[tahoe-dev] Crypto++ Fwd: yesterday's NYT article
zooko
zooko at zooko.com
Sun Nov 18 21:33:19 PST 2007
See, the attached message is the kind of thing that makes me feel
good about relying on Crypto++. (Wei Dai is the author of Crypto++
and has been actively maintaining it for more than a decade now,
since he was inspired to create it by The Cypherpunks movement.)
Regards,
Zooko
Begin forwarded message:
> From: "Wei Dai" <weidai at weidai.com>
> Date: November 18, 2007 4:22:19 AM PST
> To: "Crypto++ Users" <cryptopp-users at googlegroups.com>
> Subject: yesterday's NYT article
>
>
> If you read yesterday's New York Times article at
> http://www.nytimes.com/2007/11/17/technology/17code.html (Shamir's
> paper
> that's referenced can be found at http://cryptome.org/bug-
> attack.htm), you
> might be interested to know that the RSA implementation in Crypto++ is
> already protected against this attack, even if a multiplication bug
> does
> exist in the CPU.
>
> I'm not sure why neither the article nor Shamir's paper mention
> this, but
> it's been well known for some time that in order to protect against
> this
> kind of fault attack, after doing the RSA private key operation
> y=x^d mod n,
> one should check that the result is correct by verifying that x=y^e
> mod n.
> Crypto++ has done this since version 5.1.
>
>
>
>
> --~--~---------~--~----~------------~-------~--~----~
> You received this message because you are subscribed to the "Crypto+
> + Users" Google Group.
> To unsubscribe, send an email to cryptopp-users-
> unsubscribe at googlegroups.com.
> More information about Crypto++ and this group is available at
> http://www.cryptopp.com.
> -~----------~----~----~----~------~----~------~--~---
>
More information about the tahoe-dev
mailing list