From: Ralf-Philipp Weinmann
[mailto:[EMAIL PROTECTED]
[...]
Unfortunately we only found out that there has been prior art
by Yutaka Oiwa et al. *AFTER* we successfully forged a
certificate using this method (we being Andrei Pyshkin, Erik
Tews and myself).
The certificate we forged
On Sep 20, 2006, at 3:10 PM, Kuehn, Ulrich wrote:
-BEGIN CERTIFICATE-
MIICgzCCAWugAwIBAgIBFzANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYw
On Sep 16, 2006, at 11:31 PM, Eric Young wrote:
This is a question I would not mind having answered; while the
exponent 3 attack works when there are low bits to 'modify', there
has been talk of an attack where the ASN.1 is correctly right
justified (hash is the least significant bytes),
James A. Donald wrote:
--
James A. Donald wrote:
Code is going wrong because ASN.1 can contain
complicated malicious information to cause code to go
wrong. If we do not have that information, or simply
ignore it, no problem.
Ben Laurie wrote:
This is incorrect. The simple form of the
