Posted in Crypto, general on September 20, 2006 | No Comments »
I just read several articles regarding another attack on SSL by Bleichenbacher in Adam’s blog.
Here are the interesting articles :
Many RSA Signatures May Be Forgeable In OpenSSL and Elsewhere
Mozilla Falls to RSA Forgery Attack
RSA Signature Forgery Explained (with Nate Lawson) - Part I, Part II, and Part III.
Halvar Flake and Nate Lawson [...]
Posted in Crypto on August 29, 2006 | 1 Comment »
I just read a news article regarding a demonstration on a modified method of attack against a reduced variant of the SHA-1 hash algorithm.
My suggestion, if you need more security, then start to use SHA-256 or even SHA-512. For normal usage, you can still use SHA-1 but may be not for a long time.
You can [...]
