Deutsch | English

[Ach] some thoughts on POODLE, BERserk etc.

ianG iang at iang.org
Tue Nov 4 22:47:55 CET 2014


On 4/11/2014 20:28 pm, Hanno Böck wrote:
> Hi,
> 
> I thought the readers of this list might be interested, I did a quite
> extensive writeup what I think are the lessons from the last two SSL
> security issues POODLE and BERserk:
> https://blog.hboeck.de/archives/858-Dancing-protocols,-POODLEs-and-other-tales-from-TLS.html


Nice article!!

I use e=3, is it fundamentally broken?  Or just in cohoots with pkcs 1.5?

(I was warned off 1.5, and what I do is a blinding phase then the RSA
phase, rather that OAEP or pkcs 2.  Homebrew crypto so fun but scary.)


iang



More information about the Ach mailing list
Kontakt
Email: reports@cert.at
Tel.: +43 1 5056416 78
mehr ...
Warnungen
mehr ...
Blog
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

(HTML, PDF).
Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung