RSA Signature Forgery Explained (with Nate Lawson) - Wrapup
Nate | September 29th, 2006 | Filed Under: Defenses, Guests, New Findings, Uncategorized
«Previous: Attacks on Other Algorithms | [Top][]
If you missed out on the analysis of RSA and other public key implementation security, here’s a summary of all that we covered.
- Introduction and impact of RSA padding verification flaw
- Why public key crypto is so vulnerable to implementation flaws
- How the exploit works for vulnerable RSA implementations
- How to fix the problem properly and a wishful analysis of how the repair process might have been
- Other ways to screw up RSA verification as seen in other systems
- Implementation flaws for EC, Diffie-Hellman, SRP, and other public key systems
Footnote: why RSA-PSS is not a panacea
We hope you enjoyed the series and learned something about the many ways public key crypto can fail if not implemented perfectly. If you are thinking about implementing your own public key crypto, think again. If you’re responsible for maintaining existing libraries (or a security researcher), there are plenty out there still vulnerable to the flaws we described. Please change that!
Sincerely,
Nate and Tom
Add New Comment
Viewing 1 Comment
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Do you already have an account? Log in and claim this comment.
Add New Comment
Trackbacks