From: Simon Spero <ses@tipper.oit.unc.edu>
To: JMKELSEY@delphi.com
Message Hash: d0c6e05d5121e69228d93a2e177c5f1330b0b7427daa8fe0009c502a549531e4
Message ID: <Pine.SOL.3.91.960125230335.2084A-100000@chivalry>
Reply To: <01I0FXJK293C9DCXJ9@delphi.com>
UTC Datetime: 1996-01-26 09:10:01 UTC
Raw Date: Fri, 26 Jan 1996 17:10:01 +0800
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 26 Jan 1996 17:10:01 +0800
To: JMKELSEY@delphi.com
Subject: Re: Lotus Notes
In-Reply-To: <01I0FXJK293C9DCXJ9@delphi.com>
Message-ID: <Pine.SOL.3.91.960125230335.2084A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain
[Birthday paradoxing to get test for non-random padding]
> simply generating a few thousand messages (maybe six or seven
> thousand, to be safe), and seeing whether or not we ever get a
> duplicate LEAF. We expect to, after about 2^12 encryptions, if
If you were to try this, you'ld probably want to try around 12,000 to
reach the 95% confidence interval. However, I seriously doubt that this
is going to be the case; they're using BSAFE, which does random padding
to PCKS1 in just about all it's RSA modes. The only people Lotus could
hire to get it that wrong probably have too much tied up in options to be
easily head-hunted.
Simon
Return to January 1996
Return to “Simon Spero <ses@tipper.oit.unc.edu>”