On Thu, Nov 08, 2012 at 03:22:24PM -0800, Morlock Elloi wrote:
However, if you use asymmetric crypto (say, 1024 or 2048-bit RSA), give only public key(s) to encrypting flows, and reserve the secret key(s) for modules that need the actual plaintext access (a rare situation in practice), then:
Do you do any padding? If not you might be vulnerable to multiplication because: RSA(a)*RSA(b) == RSA(a*b) and if you are doing padding (eg with random inputs if any seeded by the plaintext and a fixed secrete seed), then you need rigorously verify the padding on decrypt or the padding may not defend against multiplication. Adam _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
