On Sat, Jun 30, 2012 at 11:11 PM, Noon Silk <[email protected]> wrote: > From: > http://blog.cryptographyengineering.com/2012/06/bad-couple-of-years-for-cryptographic.html > > "Here's the postage stamp version: due to a perfect storm of (subtle, > but not novel) cryptographic flaws, an attacker can extract sensitive > keys from several popular cryptographic token devices. This is > obviously not good, and it may have big implications for people who > depend on tokens for their day-to-day security. [...] The more > specific (and important) lesson for cryptographic implementers is: if > you're using PKCS#1v1.5 padding for RSA encryption, cut it out. > Really. This is the last warning you're going to get." > > Direct link to the paper: > http://hal.inria.fr/docs/00/70/47/90/PDF/RR-7944.pdf - Efficient > Padding Oracle Attacks on Cryptographic Hardware by Bardou, Focardi, > Kawamoto, Simionato, Steel and Tsay Thanks for the link, Noon.
So I'm clear here: this applies to RSA Encryption. Are RSA Signatures still safe when using PKCS v1.5 padding? Jeff _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
