A note on vendor reaction speed to the e=3 problem

Thread: A note on vendor reaction speed to the e=3 problem

Search this list only Search all lists
A note on vendor reaction speed to the e=3 problem
	2006-09-16 22:46:47
> > RFC-2440 actually gives the exact bytes to use for the > > ASN.1 stuff, which nicely cuts down on ambiguity. > > This amounts to not using ASN.1 - treating the ASN.1 > data as mere arbitrary padding bits, devoid of > information content. Again, not quite right. You have to do a memcmp() and make sure you've got the right arbitrary padding bits. Anyway, the attack applies even if you throw away the ASN.1 data. William ------------------------------------------------------------ --------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomometzdowd.com

A note on vendor reaction speed to the e=3 problem
	2006-09-17 02:19:09
-- Whyte, William wrote: > Anyway, the attack applies even if you throw away the > ASN.1 data. If you ignore the ASN.1 data you expect the hash to be in a fixed byte position, so the attack does not apply. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG qF2+GCfNPchHe4vzSkkYoOEjOI5i/kZtLIlyTUbX 45tXJAuT/Tj9w0qpg0VFij8GrtY2JXG05fj6YE6M2 ------------------------------------------------------------ --------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomometzdowd.com

[1-2]