[smb at cs.columbia.edu: Skype security evaluation]
Dirk-Willem van Gulik
dirkx at webweaving.org
Wed Oct 26 07:47:22 PDT 2005
On Mon, 24 Oct 2005, cyphrpunk wrote:
> Is it possible that Skype doesn't use RSA encryption? Or if they do,
> do they do it without using any padding, and is that safe?
You may want to read the report itself:
http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf
and perhaps section 3.2.3 (about padding) and 3.2.2 (about how RSA is
used) may help with this (and what it is used for in section 2).
Dw.
More information about the cypherpunks-legacy
mailing list