[cryptography] Another signature-scheme blunder
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Mon Mar 21 05:32:11 PDT 2011
Looks like Motorola made a similar mistake to Sony in their digital
signatures:
http://nenolod.net/~nenolod/sholes-keyleak-explained.html
The description is a bit confusing (did they really use Elgamal signatures
rather than, say, DSA?), but it's basically the same thing Sony did. If they
used actual Elgamal sigs though they went even further than Sony, along with
rolling their own broken crypto implementation they also decided to go their
own way with the signature scheme they used. As I've said a number of times
before:
In practice you don.t need to know all the gory details of encryption modes
and IVs and other cryptoplumbing, you just need to make sure that you apply
the right tool for the job. The right tool for fixing a blocked drain is a
plumber, and the right tool for dealing with problems requiring cryptography
is a security library written by someone who knows what they.re doing.
Or to quote Bruce:
"anyone who creates his or her own cryptographic primitives is either a
genius or a fool. Given the genius/fool ratio for out species, the odds
aren't very good".
Peter.
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list