On Thu, Feb 23, 2006, Chris wrote: > On 2/23/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: > > > > There are security issues associated with RSA private key operations which > > are > > handled by OpenSSL trying the reverse operation using a public key which > > requires the public exponent. > > > > While this is particularly the case when all CRT components are present > > there > > are some lesser ones when just the private exponent is used. > > > > In any case it is a good idea to use or recalculate the CRT components > > because > > RSA is much quicker when they are present. > > > Thanks. I knew the blinding was in there but I was not sure how it was > implemented. >
Actually cwitthat isn't blinding I was referring to. It is protection against a well known attack where if an RSA private key operation calculation fails and the invalid data is visible (for example an invalid signature) the private key can be leaked. For CRT a single error is sufficient. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
