[8589] in cryptography@c2.net mail archive
Bleichenbacher finds flaw in DSA
daemon@ATHENA.MIT.EDU (Steve Bellovin)
Sun Feb 11 13:49:42 2001
From: Steve Bellovin <smb@research.att.com>
To: cryptography@c2.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 09 Feb 2001 15:03:48 -0500
Message-Id: <20010209200348.BEDC535C42@berkshire.research.att.com>
According to CNN, Daniel Bleichenbacher has found a flaw in the
NIST-standard Digital Signature Algorithm. See
http://www.cnn.com/2001/TECH/internet/02/06/DSA.flaw.idg/index.html
for some details. Bleichenbacher says that he'll be presenting the
paper at Eurocrypt; it is not yet publicly available.
The attack is quite expensive; it requires O(2^64) operations, several
terabytes of memory, and 2^22 signed messages.
--Steve Bellovin, http://www.research.att.com/~smb
