Suppose an OpenSSL buffer overflow allows code exec. Target is running Titus. Can't attacker steal key using, e.g., RSA_NO_PADDING? @__agwa
-
-
The attacker can use RSA_NO_PADDING to find decryptions of small primes; post-access can decrypt anything that happens to be smooth.
@__agwa -
Even if you limit to PKCS, has anyone analyzed how much is leaked from long fake "hashes"? Hashing should be inside security module.
@__agwa -
@hashbreaker@__agwa Take that to its logical conclusion: The entire crypto protocol implementation should be in the security module.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.