A similar approach enabled Bleichenbacher's SSL attack on 
RSA with PKCS#1 padding. This sounds very dangerous to me.


> -----Original Message-----
> [mailto:[EMAIL PROTECTED] On Behalf Of cyphrpunk
> Sent: Friday, October 28, 2005 5:07 AM
> To: [EMAIL PROTECTED]; cryptography@metzdowd.com
> Subject: Re: [EMAIL PROTECTED]: Skype security evaluation]
> Wasn't there a rumor last year that Skype didn't do any encryption
> padding, it just did a straight exponentiation of the plaintext?
> Would that be safe, if as the report suggests, the data being
> encrypted is 128 random bits (and assuming the encryption exponent is
> considerably bigger than 3)? Seems like it's probably OK. A bit risky
> perhaps to ride bareback like that but I don't see anything inherently
> fatal.
> CP
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to 

Reply via email to