |
aea12f |
Received: from s478591 (cp688553-a.tilbu1.nb.home.nl [84.24.55.50])
|
|
Packit |
aea12f |
by smtp.banaan.org (Postfix) with ESMTP id 5EE4889EF9;
|
|
Packit |
aea12f |
Tue, 24 Oct 2006 09:18:57 +0200 (CEST)
|
|
Packit |
aea12f |
Message-ID: <03cf01c6f73c$a8923390$8702a8c0@s478591>
|
|
Packit |
aea12f |
From: "Marc Stevens" <m.m.j.stevens@student.tue.nl>
|
|
Packit |
aea12f |
To: "Simon Josefsson" <jas@extundo.com>,
|
|
Packit |
aea12f |
"Arjen Lenstra" <arjen.lenstra@epfl.ch>
|
|
Packit |
aea12f |
Cc: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>
|
|
Packit |
aea12f |
References: <D449110BB7036C4297225E473599E77067DD0A@rex1.intranet.epfl.ch> <87d58igqmo.fsf@latte.josefsson.org>
|
|
Packit |
aea12f |
Subject: Re: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
Date: Tue, 24 Oct 2006 09:18:50 +0200
|
|
Packit |
aea12f |
MIME-Version: 1.0
|
|
Packit |
aea12f |
Content-Type: text/plain;
|
|
Packit |
aea12f |
format=flowed;
|
|
Packit |
aea12f |
charset="iso-8859-1";
|
|
Packit |
aea12f |
reply-type=original
|
|
Packit |
aea12f |
Content-Transfer-Encoding: 8bit
|
|
Packit |
aea12f |
X-Priority: 3
|
|
Packit |
aea12f |
X-MSMail-Priority: Normal
|
|
Packit |
aea12f |
X-Mailer: Microsoft Outlook Express 6.00.2900.2869
|
|
Packit |
aea12f |
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
|
|
Packit |
aea12f |
X-Scanned-By: MIMEDefang - SpamAssassin on 212.29.160.71
|
|
Packit |
aea12f |
X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com
|
|
Packit |
aea12f |
X-Virus-Status: Clean
|
|
Packit |
aea12f |
Lines: 101
|
|
Packit |
aea12f |
Xref: localhost.localdomain rsa-md5:4
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Hi Simon,
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Thanks!
|
|
Packit |
aea12f |
I am also okay with the proposed license.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Kind regards,
|
|
Packit |
aea12f |
Marc
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
----- Original Message -----
|
|
Packit |
aea12f |
From: "Simon Josefsson" <jas@extundo.com>
|
|
Packit |
aea12f |
To: "Arjen Lenstra" <arjen.lenstra@epfl.ch>
|
|
Packit |
aea12f |
Cc: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>;
|
|
Packit |
aea12f |
<m.m.j.stevens@student.tue.nl>
|
|
Packit |
aea12f |
Sent: Tuesday, October 24, 2006 8:43 AM
|
|
Packit |
aea12f |
Subject: Re: target collisions and colliding certificates with different
|
|
Packit |
aea12f |
identities
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
> "Arjen Lenstra" <arjen.lenstra@epfl.ch> writes:
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
>> Hi,
|
|
Packit |
aea12f |
>> Thanks!
|
|
Packit |
aea12f |
>> I can't speak for my coauthors, but it's all fine with me, though I
|
|
Packit |
aea12f |
>> find the year in your proposed copyright statement a bit odd (I
|
|
Packit |
aea12f |
>> would have expected 2006). There are no more authros involved.
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
|
|
Packit |
aea12f |
> Benne also replied.
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
> /Simon
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
>> best regards, Arjen Lenstra
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> ----------------
|
|
Packit |
aea12f |
>> Arjen K. Lenstra a k l @ e p f l . c h
|
|
Packit |
aea12f |
>> EPFL IC LACAL
|
|
Packit |
aea12f |
>> INJ 330 (Bâtiment INJ)
|
|
Packit |
aea12f |
>> Station 14
|
|
Packit |
aea12f |
>> CH-1015 Lausanne, Switzerland
|
|
Packit |
aea12f |
>> Tél: + 41 21 693 8101
|
|
Packit |
aea12f |
>> Fax: + 41 21 693 7550
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> -----Original Message-----
|
|
Packit |
aea12f |
>> From: Simon Josefsson [mailto:jas@extundo.com]
|
|
Packit |
aea12f |
>> Sent: Tuesday, October 24, 2006 8:28 AM
|
|
Packit |
aea12f |
>> To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
|
|
Packit |
aea12f |
>> Subject: Re: target collisions and colliding certificates with different
|
|
Packit |
aea12f |
>> identities
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> Great work, thanks!
