A similar approach enabled Bleichenbacher's SSL attack on RSA with PKCS#1 padding. This sounds very dangerous to me.
William > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of cyphrpunk > Sent: Friday, October 28, 2005 5:07 AM > To: [EMAIL PROTECTED]; cryptography@metzdowd.com > Subject: Re: [EMAIL PROTECTED]: Skype security evaluation] > > Wasn't there a rumor last year that Skype didn't do any encryption > padding, it just did a straight exponentiation of the plaintext? > > Would that be safe, if as the report suggests, the data being > encrypted is 128 random bits (and assuming the encryption exponent is > considerably bigger than 3)? Seems like it's probably OK. A bit risky > perhaps to ride bareback like that but I don't see anything inherently > fatal. > > CP > > --------------------------------------------------------------------- > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to > [EMAIL PROTECTED] > >
