Simon Josefsson <[EMAIL PROTECTED]> writes: >The second problem is that the "parameters" field can ALSO be used to store >data that may be used to manipulate the signature value into being a cube. >To my knowledge, this was discovered by Yutaka Oiwa, Kazukuni Kobara, Hajime >Watanabe. I didn't attend Crypto 06, but as far as I understand from Hal's >post, this aspect was not discussed. Their analysis isn't public yet, as far >as I know.
Can you make a guess at what it is? Is it the fact that you can have NULL parameters for algorithms or optionally non-NULL parameters? Changing this could be tricky because there are all sorts of inconsistencies both in standards and implementations, the standard practice has been to skip the parameters field because if you don't, things break. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
