A note on vendor reaction speed to the e=3 problem
Whyte, William
WWhyte at ntru.com
Sat Sep 16 18:46:47 EDT 2006
> > RFC-2440 actually gives the exact bytes to use for the
> > ASN.1 stuff, which nicely cuts down on ambiguity.
>
> This amounts to *not* using ASN.1 - treating the ASN.1
> data as mere arbitrary padding bits, devoid of
> information content.
Again, not quite right. You have to do a memcmp() and
make sure you've got the right arbitrary padding bits.
Anyway, the attack applies even if you throw away the
ASN.1 data.
William
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list