Hi Simon--
On 03/17/2011 04:45 AM, Simon Josefsson wrote:
> Don't forget to add RSA blinding, otherwise it may be vulnerable in the
> real world. I wish Nettle supported this natively, RSA is not generally
> safe without it.
Thanks for this suggestion -- i'm not sure that the perl bindings are
the right place to do this, though. Do other Nettle language bindings
handle RSA blinding? I'd rather have the perl bindings stay fairly
close to the underlying C library.
My understanding is that RSA blinding is a countermeasure against timing
attacks, and that it introduces a new dependency on some sort of RNG
(though perhaps a weak one?) to parts of the process that wouldn't
otherwise need it. I'd certainly prefer to have that handled within the
lower-level library if possible, though i wouldn't mind creating and
handing in a yarrow context for each of these operations.
--dkg
_______________________________________________
nettle-bugs mailing list
[email protected]
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
