[18807] in cryptography@c2.net mail archive
RE: [smb@cs.columbia.edu: Skype security evaluation]
daemon@ATHENA.MIT.EDU (Whyte, William)
Mon Oct 31 11:42:46 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 31 Oct 2005 09:48:35 -0500
From: "Whyte, William" <WWhyte@ntru.com>
To: "cyphrpunk" <cyphrpunk@gmail.com>, <cypherpunks@jfet.org>,
<cryptography@metzdowd.com>
A similar approach enabled Bleichenbacher's SSL attack on=20
RSA with PKCS#1 padding. This sounds very dangerous to me.
William=20
> -----Original Message-----
> From: owner-cryptography@metzdowd.com=20
> [mailto:owner-cryptography@metzdowd.com] On Behalf Of cyphrpunk
> Sent: Friday, October 28, 2005 5:07 AM
> To: cypherpunks@jfet.org; cryptography@metzdowd.com
> Subject: Re: [smb@cs.columbia.edu: Skype security evaluation]
>=20
> Wasn't there a rumor last year that Skype didn't do any encryption
> padding, it just did a straight exponentiation of the plaintext?
>=20
> Would that be safe, if as the report suggests, the data being
> encrypted is 128 random bits (and assuming the encryption exponent is
> considerably bigger than 3)? Seems like it's probably OK. A bit risky
> perhaps to ride bareback like that but I don't see anything inherently
> fatal.
>=20
> CP
>=20
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to=20
> majordomo@metzdowd.com
>=20
>=20
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
