James Muir wrote: > Can anyone think of a deployed implementation of RSA > signatures that would be vulnerable to the attack > Shamir mentions? Hashing and message blinding would > seem to thwart it.
As I said, public key encryption has long been known to be weak against chosen plaintext and chosen cryptotext - so protocols have long been designed to prevent this sort of attack. If they are not so designed, they were known to be weak before this attack was discovered. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
