You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@milagro.apache.org by GitBox <gi...@apache.org> on 2021/03/28 15:19:02 UTC

[GitHub] [incubator-milagro-crypto-c] 1one-w01f commented on issue #90: Incorrect RSA private key generation and potentials for fault attack

1one-w01f commented on issue #90:
URL: https://github.com/apache/incubator-milagro-crypto-c/issues/90#issuecomment-808910920


   Thanks for the explanation, that is rather interesting. I didn't think of the reason why when I first posted the question, but it makes sense to me now.
   
   If one plans to stick with milagro alone then it's probably going to be fine, but if one needs to integrate/interoperate with other systems/crypto libraries as I did in my case, then this might not be ideal, because the API call doesn't seem to block/warn about 1 mod 4 primes, which might increase the chance of fault attack due to oversight in API usage, as explained in my original question.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@milagro.apache.org
For additional commands, e-mail: issues-help@milagro.apache.org