[14327] in cryptography@c2.net mail archive
Re: A quick question...
daemon@ATHENA.MIT.EDU (Paul Walker)
Sun Sep 28 20:43:07 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 29 Sep 2003 00:08:35 +0100
From: Paul Walker <paul@black-sun.demon.co.uk>
To: Greg Rose <ggr@qualcomm.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <5.1.0.14.2.20030929082220.02581ea8@203.30.171.17>
On Mon, Sep 29, 2003 at 08:33:59AM +1000, Greg Rose wrote:
> common values. It also relies on using some rawly implemented RSA, so that
> all that is in the RSA payload is the hash, and nothing else. This
> violates all the standards that specify that the payload should be padded
The code which implements all of this has to run in <6KB of code space, so
it's entirely possible that they hacked together their own routines to deal
with it. Almost certain, in fact - I don't think there's a compiler
available, so any library would have to be rewritten in assembler anyway.
(Sorry I can't be more precise here, but I'm sure you can appreciate why.)
[snip explanation]
> Others may want to correct me or elaborate further, but I think that's
> correct.
It certainly makes much more sense than the scrambled version I had before,
and fits with what cryptography I already knew. I still don't think it's a
particularly *practical* attack, but I could easily be wrong there, and it
only needs one. ;-)
Many thanks for your time!
Cheers,
--
Paul
"I'm not sure if this is a good or a bad thing.
Probably a bad thing; most things are bad things."
-- Nile Evil Bastard
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
