[Top] [All Lists]

Re: Way Forward

2000-08-02 08:28:59

I do not think that we are being gratuitous. I think that it is good security practice to remove any toe-hold that an attacker has. Further, I do not believe that the CMS layer in current S/MIME implementations exhibit the behavior (or lack thereof) necessary to be immune from the attack against RSA PKCS#1 v1.5.


At 02:18 PM 08/01/2000 -0700, Eric Rescorla wrote:
Russ Housley <housley(_at_)spyrus(_dot_)com> writes:
> The attack is probably impossible to mount using S/MIME against a
> human-operated mail agent; however, I am not convinced that a mail list
> agent (or other automated mail agent) would be immune.  Further, CMS is
> being used in many environments, not just S/MIME, and some of those
> environments may have issues.
Understood, but it's trivial to patch these S/MIME agents to
be completely immune to this attack without compromising compatibility.

> OAEP have been available for years.  PKCS#1 v2.0 includes it.  I do not
> think that it is immature.
That's not the issue that I am concerned with. Rather, I'm concerned
with introducing gratuitous incompatibilities.


<Prev in Thread] Current Thread [Next in Thread>