This Post Brought to You By The Number 3, and The Letters and S and L
There’s a fascinating discussion of the intersection of cryptanalysis, specification and flexibility, all of it stemming from yet another SSL attack by Bleichenbacher. The best posts are over at Matasano:
- Many RSA Signatures May Be Forgeable In OpenSSL and Elsewhere
- Mozilla Falls to RSA Forgery Attack
- RSA Signature Forgery Explained (with Nate Lawson) – Part I, Part II, and Part III.
- Halvar Flake and Nate Lawson on Alternative Padding Schemes
Tom claimed on Thursday that they’d have part 4 up “tonight.” I guess winter nights are long in Illinois.
3 comments on "This Post Brought to You By The Number 3, and The Letters and S and L"
Bliechenbacher link is dead.
I before E except after BL.
Fixed those, thanks!
PS: “L” is 66% similar to “C” in shape, and so the rule applies 33% of the time. 😉
Comments are closed.