On Sep 20, 2006, at 3:10 PM, Kuehn, Ulrich wrote:
-BEGIN CERTIFICATE-
MIICgzCCAWugAwIBAgIBFzANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYw
ODE5MTY1MTMwWhcNMDYxMD
> From: Ralf-Philipp Weinmann
> [mailto:[EMAIL PROTECTED]
[...]
> Unfortunately we only found out that there has been prior art
> by Yutaka Oiwa et al. *AFTER* we successfully forged a
> certificate using this method (we being Andrei Pyshkin, Erik
> Tews and myself).
>
> The certificate we
On Sep 16, 2006, at 11:31 PM, Eric Young wrote:
This is a question I would not mind having answered; while the
exponent 3 attack works when there are low bits to 'modify', there
has been talk of an attack where the ASN.1 is correctly right
justified (hash is the least significant bytes), b
James A. Donald wrote:
--
James A. Donald wrote:
>> Code is going wrong because ASN.1 can contain
>> complicated malicious information to cause code to go
>> wrong. If we do not have that information, or simply
>> ignore it, no problem.
Ben Laurie wrote:
> This is incorrect. The simple form
