> While OpenSSL definitely does provide for blinding, several > widely-deployed applications don't seem to enable this option. > One reason is it doesn't appear possible to enable blinding > from the SSL library itself.
After reading the paper, and looking at the OpenSSL RSA blinding code, I feel pretty confident that RSA blinding should be the default for RSA keys.
Let's face it: if RSA keys are used for signing documents offline (S/MIME, etc), speed does not really matter; turning on blinding by default wont hurt. If RSA keys are used for SSL servers, security is critical; again, blinding sould be turned on by default.
If on the other hand, a lot (thousands) of documents are being signed offline, speed becomes critical, and it's up to the application developer to disable RSA blinding for such special tasks.
Kind regards, Remo
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