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> I'd like to include your certificates in GnuTLS, a TLS implementation
|
|
Packit |
aea12f |
>> that supports X.509, as self-tests of the certificate verification
|
|
Packit |
aea12f |
>> logic. Is this OK with you?
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> Btw, Gnutls rejected the certificates, we already disable MD5 for
|
|
Packit |
aea12f |
>> verification purposes. :)
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> For our legal department, I'd like a clarification of the license on
|
|
Packit |
aea12f |
>> the data, would you agree to release the certificates under the
|
|
Packit |
aea12f |
>> following license?
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra, Benne de Weger
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> Copying and distribution of this file, with or without modification,
|
|
Packit |
aea12f |
>> are permitted in any medium without royalty provided the copyright
|
|
Packit |
aea12f |
>> notice and this notice are preserved.
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> Also, if any other authors contributed, they would have to agree to
|
|
Packit |
aea12f |
>> this license as well. Are there other authors?
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> Best regards, and thanks in advance,
|
|
Packit |
aea12f |
>> Simon
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>> "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
|
|
Packit |
aea12f |
>>
|
|
Packit |
aea12f |
>>> Hi all,
|
|
Packit |
aea12f |
>>>
|
|
Packit |
aea12f |
>>> We announce:
|
|
Packit |
aea12f |
>>> - an example of a target collision for MD5; this means:
|
|
Packit |
aea12f |
>>> for two chosen messages m1 and m2 we have constructed
|
|
Packit |
aea12f |
>>> appendages b1 and b2 to make the messages collide
|
|
Packit |
aea12f |
>>> under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
|
|
Packit |
aea12f |
>>> said differently: we can cause an MD5 collision for
|
|
Packit |
aea12f |
>>> any pair of distinct IHVs;
|
|
Packit |
aea12f |
>>> - an example of a pair of valid, unsuspicious X.509
|
|
Packit |
aea12f |
>>> certificates with distinct Distinguished Name fields,
|
|
Packit |
aea12f |
>>> but identical CA signatures; this example makes use
|
|
Packit |
aea12f |
>>> of the target collision.
|
|
Packit |
aea12f |
>>>
|
|
Packit |
aea12f |
>>> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
|
|
Packit |
aea12f |
>>> where the certificates and a more detailed announcement
|
|
Packit |
aea12f |
>>> can be found.
|
|
Packit |
aea12f |
>>>
|
|
Packit |
aea12f |
>>> Marc Stevens
|
|
Packit |
aea12f |
>>> Arjen Lenstra
|
|
Packit |
aea12f |
>>> Benne de Weger
|
|
Packit |
aea12f |
>
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Return-Path: <b.m.m.d.weger@TUE.nl>
|
|
Packit |
aea12f |
Received: from yxa.extundo.com ([unix socket])
|
|
Packit |
aea12f |
by yxa-iv (Cyrus v2.1.18-IPv6-Debian-2.1.18-1+sarge2) with LMTP; Tue, 24 Oct 2006 10:55:48 +0200
|
|
Packit |
aea12f |
X-Sieve: CMU Sieve 2.2
|
|
Packit |
aea12f |
Received: from mailhost.tue.nl (mailhost.tue.nl [131.155.2.19])
|
|
Packit |
aea12f |
by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id k9O8te8O005696
|
|
Packit |
aea12f |
for <jas@extundo.com>; Tue, 24 Oct 2006 10:55:40 +0200
|
|
Packit |
aea12f |
Received: from localhost (localhost [127.0.0.1])
|
|
Packit |
aea12f |
by mailhost.tue.nl (Postfix) with ESMTP id B6C745C297;
|
|
Packit |
aea12f |
Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
|
|
Packit |
aea12f |
X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on yxa.extundo.com
|
|
Packit |
aea12f |
X-Virus-Scanned: amavisd-new at tue.nl
|
|
Packit |
aea12f |
Received: from mailhost.tue.nl ([131.155.2.19])
|
|
Packit |
aea12f |
by localhost (pastinakel.tue.nl [127.0.0.1]) (amavisd-new, port 10024)
|
|
Packit |
aea12f |
with ESMTP id 84pZYnFvD8HO; Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
|
|
Packit |
aea12f |
