Re: RSACryptoServiceProvider minimum key-length

From: wip@xxxxxx
Date: 16 Mar 2007 05:17:50 -0700

hi,

FYI: we are now using a third-party .net lib (http://www.cryptosys.net/
pki/) which alllows us to use the required key length. seems to work
fine...

br, pingram.

On 13 Mrz., 16:44, "Valery Pryamikov" <val...@xxxxxxxxx> wrote:

On Mar 13, 7:45 am, "Joe Kaplan"

<joseph.e.kap...@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:

It sounds like you are out of luck then. Like Valery said, this key is so
insecure as to be useless and is not supported by .NET cryptography. I'm
not sure what options you have. Perhaps an alternate crypto API for .NET
supports such weak keys.

I'd suggest pushing back on the spec or looking for different options.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"http://www.directoryprogramming.net

Thanks Joe for warm wellcomeback :D.

As about available options for the original poster - the best one
would be to fire the person that did the spec because this kind of
ignorance is really depressive. Person knows nothing about
cryptography, but consider him/her self capable of writting crypto/
security spec.
As I understand - all they wanted is to have a short authentication
code. I'm not even sure that they needed signature as authentication
code, but even for that - there are short signatures available that
simultaneously provide good security bounds. But if they only need
authentication code - they could simply use MAC (or HMAC).

-Valeryhttp://www.harper.no/valery

Follow-Ups:
- Re: RSACryptoServiceProvider minimum key-length
  - From: Dominick Baier

References:
- RSACryptoServiceProvider minimum key-length
  - From: wip
- Re: RSACryptoServiceProvider minimum key-length
  - From: Joe Kaplan
- Re: RSACryptoServiceProvider minimum key-length
  - From: wip
- Re: RSACryptoServiceProvider minimum key-length
  - From: Joe Kaplan
- Re: RSACryptoServiceProvider minimum key-length
  - From: wip
- Re: RSACryptoServiceProvider minimum key-length
  - From: Joe Kaplan
- Re: RSACryptoServiceProvider minimum key-length
  - From: Valery Pryamikov

Prev by Date: RijndaelManaged's question, how can I encrypt text more than 16bytes
Next by Date: Re: WindowsIdentity - Invalid token; it cannot be duplicated
Previous by thread: Re: RSACryptoServiceProvider minimum key-length
Next by thread: Re: RSACryptoServiceProvider minimum key-length
Index(es):
- Date
- Thread

Relevant Pages

Re: RSACryptoServiceProvider minimum key-length
... I'd suggest pushing back on the spec or looking for different ... cryptography, but consider him/her self capable of writting crypto/ ... As I understand - all they wanted is to have a short authentication ... I'm not even sure that they needed signature as authentication ...
(microsoft.public.dotnet.security)
Re: Does OTP need authentication?
... >> You are attending the FSE crypto conference in New Delhi. ... > scenario provided both message integrity and message authentication. ... This is true of all cryptography, whether symmetric-key, ... Data origin authentication is a type of authentication ...
(sci.crypt)
Re: Cryptography opinions
... cryptography in general is authentication. ... Secure communications, bundled with secure authentication means, are the ... access networks, ...
(sci.crypt)
Re: Security - ciphers - autentification
... I think you're heading down the wrong path, my friend. ... Cryptography), you need to define exactly what you're trying to protect, ... your description sounds like a reinvention of HTTP digest authentication, ... reason for avoiding established algorithms and protocols. ...
(SecProg)