On 10 Aug 2002, Eric Rescorla wrote:

>It's generally a bad idea to sign RSA data directly. The RSA
>primitive is actually quite fragile. At the very least you should
>PKCS-1 pad the data.
>
>-Ekr

This is true.  Cyclopedia Cryptologia has a short article detailing
some of the attacks against direct use of RSA.

http://www.disappearing-inc.com/R/rsa.html

is a good URL if you want to read it.

                        Ray



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to