Hacker News new | past | comments | ask | show | jobs | submit login

I actually wrote that comment back in the day. I was rather snarky and unhelpful it seems.

The code for the sshd does not seem to be there anymore, but from memory: it did not check if the number sent by Bob was 0, 1, or any any other groups that would make it easy solve the discrete logarithm problem. I don't think it bothered to check the primes either. [1] I think there was also something wrong with the signature checking (padding not checked maybe?).

Altogether it seemed like you could easily MITM connections made to the server, but I don't think I ever tried. It was a perfect example--to me at least--of why you should not spend a trivial amount of time reading about crypto on Wikipedia and then writing crypto code.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact