A common RSA implementation mistake explained
<p>Back in August, I attended the <a href="http://www.iacr.org/conferences/crypto2006/">CRYPTO 2006</a> conference in Santa Barbara, where Daniel Bleichenbacher gave an eye-opening talk that highlighted a very common implementation mistake people make with the RSA cryptosystem. Since my own background is in cryptography I thought I would try to describe not only this common mistake and its implications, but also some details regarding why this mistake leads to vulnerabilities, in a way that’s hopefully suitable for a wide audience. For those who don’t recognize the name, Daniel is a well-known and brilliant cryptographer who, among other things, found cryptographic flaws in SSL v3.0 and also the random number generator associated with the Digital Signature Algorithm. Well, he is at it again! </p>
http://www.symantec.com/enterprise/security_response/weblog/2006/10/a_common_rsa_implementation_mi.html
http://www.symantec.com/enterprise/security_response/weblog/2006/10/a_common_rsa_implementation_mi.html
Thu, 26 Oct 2006 07:00:00 -0800
Linear Mode
