The DailyWTF has an entertainnig writeup on how not to use strong crypto to protect an embedded device, in this case a Wii, at http://thedailywtf.com/Articles/Anatomii-of-a-Hack.aspx. The signature-verification function was particularly entertaining:
decrypt_rsa(signature, public_key, decrypted_signature); if(strncmp(content_sha1, decrypted_signature + 236, 20) == 0) [...] (And before you burst out laughing, Apple did something only slightly less bad in the iPhone). Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]