Re: Determinstic OpenSSL signature
From: Anne & Lynn Wheeler (lynn_at_garlic.com)
Date: 06/02/05
- Previous message: none: "Re: Bittorrent Question"
- In reply to: Bodo Moeller: "Re: Determinstic OpenSSL signature"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 02 Jun 2005 15:27:44 -0600
bmoeller@acm.org (Bodo Moeller) writes:
> Other examples: Apart from SSL, you must expect to find this kind of
> padding in X.509 certificates using RSA signatures (it's not the
> only scheme in use, but very common). Also RSA signing in PGP uses
> it.
one of the somewhat legacies of the 90s has been use of RSA in
infrastructures that might consider deploying hardware tokens (as a
integrity mechanism). the tokens from the era typically had very poor
random number capability ... which is required for key generation
... but also required by dsa and ecdsa for every signature generated.
In the RSA scenario, the infrastructures could implement token key
injection with the key generation happening on an external device with
reasonable random number capability.
there are some peculiarities of dsa/ecdsa signatures (because of the
random number) vis-a-vis RSA ... if somebody signed the same exact
data multiple times ... all the signatures would be different (and
non-deterministic)
-- Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
- Previous message: none: "Re: Bittorrent Question"
- In reply to: Bodo Moeller: "Re: Determinstic OpenSSL signature"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