Received: from EXCHANGE3.campus.tue.nl (xserver3.campus.tue.nl [131.155.6.6])
|
|
Packit |
aea12f |
by mailhost.tue.nl (Postfix) with ESMTP id 1CFE55C293;
|
|
Packit |
aea12f |
Tue, 24 Oct 2006 10:55:39 +0200 (CEST)
|
|
Packit |
aea12f |
X-MimeOLE: Produced By Microsoft Exchange V6.5
|
|
Packit |
aea12f |
Content-class: urn:content-classes:message
|
|
Packit |
aea12f |
MIME-Version: 1.0
|
|
Packit |
aea12f |
Content-Type: text/plain;
|
|
Packit |
aea12f |
charset="iso-8859-1"
|
|
Packit |
aea12f |
Content-Transfer-Encoding: quoted-printable
|
|
Packit |
aea12f |
Subject: RE: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
Date: Tue, 24 Oct 2006 10:55:38 +0200
|
|
Packit |
aea12f |
Message-ID: <DFA3206A564B80499B87B89B49BCD3135DC263@EXCHANGE3.campus.tue.nl>
|
|
Packit |
aea12f |
In-Reply-To: <87d58igqmo.fsf@latte.josefsson.org>
|
|
Packit |
aea12f |
X-MS-Has-Attach:
|
|
Packit |
aea12f |
X-MS-TNEF-Correlator:
|
|
Packit |
aea12f |
Thread-Topic: target collisions and colliding certificates with different identities
|
|
Packit |
aea12f |
Thread-Index: Acb3N816trM39dt6Tmef1RZSgSRhMQAEdpog
|
|
Packit |
aea12f |
From: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>
|
|
Packit |
aea12f |
To: "Simon Josefsson" <jas@extundo.com>
|
|
Packit |
aea12f |
Cc: "Stevens, M.M.J." <M.M.J.Stevens@student.tue.nl>,
|
|
Packit |
aea12f |
"Arjen Lenstra" <arjen.lenstra@epfl.ch>
|
|
Packit |
aea12f |
X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham
|
|
Packit |
aea12f |
version=3.1.1
|
|
Packit |
aea12f |
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on yxa-iv
|
|
Packit |
aea12f |
X-Virus-Status: Clean
|
|
Packit |
aea12f |
Lines: 123
|
|
Packit |
aea12f |
Xref: localhost.localdomain rsa-md5:5
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Hi Simon,
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
When your software rejects any MD5 certificate I don't see why
|
|
Packit |
aea12f |
you would use our colliding ones, doesn't it mean that you'll=20
|
|
Packit |
aea12f |
have more explaining to do?
|
|
Packit |
aea12f |
But when you want it this way, it's fine with me too.
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
Grtz,
|
|
Packit |
aea12f |
Benne
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
|
|
Packit |
aea12f |
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
|
|
Packit |
aea12f |
Technische Universiteit Eindhoven
|
|
Packit |
aea12f |
Coding & Crypto Groep
|
|
Packit |
aea12f |
Faculteit Wiskunde en Informatica
|
|
Packit |
aea12f |
Den Dolech 2
|
|
Packit |
aea12f |
Postbus 513
|
|
Packit |
aea12f |
5600 MB Eindhoven
|
|
Packit |
aea12f |
kamer: HG 9.84
|
|
Packit |
aea12f |
tel.: (040) 247 2704, bgg 5141
|
|
Packit |
aea12f |
e-mail: b.m.m.d.weger@tue.nl
|
|
Packit |
aea12f |
www: http://www.win.tue.nl/~bdeweger
|
|
Packit |
aea12f |
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
|
|
Packit |
aea12f |
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
=20
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
> -----Original Message-----
|
|
Packit |
aea12f |
> From: Simon Josefsson [mailto:jas@extundo.com]=20
|
|
Packit |
aea12f |
> Sent: dinsdag 24 oktober 2006 8:44
|
|
Packit |
aea12f |
> To: Arjen Lenstra
|
|
Packit |
aea12f |
> Cc: Weger, B.M.M. de; Stevens, M.M.J.
|
|
Packit |
aea12f |
> Subject: Re: target collisions and colliding certificates=20
|
|
Packit |
aea12f |
> with different identities
|
|
Packit |
aea12f |
>=20
|
|
Packit |
aea12f |
> "Arjen Lenstra" <arjen.lenstra@epfl.ch> writes:
|
|
Packit |
aea12f |
>=20
|
|
Packit |
aea12f |
> > Hi,
|
|
Packit |
aea12f |
> > Thanks!
|
|
Packit |
aea12f |
> > I can't speak for my coauthors, but it's all fine with me, though I
|
|
Packit |
aea12f |
> > find the year in your proposed copyright statement a bit odd (I
|
|
Packit |
aea12f |
> > would have expected 2006). There are no more authros involved.
|
|
Packit |
aea12f |
>=20
|
|
Packit |
aea12f |
> Thanks. Duh, I meant 2006, of course. I'd appreciate if Marc and
|
|
Packit |
aea12f |
> Benne also replied.
