Detecting attempts to decrypt with incorrect secret key in OWASP ESAPI

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Sep 17 01:20:33 EDT 2009


"Kevin W. Wall" <kevin.w.wall at gmail.com> writes:

>(Obviously some of these padding schemes such as OAEP are not suitable with
>symmetric ciphers. Or at least I don't think they are.)

You'd be surprised at what JCE developers will implement just because they
can, and what therefore gets used by application developers.  I've seen 
RSA-CBC used on more than one occasion.

(No, that's not a typo, RSA in CBC mode.  The app developers wondered why it
was so slow).

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list