On 10 Aug 2002, Eric Rescorla wrote:
>It's generally a bad idea to sign RSA data directly. The RSA
>primitive is actually quite fragile. At the very least you should
>PKCS-1 pad the data.
>
>-Ekr
This is true. Cyclopedia Cryptologia has a short article detailing
some of the attacks against direct use of RSA.
http://www.disappearing-inc.com/R/rsa.html
is a good URL if you want to read it.
Ray
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]