[Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack"

Florian Weimer fw at deneb.enyo.de
Sat Sep 3 04:24:22 EDT 2016

* Jeff Burdges:

> On Fri, 2016-09-02 at 07:52 +0200, Florian Weimer wrote:
>> Why bother with patching public keys, making them amenable to
>> factorization, if you can patch executable code instead?
>> If you can target executable code (and I see why not, it's all the
>> same to KSM), it is very clear that there cannot be a software-only
>> defense.  (The authors try to frame this as a software problem which
>> needs fixes in GnuPG etc.)
> If your fault is random, then targeting the key is often more
> profitable, ala Lenstra's attack on RSA.

Do you mean Lenstra's attack on unverified CRT?  It targets RSA
signing operations, while the paper discusses an attack on RSA
signature verification.

More information about the cryptography mailing list