@alexstamos @durov @csoghoian @WIRED @iRowan @EFF @FredericJacobs some technical criticismhttps://twitter.com/alyssarowan/status/582244684216561665 …
@durov @headhntr @WIRED @iRowan @EFF @FredericJacobs @AlyssaRowan you might want to check @sweis’s tweets. He’s been pointing out oddities
-
-
@bascule@durov@headhntr@WIRED@iRowan@EFF@FredericJacobs@AlyssaRowan I found out Java defaults to PKCS#1 padding so it's not raw RSA. -
@sweis@durov@headhntr@WIRED@iRowan@EFF@FredericJacobs@AlyssaRowan secure by accident? -
@sweis@durov@headhntr@WIRED@iRowan@EFF@FredericJacobs@AlyssaRowan note that a better designed protocol would probably use e.g. OAEP -
@sweis@durov@headhntr@WIRED@iRowan@EFF@FredericJacobs@AlyssaRowan ...or not use RSA at all and use ECC instead -
@sweis@bascule@headhntr@FredericJacobs@AlyssaRowan Related-key attacks? AES partially derived from msg_key (SHA-1 of salt|SID|...). - 2 more replies
New conversation -
-
-
@durov@iRowan@EFF@sweis you're using unpadded RSA? Seems really bad:https://twitter.com/sweis/status/582275324727070720 … -
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.