imon Josefsson wrote:
> Again, there is no problem in ASN.1 or PKCS#1 that is
> being exploited here, only an implementation flaw,
> even if it is an interesting one.

But why did several people independently implement the
same or similar flaws?

The answer is in Jack Lloyd's post:
> I wrote a decoder for PKCS#1 v1.5, realized it
> probably had bugs I wouldn't figure out until too
> late, [...] my PSS verification code is probably
> around twice the length of the PSS generation code,
> due to the need to check every stupid little thing.

         James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to