|
|
Packit |
aea12f |
>=20
|
|
Packit |
aea12f |
> /Simon
|
|
Packit |
aea12f |
>=20
|
|
Packit |
aea12f |
> > best regards, Arjen Lenstra
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > ----------------
|
|
Packit |
aea12f |
> > Arjen K. Lenstra a k l @ e p f l . c h
|
|
Packit |
aea12f |
> > EPFL IC LACAL
|
|
Packit |
aea12f |
> > INJ 330 (B=E2timent INJ)
|
|
Packit |
aea12f |
> > Station 14
|
|
Packit |
aea12f |
> > CH-1015 Lausanne, Switzerland
|
|
Packit |
aea12f |
> > T=E9l: + 41 21 693 8101
|
|
Packit |
aea12f |
> > Fax: + 41 21 693 7550
|
|
Packit |
aea12f |
> > =20
|
|
Packit |
aea12f |
> > =20
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > -----Original Message-----
|
|
Packit |
aea12f |
> > From: Simon Josefsson [mailto:jas@extundo.com]=20
|
|
Packit |
aea12f |
> > Sent: Tuesday, October 24, 2006 8:28 AM
|
|
Packit |
aea12f |
> > To: Weger, B.M.M. de; m.m.j.stevens@student.tue.nl; Arjen Lenstra
|
|
Packit |
aea12f |
> > Subject: Re: target collisions and colliding certificates=20
|
|
Packit |
aea12f |
> with different identities
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > Great work, thanks!
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > I'd like to include your certificates in GnuTLS, a TLS=20
|
|
Packit |
aea12f |
> implementation
|
|
Packit |
aea12f |
> > that supports X.509, as self-tests of the certificate=20
|
|
Packit |
aea12f |
> verification
|
|
Packit |
aea12f |
> > logic. Is this OK with you?
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > Btw, Gnutls rejected the certificates, we already disable MD5 for
|
|
Packit |
aea12f |
> > verification purposes. :)
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > For our legal department, I'd like a clarification of the license on
|
|
Packit |
aea12f |
> > the data, would you agree to release the certificates under the
|
|
Packit |
aea12f |
> > following license?
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > Copyright (c) 1996 Marc Stevens, Arjen K. Lenstra,=20
|
|
Packit |
aea12f |
> Benne de Weger
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > Copying and distribution of this file, with or without=20
|
|
Packit |
aea12f |
> modification,
|
|
Packit |
aea12f |
> > are permitted in any medium without royalty provided=20
|
|
Packit |
aea12f |
> the copyright
|
|
Packit |
aea12f |
> > notice and this notice are preserved.
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > Also, if any other authors contributed, they would have to agree to
|
|
Packit |
aea12f |
> > this license as well. Are there other authors?
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > Best regards, and thanks in advance,
|
|
Packit |
aea12f |
> > Simon
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> > "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
|
|
Packit |
aea12f |
> >
|
|
Packit |
aea12f |
> >> Hi all,
|
|
Packit |
aea12f |
> >>
|
|
Packit |
aea12f |
> >> We announce:
|
|
Packit |
aea12f |
> >> - an example of a target collision for MD5; this means:=20
|
|
Packit |
aea12f |
> >> for two chosen messages m1 and m2 we have constructed=20
|
|
Packit |
aea12f |
> >> appendages b1 and b2 to make the messages collide=20
|
|
Packit |
aea12f |
> >> under MD5, i.e. MD5(m1||b1) =3D MD5(m2||b2);
|
|
Packit |
aea12f |
> >> said differently: we can cause an MD5 collision for=20
|
|
Packit |
aea12f |
> >> any pair of distinct IHVs;
|
|
Packit |
aea12f |
> >> - an example of a pair of valid, unsuspicious X.509=20
|
|
Packit |
aea12f |
> >> certificates with distinct Distinguished Name fields,=20
|
|
Packit |
aea12f |
> >> but identical CA signatures; this example makes use=20
|
|
Packit |
aea12f |
> >> of the target collision.
|
|
Packit |
aea12f |
> >>
|
|
Packit |
aea12f |
> >> See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
|
|
Packit |
aea12f |
> >> where the certificates and a more detailed announcement=20
|
|
Packit |
aea12f |
> >> can be found.
|
|
Packit |
aea12f |
> >>
|
|
Packit |
aea12f |
> >> Marc Stevens
|
|
Packit |
aea12f |
> >> Arjen Lenstra
|
|
Packit |
aea12f |
> >> Benne de Weger
|
|
Packit |
aea12f |
>=20
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
----------------------------------------------------------------------
|
|
Packit |
aea12f |
Copying and distribution of this file, with or without modification,
|
|
Packit |
aea12f |
are permitted in any medium without royalty provided the copyright
|
|
Packit |
aea12f |
notice and this notice are preserved.
|