Kevin W. Wall wrote:
isn't the pre-shared key version of W3C's XML Encrypt also going to be
vulnerable
to a padding oracle attack.
Any implementation that returns distinguishable error conditions for invalid
padding is vulnerable, XML encryption no more or less so if used in such a
manner.
On 01-10-2010 02:41, Victor Duchovni wrote:
Should we be confident that 4-prime RSA is stronger at 2048 bits than
2-prime is at 1024? At the very least, it is not stronger against ECM
(yes ECM is not effective at this factor size) and while GNFS is not
known to benefit from small factors, is