Re: [cryptography] Key extraction from tokens (RSA SecurID, etc) via padding attacks on PKCS#1v1.5

James A. Donald Sun, 01 Jul 2012 19:55:30 -0700

http://blog.cryptographyengineering.com/2012/06/bad-couple-of-years-for-cryptographic.html

To avoid padding oracle attacks, always use authenticated encryption,such that a corrupted message always generates the same response in thesame time.



_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] Key extraction from tokens (RSA SecurID, etc) via padding attacks on PKCS#1v1.5

Reply via email to