[Cryptography] Vulnerability of RSA vs. DLP to single-bit faults

dj at deadhat.com dj at deadhat.com
Fri Nov 7 18:55:37 EST 2014

> On 7 Nov 2014 16:01 -0500, from leichter at lrw.com (Jerry Leichter):
>> So if the original checksum function was C(x), you've replaced it by
>> C(ASCII(x)), where ASCII(x) converts x into a series of decimal
>> digits. Why is that a better checksum than C() was? If the answer is
>> that C(0) = 0 so it's vulnerable to "stuck at 0" faults, then you're
>> simply saying that C was a bad checksum (for this purpose) to begin
>> with. Why not choose a better one in some disciplined way, rather
>> using the arbitrary technique?

CCITT CRC32 inverts the initial state so that C(0) != 0

More information about the cryptography mailing list