I'm surprised crypto-libraries let them use rsa 128 even
RSA-128, no padding, AES-ECB (penguins!), using the time of day as an entropy source for generating AES keys... This app has it all.https://twitter.com/comex/status/963258422220111872 …
-
-
-
They implemented textbook RSA from scratch.
End of conversation
New conversation -
-
-
Of course they implemented their own crypto. That's how you make these mistakes. This is literally the worst example ever of implementing your own crypto.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
They probably assumed the strength was comparable to 128-bit AES when really the recommendation for comparable security tends to be 3072 bits for RSA and 256 bits for ECC. It makes sense as a mistake by people with zero experience / knowledge about cryptography.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I'm pretty sure they implemented RSA themselves. It's literally an expmod.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
If they had done basic research they wouldn't be trying to invent their own authenticated encryption algorithm by gluing together raw AES and RSA translated from pseudo-code in a book... :\
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
WHAT 128 bit RSA???
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.