Matt Crawford <[EMAIL PROTECTED]> writes: > > RSA is subject to blinding attacks and several other failure modes if > > used without padding. For details on what that means, read the > > cyclopedia cryptologia article on RSA. > > > > http://www.disappearing-inc.com/R/rsa.html > > That brings on another amateur question. In that article it says, > "If the public exponent is less than a quarter of the modulus, RSA > can be insecure." > > Well, the public exponents I've seen range from 17 to 65537. What > gives? Is this just one of the many weaknesses mitigated by proper > padding? Yes. Notice that the next sentence was:
"You should consider padding every block encrypted with RSA with randomized salt, if you can; 100 bits or more will make any of these attacks fail completely." -Ekr -- [Eric Rescorla [EMAIL PROTECTED]] http://www.rtfm.com/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]