Exponent 3 damage spreads...
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Sep 14 01:27:48 EDT 2006
Simon Josefsson <jas at extundo.com> writes:
>The second problem is that the "parameters" field can ALSO be used to store
>data that may be used to manipulate the signature value into being a cube.
>To my knowledge, this was discovered by Yutaka Oiwa, Kazukuni Kobara, Hajime
>Watanabe. I didn't attend Crypto 06, but as far as I understand from Hal's
>post, this aspect was not discussed. Their analysis isn't public yet, as far
>as I know.
Can you make a guess at what it is? Is it the fact that you can have NULL
parameters for algorithms or optionally non-NULL parameters? Changing this
could be tricky because there are all sorts of inconsistencies both in
standards and implementations, the standard practice has been to skip the
parameters field because if you don't, things break.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list